1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Google being redirected to monster search when clicking links

Discussion in 'Virus & Other Malware Removal' started by MoeGreene0, Dec 21, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. MoeGreene0

    MoeGreene0 Thread Starter

    Joined:
    Dec 21, 2012
    Messages:
    3
    Hello all,

    I seem to have a contaminated system. Please help! When I search anything in google (in Google Chrome, doesn't happen in IE strangely) and I click a result link, I get redirected to monstersearch.
     
  2. MoeGreene0

    MoeGreene0 Thread Starter

    Joined:
    Dec 21, 2012
    Messages:
    3
    HIJACKTHIS LOG

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:54:33 PM, on 12/21/2012
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Webroot\WRSA.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
    C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\Ask.com\Updater\Updater.exe
    C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
    C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\Program Files (x86)\Windows Media Player\setup_wm.exe
    C:\Users\Mr. X\Downloads\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 216.239.32.20 www.google.ae # bck9
    O1 - Hosts: 216.239.32.20 www.google.at # bck9
    O1 - Hosts: 216.239.32.20 www.google.be # bck9
    O1 - Hosts: 216.239.32.20 www.google.ca # bck9
    O1 - Hosts: 216.239.32.20 www.google.ch # bck9
    O1 - Hosts: 216.239.32.20 www.google.cl # bck9
    O1 - Hosts: 216.239.32.20 www.google.co.il # bck9
    O1 - Hosts: 216.239.32.20 www.google.co.in # bck9
    O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9
    O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9
    O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9
    O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9
    O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9
    O1 - Hosts: 216.239.32.20 www.google.co.za # bck9
    O1 - Hosts: 216.239.32.20 www.google.com # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.au # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.br # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.co # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.my # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.ph # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.pk # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.sg # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.tr # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.tw # bck9
    O1 - Hosts: 216.239.32.20 www.google.com.ua # bck9
    O1 - Hosts: 216.239.32.20 www.google.de # bck9
    O1 - Hosts: 216.239.32.20 www.google.dk # bck9
    O1 - Hosts: 216.239.32.20 www.google.es # bck9
    O1 - Hosts: 216.239.32.20 www.google.fi # bck9
    O1 - Hosts: 216.239.32.20 www.google.fr # bck9
    O1 - Hosts: 216.239.32.20 www.google.it # bck9
    O1 - Hosts: 216.239.32.20 www.google.lt # bck9
    O1 - Hosts: 216.239.32.20 www.google.lv # bck9
    O1 - Hosts: 216.239.32.20 www.google.nl # bck9
    O1 - Hosts: 216.239.32.20 www.google.pl # bck9
    O1 - Hosts: 216.239.32.20 www.google.pt # bck9
    O1 - Hosts: 216.239.32.20 www.google.ro # bck9
    O1 - Hosts: 216.239.32.20 www.google.ru # bck9
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O3 - Toolbar: Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
    O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
    O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
    O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
    O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    O4 - HKLM\..\Run: [Nike+ Connect] "C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Mr. X\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: CurseClientStartup.ccip
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O4 - Global Startup: Install Webroot FF RunOnce.lnk = C:\Program Files (x86)\Common Files\wruninstall.exe
    O4 - Global Startup: Install Webroot IE RunOnce.lnk = C:\Program Files (x86)\Common Files\wruninstall.exe
    O4 - Global Startup: UVA ITC Network Setup Tool Cert Checker.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\pkg\LPBar.dll
    O9 - Extra 'Tools' menuitem: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\pkg\LPBar.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~2.DLL
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
    O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf Ltd - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: WRSVC - Webroot - C:\Program Files\Webroot\WRSA.exe
    --
    End of file - 18712 bytes

