1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Patched_c.LXT in services.exe and redirecting problem

Discussion in 'Virus & Other Malware Removal' started by Asara, Jun 17, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. Asara

    Asara Thread Starter

    Joined:
    Oct 6, 2007
    Messages:
    11
    Alright first i'd like to thank anyone for the help in advance! I'm a big fan of this site and I think the service people provide is great!

    I'm running Wi7 Home Premium SP1 64bit.

    The problem only started acting up a few days ago but it growing ever since. It started with an AVG notification (whilst doing nothing) that services.exe has been infected with a Trojan horse Patched_c.LXT. AVG says its solved (because its on a whitelist) but it keeps poping up. Also a bit less frequent but still couple times a day a notification about Desktop.ini being infected *edit* with a Trojan Backdoor.Generic15.AXLA. Since then (don't know if related) I'm having issues with Chrome. To be specific first when I browse to google.com (or any https site) it gives me a message that the Identity of this website has not been verified and it's using a weak algorithm. Considering it's google (and with my limited knowledge of malware/viruses) I just click proceed anyway. Though when I enter a search query in google and click any of the links it redirects me to a random ad site.

    Edit 2
    Apparently PING.EXE has joined the party. It suddenly plays Ad-sounds with nothing running. When I kill PING.exe in taskmanager it stops though I have the feeling this problem is getting worse by the minute. I understand you people are all very busy but I just hope I get this mess cleaned up in time.

    I hope I covered enough info and again thanks in advance!

    --LOGS--

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 0:30:32, on 18-6-2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v8.00 (8.00.7601.17514)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
    C:\Windows\PixArt\Pac207\Monitor.exe
    C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
    C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\FCleaner\FCleaner.exe
    C:\Users\Sam\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
    C:\Users\Sam\AppData\Local\Akamai\netsession_win.exe
    H:\Program Files (x86)\Steam cracked version\Steam.exe
    C:\Users\Sam\AppData\Roaming\Spotify\spotify.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    C:\Users\Sam\Local Settings\Apps\F.lux\flux.exe
    C:\Users\Sam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe
    C:\Users\Sam\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Ask.com\Updater\Updater.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\Desktop\HijackThis.exe
    C:\Program Files (x86)\TortoiseSVN\bin\TSVNCache.exe
    C:\Windows\SysWOW64\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr...xtreme_m5740&r=173605102906p0475v145y44m3037p
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr...xtreme_m5740&r=173605102906p0475v145y44m3037p
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr...xtreme_m5740&r=173605102906p0475v145y44m3037p
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
    O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
    O4 - HKCU\..\Run: [EPSON SX218 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\Windows\TEMP\E_SA005.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [SRSHDAudioLab] "C:\Program Files\SRS Labs\SRS HD Audio Lab\HDAL.exe" auto
    O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [FTweakFCleaner] C:\Program Files (x86)\FCleaner\FCleaner.exe -a
    O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Sam\AppData\Local\Akamai\netsession_win.exe"
    O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sam\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
    O4 - HKCU\..\Run: [Steam] "H:\Program Files (x86)\Steam cracked version\Steam.exe" -silent
    O4 - HKCU\..\Run: [Spotify] "C:\Users\Sam\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
    O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    O4 - HKCU\..\Run: [F.lux] "C:\Users\Sam\Local Settings\Apps\F.lux\flux.exe" /noshow
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Sam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O4 - HKCU\..\Run: [RemotelessHelper] "C:\Program Files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-3077275431-2284838492-2570234457-1010\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-3077275431-2284838492-2570234457-1010\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O4 - Startup: CurseClientStartup.ccip
    O4 - Startup: Dropbox.lnk = Sam\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
    O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
    O15 - Trusted Zone: *.clonewarsadventures.com
    O15 - Trusted Zone: *.freerealms.com
    O15 - Trusted Zone: *.soe.com
    O15 - Trusted Zone: *.sony.com
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    O18 - Protocol: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - C:\Program Files (x86)\NavNetApp\ComUtilities.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll (file missing)
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
    O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - H:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe
    O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: mental ray 3.9 Satellite for Autodesk 3ds Max Design 2012 64-bit - English 64-bit (mi-raysat_3dsmax2012_64) - Unknown owner - H:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
    O23 - Service: SmartSVN Status Cache (statuscached) - Unknown owner - C:\Program Files (x86)\SmartSVN 6.6\bin\statuscached.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
    O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: vToolbarUpdater11.1.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 24775 bytes




