. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Tinna at 20:21:34 on 2012-01-03 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3874.2403 [GMT 1:00] . AV: Computer Security *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} SP: Computer Security *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Computer Security *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe C:\Windows\system32\taskeng.exe C:\Program Files\P4G\BatteryLife.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Bluetooth Suite\adminservice.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE C:\Program Files (x86)\F-Secure\fshoster32.exe C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe C:\Windows\System32\igfxtray.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Vip Internet\BackgroundService\ServiceManager.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\StikyNot.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Vip Internet\BackgroundService\ModemListener.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\F-Secure\fshoster32.exe C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Spam Control\fsscoepl_x64.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Telenor Internet\Telenor Internet.exe C:\Users\Tinna\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tinna\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tinna\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Tinna\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tinna\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.rs/ uDefault_Page_URL = hxxp://asus.msn.com mStart Page = hxxp://asus.msn.com mWinlogon: Userinit=userinit.exe BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Nero Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: Nero Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll uRun: [Google Update] "C:\Users\Tinna\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [Facebook Update] "C:\Users\Tinna\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [VIP_Serbia Lighter ModemListener] C:\Program Files (x86)\Vip Internet\BackgroundService\ModemListener.exe start mRun: [F-Secure Hoster] "C:\Program Files (x86)\F-Secure\fshoster32.exe" -app -hosterid:1 mRun: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{C579E543-9E18-4F5F-90F2-4A335DE792DA} : DhcpNameServer = 192.168.1.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO-X64: IESpeakDoc - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll BHO-X64: Browsing Protection Class: {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll BHO-X64: LitmusBHO - No File BHO-X64: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll BHO-X64: Google Dictionary Compression sdch - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Nero Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO-X64: Ask Toolbar BHO - No File TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: Nero Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB-X64: Browsing Protection Toolbar: {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S mRun-x64: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun-x64: [VIP_Serbia Lighter ModemListener] C:\Program Files (x86)\Vip Internet\BackgroundService\ModemListener.exe start mRun-x64: [F-Secure Hoster] "C:\Program Files (x86)\F-Secure\fshoster32.exe" -app -hosterid:1 mRun-x64: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash IE-X64: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . ============= SERVICES / DRIVERS =============== . R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024] R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2012-1-2 62120] R1 FSES;F-Secure Email Scanning Driver;C:\Windows\system32\drivers\fses.sys --> C:\Windows\system32\drivers\fses.sys [?] R1 FSFW;F-Secure Firewall Driver;C:\Windows\system32\drivers\fsdfw.sys --> C:\Windows\system32\drivers\fsdfw.sys [?] R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2012-1-2 15016] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416] R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-13 138400] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-13 74912] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664] R2 