    DDS LOG

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16457
    Run by Mr. X at 23:55:48 on 2012-12-21
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6077.3106 [GMT -5:00]
    .
    AV: Webroot SecureAnywhere *Enabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Webroot SecureAnywhere *Enabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\FBAgent.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
    C:\Program Files\Webroot\WRSA.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
    C:\Program Files\P4G\BatteryLife.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
    C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\Ask.com\Updater\Updater.exe
    C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Users\Mr. X\AppData\Local\Apps\2.0\NXBCZX1J.C68\2AQHB5PC.LHG\curs..tion_9e9e83ddf3ed3ead_0005.0001_f88ee66177b243ac\CurseClient.exe
    C:\Program Files\Webroot\WRSA.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\SysWOW64\wusa.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\Program Files (x86)\Windows Media Player\setup_wm.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Users\Mr. X\Downloads\HijackThis.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\SysWow64\NOTEPAD.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Mr. X\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
    BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
    uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
    uRun: [Google Update] "C:\Users\Mr. X\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
    mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
    mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
    mRun: [UpdReg] C:\Windows\UpdReg.EXE
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
    mRun: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
    mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    mRun: [Nike+ Connect] "C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    StartupFolder: C:\Users\Mr. X\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\UVAITC~1.LNK - C:\Windows\Installer\{A4766C69-E64B-47D4-984C-BE9E91FDDBF3}\_93C62315C0D5B38E0A1810.exe
    uPolicies-Explorer: NoViewOnDrive = dword:0
    uPolicies-Explorer: NoDrives = dword:0
    uPolicies-Explorer: DisableLocalMachineRun = dword:0
    uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
    uPolicies-Explorer: DisableCurrentUserRun = dword:0
    uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
    uPolicies-Explorer: NoFile = dword:0
    uPolicies-Explorer: HideClock = dword:0
    uPolicies-Explorer: NoDevMgrUpdate = dword:0
    uPolicies-Explorer: NoDFSTab = dword:0
    uPolicies-Explorer: NoWindowsUpdate = dword:0
    uPolicies-Explorer: NoEncryptOnMove = dword:0
    uPolicies-Explorer: NoRunasInstallPrompt = dword:0
    uPolicies-Explorer: NoResolveTrack = dword:0
    uPolicies-Explorer: NoStartMenuSubFolders = dword:0
    uPolicies-System: NoDispAppearancePage = dword:0
    uPolicies-System: NoDispSettingsPage = dword:0
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoViewOnDrive = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: DisableLocalMachineRun = dword:0
    mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
    mPolicies-Explorer: DisableCurrentUserRun = dword:0
    mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
    mPolicies-Explorer: NoFile = dword:0
    mPolicies-Explorer: HideClock = dword:0
    mPolicies-Explorer: NoDevMgrUpdate = dword:0
    mPolicies-Explorer: NoDFSTab = dword:0
    mPolicies-Explorer: NoWindowsUpdate = dword:0
    mPolicies-Explorer: NoEncryptOnMove = dword:0
    mPolicies-Explorer: NoRunasInstallPrompt = dword:0
    mPolicies-Explorer: NoResolveTrack = dword:0
    mPolicies-Explorer: NoStartMenuSubFolders = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: NoDispAppearancePage = dword:0
    mPolicies-System: NoDispSettingsPage = dword:0
    mPolicies-Explorer: NoViewOnDrive = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: DisableLocalMachineRun = dword:0
    mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
    mPolicies-Explorer: DisableCurrentUserRun = dword:0
    mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
    mPolicies-Explorer: NoFile = dword:0
    mPolicies-Explorer: HideClock = dword:0
    mPolicies-Explorer: NoDevMgrUpdate = dword:0
    mPolicies-Explorer: NoDFSTab = dword:0
    mPolicies-Explorer: NoWindowsUpdate = dword:0
    mPolicies-Explorer: NoEncryptOnMove = dword:0
    mPolicies-Explorer: NoRunasInstallPrompt = dword:0
    mPolicies-Explorer: NoResolveTrack = dword:0
    mPolicies-Explorer: NoStartMenuSubFolders = dword:0
    mPolicies-System: NoDispAppearancePage = dword:0
    mPolicies-System: NoDispSettingsPage = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 192.168.1.1 71.252.0.12
    TCP: Interfaces\{8C7D1A75-35BB-45E0-AFCD-D779D91A77FF} : DHCPNameServer = 192.168.1.1 71.252.0.12
    TCP: Interfaces\{8C7D1A75-35BB-45E0-AFCD-D779D91A77FF}\249637F6E6 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{8C7D1A75-35BB-45E0-AFCD-D779D91A77FF}\34C61627B656024556D607C65647F6E6723702E4564777F627B6 : DHCPNameServer = 10.0.1.1
    TCP: Interfaces\{8C7D1A75-35BB-45E0-AFCD-D779D91A77FF}\36166716C6965627 : DHCPNameServer = 128.143.2.7 128.143.3.7 128.143.22.119