    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31
    Run by Sam at 0:31:36 on 2012-06-18
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1033.18.4087.1833 [GMT 2:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Tablet\Pen\Pen_TouchService.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    C:\Windows\SysWOW64\svchost.exe -k Akamai
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
    C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    H:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    C:\Windows\system32\lxdicoms.exe
    H:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
    C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
    C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    C:\OEM\USBDECTION\USBS3S4Detection.exe
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
    C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe
    C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\PixArt\Pac207\Monitor.exe
    C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
    C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
    C:\Windows\system32\svchost.exe -k WindowsMobile
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\FCleaner\FCleaner.exe
    C:\Users\Sam\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
    C:\Users\Sam\AppData\Local\Akamai\netsession_win.exe
    C:\Users\Sam\AppData\Roaming\Spotify\spotify.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    C:\Users\Sam\Local Settings\Apps\F.lux\flux.exe
    C:\Users\Sam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe
    C:\Program Files\Rainmeter\Rainmeter.exe
    C:\Users\Sam\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Ask.com\Updater\Updater.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Sam\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\ping.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\ping.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\ping.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\TortoiseSVN\bin\TSVNCache.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\DllHost.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&m=ixtreme_m5740&r=173605102906p0475v145y44m3037p
    mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&m=ixtreme_m5740&r=173605102906p0475v145y44m3037p
    mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&m=ixtreme_m5740&r=173605102906p0475v145y44m3037p
    uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
    mSearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
    mURLSearchHooks: H - No File
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
    BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
    TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
    {e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
    uRun: [EPSON SX218 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\Windows\TEMP\E_SA005.tmp" /EF "HKCU"
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [SRSHDAudioLab] "C:\Program Files\SRS Labs\SRS HD Audio Lab\HDAL.exe" auto
    uRun: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
    uRun: [Google Update] "C:\Users\Sam\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [FTweakFCleaner] C:\Program Files (x86)\FCleaner\FCleaner.exe -a
    uRun: [Akamai NetSession Interface] "C:\Users\Sam\AppData\Local\Akamai\netsession_win.exe"
    uRun: [Facebook Update] "C:\Users\Sam\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
    uRun: [Steam] "H:\Program Files (x86)\Steam cracked version\Steam.exe" -silent
    uRun: [Spotify] "C:\Users\Sam\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
    uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    uRun: [F.lux] "C:\Users\Sam\Local Settings\Apps\F.lux\flux.exe" /noshow
    uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
    uRun: [Spotify Web Helper] "C:\Users\Sam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    uRun: [RemotelessHelper] "C:\Program Files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe"
    mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    mRun: [<NO NAME>]
    mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
    StartupFolder: C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
    StartupFolder: C:\Users\Sam\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Sam\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\Users\Sam\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Stardock ObjectDock.lnk - C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    mPolicies-system: SynchronousMachineGroupPolicy = 0 (0x0)
    mPolicies-system: SynchronousUserGroupPolicy = 0 (0x0)
    IE: &Verzenden naar OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    LSP: %SystemRoot%\system32\PrxerDrv.dll
    LSP: mswsock.dll
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: Interfaces\{11E9E15E-5166-43B9-94E4-B8D3823B9991} : DhcpNameServer = 213.46.228.196 62.179.104.196
