JavaScript related virus/bug

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

FusRoDah

Thread Starter
Joined
Jan 19, 2013
Messages
2
A few days ago I was on a company's website and saw an odd advertisement at the bottom. I clicked on it (stupidly) because it seemed so out of place and I didn't want to tell the store owner there was a problem with the site if it turned out to be nothing.

After clicking the link, I started getting these two pop ups on any non- https page I visited. One on the lower left that either asks me if I want to check my computer speed or tells me that I need to download a plugin to play a movie, and one on the right that is modeled after facebook chat windows, and contained text related to whatever was on the website where it showed up.

After alot of fiddling around with things I discovered that if I turned off Java Script in the browser the pop ups stopped appearing. However, it's not realistic for me to not have js turned on because of my email client and, well, facebook.

I ran AVG and found three things it deemed to be viruses, and removed them. One was called temp09.exe and the other two were just random looking strings of letters like wsdwsdgwsd, or something like that. I've run malwarebytes and the like as well but can't figure out how to get rid of this damn bug.

Someone suggested that perhaps clicking the link gave someone my IP address and so perhaps the IP address is being targeted. I can't figure out a way to make my IP address change though, we've tried several times.

Here are the logs requested by your forum, hopefully I pasted them in the right order.

Thank you in advance for any assistance you can give. I have screen shots of the pop ups if that would be helpful. I will post them if requested.

I don't know if it's worth mentioning, but the Gmer scan found three things at the bottom that it marked as suspicious. I've looked up those files and they appear to be legitimate, so I'm not sure if perhaps they are corrupted and that is what is causing this or if Gmer just doesn't recognize them as being legit.

- - - -

HighJack This:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:46:55 AM, on 1/19/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Viktorja\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O1 - Hosts: 192.157.56.28 www.google-analytics.com.
O1 - Hosts: 192.157.56.28 ad-emea.doubleclick.net.
O1 - Hosts: 192.157.56.28 www.statcounter.com.
O1 - Hosts: 192.157.56.28 connect.facebook.net.
O1 - Hosts: 192.157.56.28 platform.twitter.com.
O1 - Hosts: 93.115.241.27 www.google-analytics.com.
O1 - Hosts: 93.115.241.27 ad-emea.doubleclick.net.
O1 - Hosts: 93.115.241.27 www.statcounter.com.
O1 - Hosts: 93.115.241.27 connect.facebook.net.
O1 - Hosts: 93.115.241.27 platform.twitter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files (x86)\Roxio Creator 2009\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = Viktorja\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9717 bytes

- - - -
DDS file:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16446
Run by Viktorja at 11:48:03 on 2013-01-19
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3579.2225 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer.msn.com
uDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
mRun: [CPMonitor] "C:\Program Files (x86)\Roxio Creator 2009\5.0\CPMonitor.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\Users\Viktorja\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Viktorja\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
TCP: NameServer = 97.64.183.164 97.64.209.37 192.168.1.1
TCP: Interfaces\{29BAE0F2-E335-4DCC-8859-25DF6DDFB67F} : DHCPNameServer = 97.64.183.164 97.64.209.37 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://acer.msn.com
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 192.157.56.28 www.google-analytics.com.
Hosts: 192.157.56.28 ad-emea.doubleclick.net.
Hosts: 192.157.56.28 www.statcounter.com.
Hosts: 192.157.56.28 connect.facebook.net.
Hosts: 192.157.56.28 platform.twitter.com.
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Viktorja\AppData\Roaming\Mozilla\Firefox\Profiles\qo46xsrl.default\
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-17 77952]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-17 37504]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-12-25 55024]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-7-26 291680]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-8-24 384352]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-7-14 204288]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-5-29 36456]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-8-2 244624]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-7-14 231440]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2011-12-23 124496]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-2 533096]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-16 398184]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-16 682344]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11;C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe [2008-8-14 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11;C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [2008-8-14 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11;C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [2008-8-14 170480]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-16 24176]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [2008-8-14 313840]
S3 RoxMediaDB11;RoxMediaDB11;C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [2008-8-14 1124848]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-15 1255736]
S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-01-17 05:12:32 -------- d-----w- C:\Users\Viktorja\AppData\Roaming\Malwarebytes
2013-01-17 05:12:24 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-17 05:12:23 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-01-17 05:12:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-17 05:10:27 -------- d-----w- C:\ProgramData\APN
2012-12-26 04:40:12 -------- d-----w- C:\ProgramData\Uninstall
2012-12-26 04:23:18 -------- d-----w- C:\Program Files (x86)\Roxio
2012-12-26 04:21:48 -------- d-----w- C:\Users\Viktorja\AppData\Local\Programs
2012-12-26 04:20:59 55024 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2012-12-26 04:19:27 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2012-12-26 04:18:10 -------- d-----w- C:\Program Files (x86)\Roxio Creator 2009
2012-12-26 04:17:33 -------- d-----w- C:\ProgramData\eSellerate
2012-12-26 04:17:32 -------- d-----w- C:\ProgramData\SmartSound Software Inc
2012-12-26 04:17:32 -------- d-----w- C:\Program Files (x86)\SmartSound Software
.
==================== Find3M ====================
.
2013-01-12 09:30:38 859552 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-01-12 09:30:33 780192 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-10-25 09:12:26 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-10-25 09:12:26 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 11:48:39.89 ===============