    TCP: Interfaces\{8C7D1A75-35BB-45E0-AFCD-D779D91A77FF}\75F6F64627F677021407162747D656E64737 : DHCPNameServer = 10.128.128.128
    TCP: Interfaces\{8C7D1A75-35BB-45E0-AFCD-D779D91A77FF}\8496024586562756 : DHCPNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{8C7D1A75-35BB-45E0-AFCD-D779D91A77FF}\D656469616C696E6B6 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{EE490C56-892B-4273-9D9C-57375CA7BC7F} : DHCPNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{F395D31E-B01B-4BDD-801A-540774D8ED12} : DHCPNameServer = 10.0.1.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~2.DLL
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [RunDLLEntry] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\AmbRunE.dll,RunDLLEntry
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    Hosts: 216.239.32.20 www.google.ae # bck9
    Hosts: 216.239.32.20 www.google.at # bck9
    Hosts: 216.239.32.20 www.google.be # bck9
    Hosts: 216.239.32.20 www.google.ca # bck9
    Hosts: 216.239.32.20 www.google.ch # bck9
    .
    Note: multiple HOSTS entries found. Please refer to Attach.txt
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 11889889;11889889;C:\Windows\System32\drivers\11889889.sys [2012-11-20 460888]
    R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2012-8-15 111776]
    R1 3667364drv;3667364drv;C:\Windows\System32\drivers\3667364drv.sys [2012-11-20 556632]
    R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-8-23 30568]
    R1 bckd;bckd;C:\Windows\System32\drivers\bckd.sys [2012-2-13 108304]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-4-25 283200]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
    R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2012-4-25 359552]
    R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2012-4-25 14904]
    R2 bckwfs;Blue Coat K9 Web Protection;C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2012-2-13 2122000]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-16 399432]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-16 676936]
    R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2012-4-25 60416]
    R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2012-4-25 55808]
    R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2010-5-18 327064]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-4-25 2314240]
    R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-8 711112]
    R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2012-8-15 733808]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-4-25 35104]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2012-4-25 56344]
    R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2012-4-25 58368]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-9-16 25928]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
    S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2011-4-19 1254464]
    S3 BrSerIb;Brother MFC Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2009-7-13 281088]
    S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSIb.sys [2009-7-13 15360]
    S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-4-25 79360]
    S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-4-25 79360]
    S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-10-10 44928]
    S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-10-10 29696]
    S3 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2012-10-2 18360]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-25 1255736]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
    FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
    FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
    .
    =============== Created Last 30 ================
    .
    2012-12-22 04:48:04 -------- d-----w- C:\28d871d01ab26bfbc8
    2012-12-22 04:46:21 -------- d-----w- C:\Users\Mr. X\AppData\Local\ElevatedDiagnostics
    2012-12-22 04:34:39 -------- d-----w- C:\Users\Mr. X\AVG Antivirus & Internet Security 2013 0 2805 Final (32-64bit)
    2012-12-21 22:25:40 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2012-12-21 22:25:40 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2012-12-21 22:25:39 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2012-12-21 22:25:39 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2012-12-21 15:56:18 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F92AAA80-F0A4-44A6-8088-72E9E6503283}\mpengine.dll
    2012-12-20 06:33:03 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll
    2012-12-20 06:33:03 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll
    2012-12-20 06:33:02 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
    2012-12-20 06:33:01 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
    2012-12-20 06:33:00 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll
    2012-12-20 06:32:58 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
    2012-12-20 06:29:14 -------- d-----w- C:\Program Files (x86)\Farming Simulator 2013
    2012-12-19 20:27:00 110080 ----a-r- C:\Users\Mr. X\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconF7A21AF7.exe
    2012-12-19 20:27:00 110080 ----a-r- C:\Users\Mr. X\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconD7F16134.exe
    2012-12-19 20:27:00 -------- d-----w- C:\sh4ldr