F-Secure Gatekeeper Handler Starter;FSGKHS;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe [2012-1-2 221864] R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2012-1-2 198808] R2 fshoster;F-Secure Dll Hoster;C:\Program Files (x86)\F-Secure\fshoster32.exe [2011-10-4 156328] R2 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [2011-10-5 61112] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264] R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-7-5 2655768] R2 VIP_Serbia Lighter Modem Device Helper;VIP_Serbia Lighter Modem Device Helper;C:\Program Files (x86)\Vip Internet\BackgroundService\ServiceManager.exe -start --> C:\Program Files (x86)\Vip Internet\BackgroundService\ServiceManager.exe -start [?] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?] R3 fsccsys1325515503;F-Secure Content Control Driver;\??\C:\Windows\System32\drivers\fsccsys.sys --> C:\Windows\System32\drivers\fsccsys.sys [?] R3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\system32\DRIVERS\ewusbdev.sys --> C:\Windows\system32\DRIVERS\ewusbdev.sys [?] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-1 135664] S3 AlcatelOTnet;AlcatelOT USB-NDIS miniport;C:\Windows\system32\DRIVERS\AlcatelOTUsbnet.sys --> C:\Windows\system32\DRIVERS\AlcatelOTUsbnet.sys [?] S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?] S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?] S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?] S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?] S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-1 135664] S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;C:\Windows\system32\DRIVERS\jrdusbser.sys --> C:\Windows\system32\DRIVERS\jrdusbser.sys [?] S3 massfilter;Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter.sys --> C:\Windows\system32\drivers\massfilter.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2012-01-03 14:12:39 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9E6EDDB7-DB02-480B-96D8-333F59B8C071}\offreg.dll 2012-01-03 11:15:24 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9E6EDDB7-DB02-480B-96D8-333F59B8C071}\mpengine.dll 2012-01-03 10:56:05 42672 ----a-w- C:\Windows\SysWow64\drivers\fsbts.sys 2012-01-02 14:45:03 58560 ----a-w- C:\Windows\System32\drivers\fsccsys.sys 2012-01-02 14:44:28 46792 ----a-w- C:\Windows\System32\drivers\fses.sys 2012-01-02 14:44:27 96008 ----a-w- C:\Windows\System32\drivers\fsdfw.sys 2012-01-02 14:37:37 -------- d-----w- C:\ProgramData\fssg 2012-01-02 14:36:23 -------- d-----w- C:\Program Files (x86)\F-Secure 2012-01-02 14:34:50 -------- d-----w- C:\ProgramData\F-Secure 2012-01-02 14:23:38 -------- d-----w- C:\Program Files\Common Files\Bitdefender 2012-01-02 14:23:36 -------- d-----w- C:\Program Files (x86)\Common Files\Bitdefender 2012-01-02 13:30:10 -------- d-----w- C:\Users\Tinna\AppData\Local\ASUS 2012-01-02 12:47:09 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared 2012-01-02 12:42:53 -------- d-----w- C:\ProgramData\Norton 2012-01-02 12:42:45 -------- d-----w- C:\ProgramData\NortonInstaller 2012-01-01 22:36:43 16200 ----a-w- C:\Windows\stinger.sys 2012-01-01 22:19:14 -------- d-----w- C:\Users\Tinna\AppData\Roaming\Malwarebytes 2012-01-01 22:19:04 -------- d-----w- C:\ProgramData\Malwarebytes 2012-01-01 21:58:02 -------- d-----w- C:\ProgramData\Kaspersky Lab 2012-01-01 21:04:22 -------- d--h--w- C:\ProgramData\Common Files 2012-01-01 21:04:03 -------- d-----w- C:\ProgramData\MFAData 2011-12-30 13:46:55 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2011-12-27 18:56:54 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2011-12-27 18:56:01 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2011-12-27 17:17:26 -------- d-----w- C:\ProgramData\AVAST Software 2011-12-27 17:17:26 -------- d-----w- C:\Program Files\AVAST Software 2011-12-27 15:08:19 270720 ------w- C:\Windows\System32\MpSigStub.exe 2011-12-26 12:58:34 -------- d-----w- C:\20111226135834000 2011-12-26 12:18:01 -------- d-----w- C:\Users\Tinna\AppData\Local\VS Revo Group 2011-12-22 19:07:32 -------- d-----w- C:\Program Files (x86)\Common Files\PocketSoft 