- - -

attach file:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 1/14/2012 5:59:44 PM
System Uptime: 1/19/2013 11:19:45 AM (0 hours ago)
.
Motherboard: Acer | | Aspire X1430G
Processor: AMD E-450 APU with Radeon(tm) HD Graphics | CPU 1 | 1650/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 912 GiB total, 857.666 GiB free.
D: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP84: 12/25/2012 10:14:09 PM - Installed DirectX
RP85: 12/25/2012 10:17:09 PM - Installed SmartSound Quicktracks Plugin
RP86: 12/25/2012 10:24:12 PM - Installed SmartSound "New Standard 22k Library"
RP87: 1/5/2013 7:48:28 PM - Scheduled Checkpoint
RP88: 1/14/2013 5:57:46 PM - Scheduled Checkpoint
RP89: 1/18/2013 9:20:06 AM - Windows Modules Installer
RP90: 1/18/2013 9:21:58 AM - Windows Modules Installer
RP91: 1/19/2013 9:04:36 AM - Removed Java(TM) 6 Update 31
RP92: 1/19/2013 9:11:52 AM - Installed Java 7 Update 11
RP93: 1/19/2013 11:25:03 AM - Removed Java 7 Update 11
.
==== Hosts File Hijack ======================
.
Hosts: 192.157.56.28 www.google-analytics.com.
Hosts: 192.157.56.28 ad-emea.doubleclick.net.
Hosts: 192.157.56.28 www.statcounter.com.
Hosts: 192.157.56.28 connect.facebook.net.
Hosts: 192.157.56.28 platform.twitter.com.
Hosts: 93.115.241.27 www.google-analytics.com.
Hosts: 93.115.241.27 ad-emea.doubleclick.net.
Hosts: 93.115.241.27 www.statcounter.com.
Hosts: 93.115.241.27 connect.facebook.net.
Hosts: 93.115.241.27 platform.twitter.com.
.
==== Installed Programs ======================
.
Acer eRecovery Management
Acer Games
Acer Registration
Acer ScreenSaver
Acer Updater
Adobe AIR
Adobe Photoshop Lightroom 3.2 64-bit
Adobe Reader X (10.1.5) MUI
Agatha Christie - Death on the Nile
ALCATEL PC Suite V6.3.27
Amazon MP3 Downloader 1.0.17
AMD APP SDK Runtime
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI AVIVO64 Codecs
ATI Catalyst Install Manager
Avery Template
AVG 2012
Bejeweled 2 Deluxe
Bing Rewards Client Installer
BitLord 2.0
Bonjour
Build-a-lot 4 - Power Source
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CDBurnerXP
Chronicles of Albian
clear.fi
clear.fi Client
Compatibility Pack for the 2007 Office system
Cradle of Rome 2
D3DX10
DirectX 9 Runtime
Dora's World Adventure
Dropbox
EMC 11 Content
Final Drive: Nitro
Galerie de photos Windows Live
Google Drive
Google Update Helper
Governor of Poker 2 Premium Edition
Hotkey Utility
HP Deskjet 2050 J510 series Basic Device Software
HP Deskjet 2050 J510 series Help
HP Photo Creations
Identity Card
iTunes
Jacquie Lawson Alpine Advent Calendar
Jewel Match 3
Junk Mail filter update
Last.fm 1.5.4.27091
Malwarebytes Anti-Malware version 1.70.0.1100
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Professional Edition 2003
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Mozilla Firefox 18.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery of Mortlake Mansion
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Express 10
Nero Express 10 Help (CHM)
Nero Multimedia Suite 10 Essentials
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
NOOK for PC
Olympus Digital Wave Player
OpenOffice.org 3.3
Penguins!
Pidgin
Pidgin-Musictracker plugin (remove only)
Plants vs. Zombies - Game of the Year
Polar Bowler
Polar Golfer
QuickTime
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2009
Roxio File Backup
Scrivener
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
SmartSound Quicktracks Plugin
Solitaire (remove only)
Torchlight
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update Installer for WildTangent Games App
Virtual Villagers 5 - New Believers
Visual Studio 2008 x64 Redistributables
VLC media player 1.1.11
Welcome Center
WildTangent Games App
Winamp
Winamp Detector Plug-in
Windows Driver Package - OLYMPUS IMAGING CORP. (VNUSB) VNUSB (09/29/2009 2.0.0.0)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinZip 17.0
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
1/19/2013 11:20:41 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RxFilter
1/15/2013 11:03:39 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
1/15/2013 11:03:39 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error: An instance of the service is already running.
1/15/2013 11:02:39 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
1/15/2013 11:01:39 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/15/2013 11:01:39 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/15/2013 11:01:39 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/15/2013 11:01:39 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/15/2013 11:01:39 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/15/2013 11:01:39 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/15/2013 11:01:39 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/15/2013 11:01:39 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/15/2013 11:01:39 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/15/2013 11:01:38 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
1/15/2013 11:01:38 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
.
==== End Of File ===========================