    2012-12-19 20:27:00 -------- d-----w- C:\Program Files (x86)\Enigma Software Group
    2012-12-19 20:26:22 -------- d-----w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
    2012-12-19 20:25:32 -------- d-----w- C:\Users\Mr. X\SpyHunter 4.1.11.0 + Crack
    2012-12-18 06:11:49 -------- d-----w- C:\Users\Mr. X\WinRAR 4.00 32Bit And 64Bit Full-Version {blaze69}
    2012-12-18 03:28:31 -------- d-----w- C:\Users\Mr. X\AppData\Roaming\calibre
    2012-12-17 23:49:28 -------- d-----w- C:\Program Files (x86)\Calibre2
    2012-12-12 04:36:00 -------- d-----w- C:\Users\Mr. X\Infogrid Pacific
    2012-12-12 04:35:59 -------- d-----w- C:\Users\Mr. X\AppData\Roaming\Infogrid Pacific Pte. Ltd
    2012-12-12 04:35:59 -------- d-----w- C:\Users\Mr. X\AppData\Local\Infogrid Pacific Pte. Ltd
    2012-12-11 17:10:10 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
    2012-12-11 17:09:51 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2012-12-11 17:09:51 -------- d-----w- C:\Program Files\iTunes
    2012-12-11 17:09:51 -------- d-----w- C:\Program Files\iPod
    2012-12-11 17:09:51 -------- d-----w- C:\Program Files (x86)\iTunes
    2012-12-11 03:54:26 -------- d-----w- C:\Users\Mr. X\Second Shift - Order by Hugh Howey (Wool 07)
    2012-12-08 18:19:08 -------- d-----w- C:\ProgramData\Nike
    2012-12-08 18:19:07 -------- d-----w- C:\Program Files (x86)\Nike
    2012-11-28 01:59:06 -------- d-----w- C:\Users\Mr. X\AppData\Roaming\SumatraPDF
    2012-11-28 01:59:02 -------- d-----w- C:\Program Files (x86)\SumatraPDF
    2012-11-24 05:02:17 -------- d-----w- C:\ProgramData\Orbit
    2012-11-24 01:05:47 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
    2012-11-24 01:05:45 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
    2012-11-22 21:06:17 -------- d-----w- C:\Program Files (x86)\The Walking Dead Episode 5
    .
    ==================== Find3M ====================
    .
    2012-12-20 16:28:55 45056 ----a-w- C:\Windows\System32\acovcnt.exe
    2012-12-19 22:30:09 151880 ----a-w- C:\Windows\SysWow64\WRusr.dll
    2012-12-19 22:30:09 111776 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
    2012-12-19 22:30:09 105024 ----a-w- C:\Windows\System32\WRusr.dll
    2012-12-13 20:11:32 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-13 20:11:32 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-11-22 08:20:36 3147264 ----a-w- C:\Windows\System32\win32k.sys
    2012-11-21 08:38:03 556632 ----a-w- C:\Windows\System32\drivers\3667364drv.sys
    2012-11-21 08:38:03 460888 ----a-w- C:\Windows\System32\drivers\11889889.sys
    2012-11-20 22:32:40 3123272 ----a-r- C:\Windows\SysWow64\pbsvc.exe
    2012-11-15 15:30:10 9842040 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
    2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-11-09 05:34:27 2048 ----a-w- C:\Windows\System32\tzres.dll
    2012-11-09 04:49:37 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2012-11-08 17:15:47 30568 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
    2012-11-02 05:27:51 478208 ----a-w- C:\Windows\System32\dpnet.dll
    2012-11-02 04:48:28 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
    2012-10-16 21:20:49 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 21:20:46 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 20:34:37 559104 ----a-w- C:\Windows\apppatch\AcLayers.dll
    2012-10-11 03:08:38 44928 ----a-w- C:\Windows\System32\drivers\mcvidrv_x64.sys
    2012-10-11 03:08:36 29696 ----a-w- C:\Windows\System32\drivers\mcaudrv_x64.sys
    2012-10-10 01:31:14 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll
    2012-10-04 17:38:56 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2012-10-04 17:38:56 243200 ----a-w- C:\Windows\System32\wow64.dll
    2012-10-04 17:38:56 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2012-10-04 17:38:24 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2012-10-04 17:35:22 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2012-10-04 17:32:16 425984 ----a-w- C:\Windows\System32\KernelBase.dll
    2012-10-04 16:54:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2012-10-04 16:54:17 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2012-10-04 15:19:57 338432 ----a-w- C:\Windows\System32\conhost.exe
    2012-10-04 14:49:27 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2012-10-04 14:49:24 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2012-10-04 14:49:22 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2012-10-04 14:49:22 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2012-10-04 14:44:29 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2012-10-04 14:44:29 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-10-04 14:44:29 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2012-10-04 14:44:29 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2012-09-29 23:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-09-29 02:42:04 2177704 ----a-w- C:\Windows\System32\coin92.dll
    2012-09-28 15:32:56 5989776 ----a-w- C:\Windows\System32\usbaaplrc.dll
    2012-09-28 15:32:56 53760 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
    2012-09-25 22:39:14 95744 ----a-w- C:\Windows\System32\synceng.dll
    2012-09-25 21:55:17 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
    .
    ============= FINISH: 23:57:37.76 ===============