2011-12-14 13:41:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2011-12-14 13:41:36 2048 ----a-w- C:\Windows\System32\tzres.dll 2011-12-14 13:41:17 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2011-12-14 13:37:06 3145216 ----a-w- C:\Windows\System32\win32k.sys 2011-12-14 13:37:05 723456 ----a-w- C:\Windows\System32\EncDec.dll 2011-12-14 13:37:05 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2011-12-08 20:23:01 -------- d-----w- C:\Users\Tinna\AppData\Local\{8101D6C2-0CF3-453C-B928-D73A8EBA1427} 2011-12-08 20:22:39 -------- d-----w- C:\Users\Tinna\AppData\Local\{E69A7C08-42F4-455B-A1ED-B146907AADF4} 2011-12-07 20:38:55 -------- d-----w- C:\Users\Tinna\AppData\Local\Facebook . ==================== Find3M ==================== . 2012-01-02 17:02:58 45056 ----a-w- C:\Windows\System32\acovcnt.exe 2011-12-14 22:19:30 128512 ----a-w- C:\Windows\RegBootClean64.exe 2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll 2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-10-21 16:41:32 510232 ----a-w- C:\Windows\System32\igfxsrvc.exe 2011-10-21 16:41:32 167704 ----a-w- C:\Windows\System32\igfxtray.exe 2011-10-21 16:41:30 416024 ----a-w- C:\Windows\System32\igfxpers.exe 2011-10-21 16:41:28 239896 ----a-w- C:\Windows\System32\igfxext.exe 2011-10-21 16:41:26 392472 ----a-w- C:\Windows\System32\hkcmd.exe 2011-10-21 16:41:24 4378392 ----a-w- C:\Windows\System32\GfxUI.exe 2011-10-21 16:41:24 184600 ----a-w- C:\Windows\System32\difx64.exe 2011-10-21 16:36:12 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2559.dll 2011-10-21 16:30:04 8313856 ----a-w- C:\Windows\System32\igdumd64.dll 2011-10-21 16:30:04 12310112 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys 2011-10-21 16:27:54 217536 ----a-w- C:\Windows\SysWow64\igfcg600m.bin 2011-10-21 16:27:54 217536 ----a-w- C:\Windows\System32\igfcg600m.bin 2011-10-21 16:27:48 75776 ----a-w- C:\Windows\System32\igdde64.dll 2011-10-21 16:25:02 6323712 ----a-w- C:\Windows\SysWow64\igdumd32.dll 2011-10-21 16:22:54 56832 ----a-w- C:\Windows\SysWow64\igdde32.dll 2011-10-21 16:21:44 581120 ----a-w- C:\Windows\SysWow64\igdumdx32.dll 2011-10-21 16:19:24 14592512 ----a-w- C:\Windows\System32\igd10umd64.dll 2011-10-21 16:13:56 12340224 ----a-w- C:\Windows\SysWow64\igd10umd32.dll 2011-10-21 16:08:10 18651648 ----a-w- C:\Windows\System32\ig4icd64.dll 2011-10-21 16:03:04 13903872 ----a-w- C:\Windows\SysWow64\ig4icd32.dll 2011-10-21 15:58:58 286720 ----a-w- C:\Windows\System32\igfxrnld.lrc 2011-10-21 15:58:58 286720 ----a-w- C:\Windows\System32\igfxrcsy.lrc 2011-10-21 15:58:58 285696 ----a-w- C:\Windows\System32\igfxrdan.lrc 2011-10-21 15:58:56 285184 ----a-w- C:\Windows\System32\igfxrara.lrc 2011-10-21 15:58:56 282624 ----a-w- C:\Windows\System32\igfxrcht.lrc 2011-10-21 15:58:56 282624 ----a-w- C:\Windows\System32\igfxrchs.lrc 2011-10-21 15:58:54 126976 ----a-w- C:\Windows\System32\igfxcpl.cpl 2011-10-21 15:58:24 375808 ----a-w- C:\Windows\System32\igfxpph.dll 2011-10-21 15:58:20 378368 ----a-w- C:\Windows\System32\igfxTMM.dll 2011-10-21 15:58:14 28672 ----a-w- C:\Windows\System32\igfxexps.dll 2011-10-21 15:57:58 62464 ----a-w- C:\Windows\System32\igfxsrvc.dll 2011-10-21 15:57:24 110080 ----a-w- C:\Windows\System32\hccutils.dll 2011-10-21 15:57:16 146432 ----a-w- C:\Windows\System32\gfxSrvc.dll 2011-10-21 15:57:14 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll 2011-10-21 15:57:14 390144 ----a-w- C:\Windows\System32\igfxdev.dll 2011-10-21 15:56:36 285696 ----a-w- C:\Windows\System32\igfxrenu.lrc 2011-10-21 15:56:30 9014784 ----a-w- C:\Windows\System32\igfxress.dll 2011-10-21 15:56:30 142336 ----a-w- C:\Windows\System32\igfxdo.dll 2011-10-21 15:52:52 24576 ----a-w- C:\Windows\SysWow64\igfxexps32.dll 2011-10-21 15:52:04 294400 ----a-w- C:\Windows\SysWow64\igfxdv32.dll 2011-10-21 15:50:00 2177536 ----a-w- C:\Windows\System32\igfxcmjit64.dll 2011-10-21 15:50:00 171520 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll 2011-10-21 15:50:00 1663488 ----a-w- C:\Windows\SysWow64\igfxcmjit32.dll 2011-10-21 15:50:00 148480 ----a-w- C:\Windows\System32\igfxcmrt64.dll . ============= FINISH: 20:25:12,14 ===============