    TCP: Interfaces\{B411414D-C48F-427F-8579-3ED9DC85E8A4} : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{E0566B65-01E2-4A96-9696-72B7BA3611C5} : DhcpNameServer = 7.254.254.254
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - C:\Program Files (x86)\NavNetApp\ComUtilities.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} -
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    mASetup: {686PY8GX-6AJG-268B-70N6-4LWW0P5DX1Q4} - C:\Windows\system32\WinDir\Svchost.exe Restart
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
    BHO-X64: Babylon toolbar helper - No File
    BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    BHO-X64: AVG Do Not Track - No File
    BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    BHO-X64: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO-X64: Ask Toolbar BHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
    TB-X64: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
    mRun-x64: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun-x64: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    mRun-x64: [(Default)]
    mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\p6z14vlw.default\
    FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Be2a2eb63-e5e7-4c47-9fbc-b746d32c0a63%7D&mid=153afe053b02abb28fcaf6eb0f658be8-ba4ab0a76139939ff4f754630aa8c340e91cb43e&ds=AVG&v=11.1.0.7&lang=nl&pr=fr&d=2012-06-01%2008%3A07%3A03&sap=ku&q=
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
    FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
    FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\npsitesafety.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\np32neur.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPMFireLauncher.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
    FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
    FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
    FF - plugin: C:\Users\Sam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\Sam\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: C:\Users\Sam\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
    R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-8 169312]
    R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-14 20992]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-4-30 5106744]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
    R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
    R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2011-1-12 166400]
    R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2011-1-12 128512]
    R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-8-28 1150496]
    R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;H:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-2-7 8704]
    R2 lxdi_device;lxdi_device;C:\Windows\system32\lxdicoms.exe -service --> C:\Windows\system32\lxdicoms.exe -service [?]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-17 654408]
    R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max Design 2012 64-bit - English 64-bit;H:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-2-22 86016]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-3-22 2348352]
    R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
    R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-1-27 5790064]
    R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-1-27 487280]
    R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2009-11-28 240160]
    R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-14 76320]
    R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-6-1 935480]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
    R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
    R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\system32\DRIVERS\nvoclk64.sys --> C:\Windows\system32\DRIVERS\nvoclk64.sys [?]
    R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\system32\DRIVERS\tap0901t.sys --> C:\Windows\system32\DRIVERS\tap0901t.sys [?]
    S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-1-5 75624]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-23 135664]
    S2 lxdiCATSCustConnectService;lxdiCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxdiserv.exe [2007-6-11 33712]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-26 257224]
    S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-20 1431888]
    S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-23 135664]
    S3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-8-4 2329480]
    S3 KINONI_Wave;Kinoni Audio Source;C:\Windows\system32\drivers\kinonivad.sys --> C:\Windows\system32\drivers\kinonivad.sys [?]
    S3 kinonivd;Kinoni Video Source;C:\Windows\system32\DRIVERS\kinonivd.sys --> C:\Windows\system32\DRIVERS\kinonivd.sys [?]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-29 129976]
    S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
    S3 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe [2009-11-28 44312]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 PAC207;SoC PC-Camera;C:\Windows\System32\drivers\Pfc027.sys [2004-9-1 138396]