    ATTACH LOG

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 4/25/2012 11:19:56 AM
    System Uptime: 12/21/2012 9:56:13 PM (2 hours ago)
    .
    Motherboard: PEGATRON CORPORATION | | G60JX
    Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz | Socket 989 | 1600/533mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 446 GiB total, 263.235 GiB free.
    D: is FIXED (FAT32) - 20 GiB total, 7.138 GiB free.
    E: is CDROM ()
    F: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP112: 12/17/2012 6:48:43 PM - Installed calibre
    RP113: 12/18/2012 1:08:57 AM - Installed 7-Zip 9.30 (x64 edition)
    RP114: 12/18/2012 10:35:59 AM - Windows Update
    RP115: 12/19/2012 3:26:27 PM - Installed SpyHunter
    RP116: 12/20/2012 1:32:04 AM - Installed DirectX
    RP117: 12/21/2012 10:55:35 AM - Windows Update
    RP119: 12/21/2012 3:36:00 PM - Windows Defender Checkpoint
    RP120: 12/21/2012 5:25:24 PM - Windows Update
    RP121: 12/21/2012 11:27:43 PM - Windows Update
    .
    ==== Hosts File Hijack ======================
    .
    Hosts: 216.239.32.20 www.google.ae # bck9
    Hosts: 216.239.32.20 www.google.at # bck9
    Hosts: 216.239.32.20 www.google.be # bck9
    Hosts: 216.239.32.20 www.google.ca # bck9
    Hosts: 216.239.32.20 www.google.ch # bck9
    Hosts: 216.239.32.20 www.google.cl # bck9
    Hosts: 216.239.32.20 www.google.co.il # bck9
    Hosts: 216.239.32.20 www.google.co.in # bck9
    Hosts: 216.239.32.20 www.google.co.jp # bck9
    Hosts: 216.239.32.20 www.google.co.kr # bck9
    Hosts: 216.239.32.20 www.google.co.nz # bck9
    Hosts: 216.239.32.20 www.google.co.uk # bck9
    Hosts: 216.239.32.20 www.google.co.ve # bck9
    Hosts: 216.239.32.20 www.google.co.za # bck9
    Hosts: 216.239.32.20 www.google.com # bck9
    Hosts: 216.239.32.20 www.google.com.ar # bck9
    Hosts: 216.239.32.20 www.google.com.au # bck9
    Hosts: 216.239.32.20 www.google.com.br # bck9
    Hosts: 216.239.32.20 www.google.com.co # bck9
    Hosts: 216.239.32.20 www.google.com.gr # bck9
    Hosts: 216.239.32.20 www.google.com.hk # bck9
    Hosts: 216.239.32.20 www.google.com.mx # bck9
    Hosts: 216.239.32.20 www.google.com.my # bck9
    Hosts: 216.239.32.20 www.google.com.pe # bck9
    Hosts: 216.239.32.20 www.google.com.ph # bck9
    Hosts: 216.239.32.20 www.google.com.pk # bck9
    Hosts: 216.239.32.20 www.google.com.sg # bck9
    Hosts: 216.239.32.20 www.google.com.tr # bck9
    Hosts: 216.239.32.20 www.google.com.tw # bck9
    Hosts: 216.239.32.20 www.google.com.ua # bck9
    Hosts: 216.239.32.20 www.google.de # bck9
    Hosts: 216.239.32.20 www.google.dk # bck9
    Hosts: 216.239.32.20 www.google.es # bck9
    Hosts: 216.239.32.20 www.google.fi # bck9
    Hosts: 216.239.32.20 www.google.fr # bck9
    Hosts: 216.239.32.20 www.google.it # bck9
    Hosts: 216.239.32.20 www.google.lt # bck9
    Hosts: 216.239.32.20 www.google.lv # bck9
    Hosts: 216.239.32.20 www.google.nl # bck9
    Hosts: 216.239.32.20 www.google.pl # bck9
    Hosts: 216.239.32.20 www.google.pt # bck9
    Hosts: 216.239.32.20 www.google.ro # bck9
    Hosts: 216.239.32.20 www.google.ru # bck9
    .
    ==== Installed Programs ======================
    .
    µTorrent
    7-Zip 9.20 (x64 edition)
    Adobe Flash Player 11 ActiveX
    Adobe Reader X (10.1.4)
    Alt.Binz 0.39.4
    Amazon MP3 Downloader 1.0.17
    Anki
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Ask Toolbar
    Ask Toolbar Updater
    ASUS AI Recovery
    ASUS Data Security Manager
    ASUS FancyStart
    ASUS LifeFrame3
    ASUS Live Update
