here is my dds and my attach filie is attached. I started another topic which can be found here explaining what happened to me.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16506 BrowserJavaVersion: 10.25.2
Run by claires at 1:12:26 on 2013-09-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8157.4117 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\iolo\System Mechanic\SystemGuardAlerter.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Update Detector\UpdateDetector.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\TechSmith\Jing\Jing.exe
C:\Program Files (x86)\Glary Utilities 3\memdefrag.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files (x86)\Glary Utilities 3\Integrator.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\jmdp\stij.exe
C:\Windows\system32\dmwu.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
uSearch Page = hxxp://www.google.com
uProxyServer = :0
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Zonealarm Helper Object: {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.21.15\bh\zonealarm.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.76\npchrome_frame.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: ZoneAlarm Security Toolbar: {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.21.15\zonealarmTlbr.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe
uRun: [Glary Memory Optimizer] C:\Program Files (x86)\Glary Utilities 3\memdefrag.exe /autostart
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
uRun: [GoogleChromeAutoLaunch_BE60B48618A5F1D1EFDB75C9490D459E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [DriverBoost] C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe /applicationMode:systemTray /showWelcome:false
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3B5CD09D-8ED8-4D1D-9AB1-4D928568AEA3} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BF07F230-D0B6-4EAA-BDDB-8BAECD73DA5F} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BF07F230-D0B6-4EAA-BDDB-8BAECD73DA5F}\078696C6164656C607869616 : DHCPNameServer = 192.168.1.1
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.76\npchrome_frame.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe
x64-Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\claires\AppData\Roaming\Mozilla\Firefox\Profiles\4lvy4knf.default-1352199982738\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.homepageadz.com/startpage.php?ckoch
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\claires\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Users\claires\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\claires\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\claires\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\nphdplg.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-09-05 18:12; {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}; C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - ExtSQL: !HIDDEN! 2011-10-24 21:17; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-7-2 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-7-2 204880]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-7-2 1030952]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-7-2 378944]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2011-4-13 31432]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-7-2 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-7-2 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-5 46808]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
R2 IBUpdaterService;IBUpdaterService;C:\Windows\System32\dmwu.exe [2013-9-21 1648432]
R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2013-9-10 1164328]
R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-7-18 82160]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-6-1 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-6-1 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-6-1 168384]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-6-18 54160]
R3 bbcap;bb_capture_driver;C:\Windows\System32\drivers\bbcap.sys [2011-10-23 4608]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-10-23 244224]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-8-25 708200]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2013-9-10 1164328]
S3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
S3 PAC207;SoC PC-Camera;C:\Windows\System32\drivers\PFC027.SYS [2006-12-5 572416]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms [2009-9-17 23536]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-4-18 18456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-25 19456]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-9-18 31800]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;C:\Windows\System32\drivers\SbFwIm.sys [2012-5-19 119416]
S3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\Windows\System32\drivers\SbFwIm.sys [2012-5-19 119416]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-25 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-10 1255736]
S4 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-4-18 1227800]
S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-8-10 4308320]
.
=============== File Associations ===============
.
FileExt: .jse: JSEFile=NOTEPAD.EXE %1
FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2013-09-22 04:53:14 -------- d-----w- C:\Program Files\HitmanPro
2013-09-22 04:51:36 -------- d-----w- C:\ProgramData\HitmanPro
2013-09-22 03:18:36 -------- d-----w- C:\Windows\SysWow64\jmdp
2013-09-22 03:18:31 33792 ----a-w- C:\Windows\System32\ImHttpComm.dll
2013-09-22 03:18:31 1648432 ----a-w- C:\Windows\System32\dmwu.exe
2013-09-22 03:18:31 -------- d-----w- C:\Windows\SysWow64\ARFC
2013-09-22 03:18:17 -------- d-----w- C:\Windows\SysWow64\WNLT
2013-09-22 03:17:56 -------- d-----w- C:\Program Files (x86)\wrapper_inst
2013-09-22 03:15:50 -------- d-----w- C:\Windows\en
2013-09-22 03:12:48 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2013-09-22 03:12:48 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll
2013-09-22 03:12:48 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll
2013-09-22 03:12:48 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll
2013-09-22 03:12:46 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll
2013-09-22 03:12:46 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2013-09-22 03:12:44 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2013-09-22 03:12:44 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2013-09-22 03:10:01 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\31d522b81ceb74104\DSETUP.dll
2013-09-22 03:10:01 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\31d522b81ceb74104\DXSETUP.exe
2013-09-22 03:10:01 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\31d522b81ceb74104\dsetup32.dll
2013-09-22 03:09:47 94040 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\303c7b5c1ceb74103\DSETUP.dll
2013-09-22 03:09:47 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\303c7b5c1ceb74103\DXSETUP.exe
2013-09-22 03:09:47 1691480 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\303c7b5c1ceb74103\dsetup32.dll
2013-09-22 03:09:43 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2dc9012c1ceb74101\DSETUP.dll
2013-09-22 03:09:43 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2dc9012c1ceb74101\DXSETUP.exe
2013-09-22 03:09:43 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2dc9012c1ceb74101\dsetup32.dll
2013-09-22 02:42:24 -------- d-----w- C:\Users\claires\AppData\Local\ezvid,_inc
2013-09-22 00:57:55 -------- d-----w- C:\Users\claires\AppData\Local\{D3B7AF78-BC15-463B-B712-9F22F61182B1}
2013-09-21 03:14:06 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-20 18:59:59 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FA7528BF-3DCE-438F-84FF-C302B710777D}\offreg.dll
2013-09-20 18:49:50 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FA7528BF-3DCE-438F-84FF-C302B710777D}\mpengine.dll
2013-09-18 22:36:24 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys
2013-09-18 22:36:22 -------- d-----w- C:\Program Files\VS Revo Group
2013-09-17 14:06:57 -------- d-----w- C:\Users\claires\AppData\Local\{E971F6DB-61D8-4524-A80C-60B45532E74F}
2013-09-17 04:07:04 -------- d-----w- C:\Users\claires\AppData\Roaming\Moyea
2013-09-17 03:57:16 -------- d-----w- C:\Users\claires\AppData\Roaming\GetRightToGo
2013-09-17 02:56:04 -------- d-----w- C:\ProgramData\Freemake
2013-09-17 02:55:29 -------- d-----w- C:\Program Files (x86)\Freemake
2013-09-17 02:06:14 -------- d-----w- C:\Users\claires\AppData\Local\{5575E31E-A4ED-4144-A558-BEA31C93293B}
2013-09-16 03:53:52 -------- d-----w- C:\MATS
2013-09-12 03:40:46 -------- d-----w- C:\Program Files (x86)\Localizer Leads Tool
2013-09-11 03:29:41 2155152 ----a-w- C:\Windows\System32\Incinerator64.dll
2013-09-10 23:16:32 -------- d-----w- C:\Users\claires\AppData\Roaming\Registry Mechanic
2013-09-10 18:00:59 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-09-10 00:49:50 -------- d-----w- C:\AdwCleaner
2013-09-09 21:08:44 -------- d-----w- C:\Users\claires\AppData\Local\VS Revo Group
2013-09-09 21:08:28 -------- d-----w- C:\ProgramData\VS Revo Group
2013-09-05 22:12:54 -------- d-----w- C:\Program Files (x86)\RealNetworks
2013-09-05 22:12:45 -------- d-----w- C:\ProgramData\RealNetworks
2013-09-04 02:45:25 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-09-02 05:18:09 -------- d-----w- C:\Program Files (x86)\Easy SEO Ninja
2013-08-25 08:16:15 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2013-08-25 08:16:15 708200 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
.
==================== Find3M ====================
.
2013-09-13 01:14:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-13 01:14:22 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-09 22:26:34 57584 ----a-w- C:\Windows\System32\iolobtdfg.exe
2013-09-09 22:26:24 26184 ----a-w- C:\Windows\System32\smrgdf.exe
2013-09-09 22:08:08 2097984 ----a-w- C:\Windows\SysWow64\Incinerator32.dll
2013-09-04 02:44:59 972712 ----a-w- C:\Windows\System32\deployJava1.dll
2013-09-04 02:44:59 1093032 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-09-02 09:09:06 117024 ----a-w- C:\Windows\System32\BootDefrag.exe
2013-08-30 07:48:10 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-08-30 07:48:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-08-30 07:48:10 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-08-30 07:48:10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-08-30 07:48:09 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr
2013-08-25 08:14:29 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys
2013-08-07 08:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-31 13:29:19 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-31 13:19:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-07-31 13:18:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-07-31 13:14:29 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-07-31 13:13:07 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-07-31 13:08:44 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-31 10:00:20 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-07-31 09:52:44 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-31 09:52:34 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-07-31 09:48:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-07-31 09:48:09 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-07-31 09:45:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-07-04 07:11:58 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2013-07-04 07:11:58 608080 ----a-w- C:\Windows\System32\msvcp100.dll
2013-07-03 06:31:05 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-03 06:30:59 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-07-03 06:30:59 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-29 08:44:26 172456 ----a-w- C:\Program Files (x86)\57res.dll
.
============= FINISH: 1:13:42.10 ===============
via Bleeping Computer Last 20 Posts http://www.bleepingcomputer.com/forums/t/508569/downloaded-windows-movie-maker-and-got-a-possible-zero-access-virus/
Aucun commentaire:
Enregistrer un commentaire