Gmer file:

GMER 2.0.18444 - http://www.gmer.net
Rootkit scan 2013-01-19 12:01:44
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000055 ST310005 rev.JC45 931.51GB
Running: iuq6zuqo.exe; Driver: C:\Users\Viktorja\AppData\Local\Temp\fxlyqkow.sys


---- Threads - GMER 2.0 ----

Thread C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe [2636:2880] 0000000077ac2e25
Thread C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe [2636:2888] 0000000077ac3e45
Thread C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe [2636:5324] 0000000077ac3e45
Thread C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [3156:3120] 000000001001c4d1
Thread C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [3156:3580] 00000000038d9725
Thread C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [3304:3460] 0000000077ac2e25
Thread C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [3304:4232] 0000000077ac3e45
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872:3028] 000007feef85db84
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872:4816] 000007feef71b184
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872:2100] 000007feef71b184
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872:2224] 000007feef71b184
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872:1764] 000007feef71b184
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872:1904] 000007feef71b184
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872:1980] 000007feef8308c0
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872:940] 000007feef71b184
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872:2536] 000007feef71b184
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872:4588] 000007feef710e44
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872:4152] 000007feefd56f00
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872:4172] 000007feef71b184
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [4876:4316] 000007fefb7d2a7c
Thread C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [4876:5644] 000000006bb76c88
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:4308] 00000000690a6314
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:3504] 00000000690a539b
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:2088] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:5356] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:3796] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:2120] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:1820] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:4716] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:6020] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:192] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:6024] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:5608] 0000000077ac2e25
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:6056] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:1752] 000000006e8f27e1
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:4072] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:3092] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:4692] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:3780] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:5736] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:4124] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:5084] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:2912] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:4756] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:4572] 000000006e4132fb
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:5160] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:1784] 00000000745727c1
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:2600] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:3556] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:5516] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:4976] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:4776] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:4212] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:3096] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:5564] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:5076] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:3152] 0000000077ac3e45
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:5232] 0000000076c842ed
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:5884] 000000007387c724
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:3844] 00000000750662ee
Thread C:\Program Files (x86)\Mozilla Firefox\firefox.exe [6088:5636] 0000000077ac3e45
---- Processes - GMER 2.0 ----

Library ? (*** suspicious ***) @ C:\Program Files\Windows Media Player\wmpnetwk.exe [4880] 000007fefae00000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [4872] 000007fefed40000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [4876] 000007fefd110000

---- EOF - GMER 2.0 ----

Sysinfo:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD E-450 APU with Radeon(tm) HD Graphics, AMD64 Family 20 Model 2 Stepping 0
Processor Count: 2
RAM: 3579 Mb
Graphics Card: AMD Radeon HD 6300 series Graphics, 512 Mb
Hard Drives: C: Total - 933767 MB, Free - 878249 MB;
Motherboard: Acer, Aspire X1430G
Antivirus: AVG Anti-Virus Free Edition 2012, Updated and Enabled
 

FusRoDah

Thread Starter
Joined
Jan 19, 2013
Messages
2
I just did a system restore to a point in time before I picked up whatever it was that happened. That appears to have worked. Thanks anyway folks :)
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top