    ASUS Power4Gear Hybrid
    ASUS SmartLogon
    ASUS Splendid Video Enhancement Technology
    ASUS Virtual Camera
    ASUS_ScreenSaver_GSeries
    Atheros Client Installation Program
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    ATK Generic Function Service
    ATK Hotkey
    ATK Media
    ATKOSD2
    AVG Security Toolbar
    Blue Coat K9 Web Protection
    Bonjour
    Borderlands 2
    calibre
    CCleaner
    CDisplay 1.8
    Cheat Engine 6.2
    ControlDeck
    Counter-Strike: Global Offensive
    Counter-Strike: Global Offensive - SDK
    Creative MediaSource 5
    CueCard (remove only)
    Curse Client
    DAEMON Tools Pro
    Darksiders II
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Diablo III
    ESET Online Scanner v3
    Express Gate
    Farming Simulator 2013
    Fast Boot
    Glary Utilities Pro 2.50.0.1632
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Intel(R) Management Engine Components
    ITC Network Setup Tool
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 31
    League of Legends
    Malwarebytes Anti-Malware version 1.65.1.1000
    Max Payne 3
    Media Player Codec Pack 4.2.2
    Microsoft .NET Framework 2.0 SDK (x64) - ENU
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Games for Windows Marketplace
    Microsoft Mouse and Keyboard Center
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office Office 64-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 64-bit MUI (English) 2010
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Mumble 1.2.3
    Nike+ Connect
    NVIDIA 3D Vision Driver 296.10
    NVIDIA Control Panel 296.10
    NVIDIA Graphics Driver 296.10
    NVIDIA HD Audio Driver 1.3.12.0
    NVIDIA Install Application
    NVIDIA PhysX
    NVIDIA PhysX System Software 9.12.0213
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update 1.7.11
    NVIDIA Update Components
    Octoshape add-in for Adobe Flash Player
    ooVoo
    Overwolf
    Pando Media Booster
    PeerBlock 1.1 (r518)
    ProtectDisc Driver, Version 11
    PROTOTYPE 2
    PunkBuster Services
    QuickPar 0.9
    QuickTime
    Realtek High Definition Audio Driver
    RICOH R5U230 Media Driver ver.2.05.02.02
    Rockstar Games Social Club
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553096)
    Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
    Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
    Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
    Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
    Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
    Sid Meier's Civilization V
    Skype&#8482; 5.10
    Sound Blaster Audigy HD
    SpyHunter
    StarCraft II
    Steam
    SumatraPDF
    SUPERAntiSpyware
    Superbrothers: Sword & Sworcery EP
    Synaptics Pointing Device Driver
    The Walking Dead Episode 5 (c) Telltales version 1
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553092)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
    Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
    USB 2.0 2.0M UVC WebCam
    Ventrilo Client for Windows x64
    VLC media player 2.0.4
    Webroot SecureAnywhere
    WIDCOMM Bluetooth Software
    Windows Live ID Sign-in Assistant
    WinFlash
    WinRAR 4.00 (64-bit)
    Wireless Console 3
    World of Warcraft
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/21/2012 11:29:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Windows 7 Service Pack 1 for x64-based Systems (KB976932).
    .
    ==== End Of File ===========================
     