    S3 SRS_HDAL_Service;HD Audio Lab;C:\Windows\system32\drivers\SRS_HDAL_amd64.sys --> C:\Windows\system32\drivers\SRS_HDAL_amd64.sys [?]
    S3 statuscached;SmartSVN Status Cache;C:\Program Files (x86)\SmartSVN 6.6\bin\statuscached.exe [2010-9-3 216576]
    S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-3 2358656]
    S3 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-11-29 2916736]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2011-11-23 751464]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2012-06-16 22:10:30 -------- d-----w- C:\Users\Sam\AppData\Roaming\Malwarebytes
    2012-06-16 22:10:24 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-06-16 22:10:24 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-06-16 22:10:24 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-06-16 14:42:14 -------- d-----w- C:\Users\Sam\AppData\Roaming\Fatshark
    2012-06-16 14:29:57 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
    2012-06-15 17:19:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-06-15 17:19:27 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
    2012-06-15 17:19:27 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
    2012-06-15 17:18:49 209920 ----a-w- C:\Windows\System32\profsvc.dll
    2012-06-15 17:18:24 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-06-15 17:18:24 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-06-15 17:18:23 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-06-15 17:14:58 3146752 ----a-w- C:\Windows\System32\win32k.sys
    2012-06-15 17:14:31 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-06-15 17:13:02 3216384 ----a-w- C:\Windows\System32\msi.dll
    2012-06-15 17:13:01 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
    2012-06-15 17:11:58 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2012-06-15 17:11:58 1462272 ----a-w- C:\Windows\System32\crypt32.dll
    2012-06-15 17:11:58 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2012-06-15 17:11:58 140288 ----a-w- C:\Windows\System32\cryptnet.dll
    2012-06-15 17:11:58 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2012-06-15 17:11:58 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    2012-06-10 19:03:09 -------- d-----w- C:\Users\Sam\AppData\Roaming\Mount&Blade Warband
    2012-06-08 08:54:44 -------- d-----w- C:\Users\Sam\AppData\Roaming\wargaming.net
    2012-06-08 07:19:16 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B46FC01-78DD-4A25-8B70-F3AC474DB681}\mpengine.dll
    2012-06-03 13:21:34 -------- d-----w- C:\ProgramData\Rockstar Games
    2012-06-01 06:17:09 -------- d-----w- C:\Users\Sam\AppData\Roaming\AVG2012
    2012-06-01 06:07:10 -------- d-----w- C:\Users\Sam\AppData\Local\AVG Secure Search
    2012-06-01 06:07:03 -------- d-----w- C:\ProgramData\AVG Secure Search
    2012-06-01 06:07:02 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
    2012-06-01 06:04:32 -------- d-----w- C:\Windows\System32\drivers\AVG
    2012-06-01 06:04:32 -------- d-----w- C:\ProgramData\AVG2012
    2012-05-31 17:12:03 -------- d-----w- C:\ProgramData\MFAData
    2012-05-30 12:00:50 -------- d-----w- C:\Users\Sam\AppData\Local\Cranium_Consulting_and_Cu
    2012-05-30 12:00:28 -------- d-----w- C:\Program Files (x86)\iPhoneBrowser
    2012-05-30 10:53:09 -------- d-----w- C:\Program Files (x86)\SpotifyRemotelessHelper
    2012-05-29 18:16:09 -------- d-----w- C:\Users\Sam\AppData\Local\libimobiledevice
    2012-05-22 10:56:56 -------- d-----w- C:\Users\Sam\AppData\Local\Runic Games
    2012-05-20 15:02:46 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
    .
    ==================== Find3M ====================
    .
    2012-06-16 14:37:35 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-06-16 14:37:35 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-05-15 04:01:31 1188864 ----a-w- C:\Windows\System32\wininet.dll
    2012-05-15 03:03:54 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-05-05 15:14:08 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-05-03 15:29:27 560184 ----a-w- C:\Windows\System32\drivers\sptd.sys
    2012-04-20 03:45:41 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-04-20 03:16:44 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-04-19 02:50:26 28480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
    2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-03-21 15:18:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2011-04-14 20:38:18 81408 ----a-w- C:\Program Files (x86)\Simpack.exe
    2011-04-14 20:38:18 75264 ----a-w- C:\Program Files (x86)\zlib1.dll
    .
    ============= FINISH: 0:34:49,76 ===============
     
  2. Blade81

    Blade81 Malware Specialist

    Joined:
    Oct 27, 2006
    Messages:
    915
    Hi,

    If help still needed post fresh DDS logs (attach.txt contents included), please.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1057496