  3. MoeGreene0

    MoeGreene0 Thread Starter

    Joined:
    Dec 21, 2012
    Messages:
    3
    I've been trying for the longest time to install Service Pack 1 as well, going through Windows troubleshoot programs, online discussions. I've fixed a handful of XXXXXXX errors which prevent the update from going through, but I think whatever malware I had may have corrupted my system's Update files as well.
     
  4. Conspire

    Conspire Malware Specialist

    Joined:
    Feb 3, 2011
    Messages:
    452
    Hello there, MoeGreene0

    Welcome to TSG

    I'm Conspire, I'll be glad to help you with your computer problems.

    Please observe these rules while we work:
    • Read the entire procedure
    • It is important to perform ALL actions in sequence.
    • If you don't know, stop and ask! Don't keep going on.
    • Please reply to this thread. Do not start a new topic.
    • Stick with me till you're given the all clear.
    • Remember, absence of symptoms does not mean the infection is all gone.
    • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.


    IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

    ---------------------------------------------------------------------------------------------------

    Also note that I will not respond to this thread if I don't receive your reply for 3 days.

    ---------------------------------------------------------------------------------------------------

    Hello,

    Please download aswMBR.exe and save it to your desktop.
    • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
    • Allow it to update where necessary
    • Click Scan
      • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
      • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
    ===================================================

    Download TDSSKiller.exe and save it to your desktop

    Execute TDSSKiller.exe by doubleclicking on it.
    Press Start Scan
    If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
    Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

    ===================================================

    On your next reply please post :
    aswMBR log
    MBR.dat (attachment)
    TDSS Killer log


    Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

    Good Day!
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1081930

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice