DDS (Ver_10-03-17.01) - NTFSx86 Run by Bakken at 16:47:49,44 on 30.04.2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.47.1044.18.3327.2142 [GMT 2:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Essentials\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\WUDFHost.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\PnkBstrA.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft LifeChat\LifeChat.exe C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Windows Media Player\WMPSideShowGadget.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Windows\system32\taskmgr.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\Bakken\Downloads\dds.scr C:\Windows\system32\conhost.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.startsiden.no/ uSearch Bar = Preserve uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: Påloggingshjelp for Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [WindowsLivePhone] "c:\program files\windows live\device manager\msgrdvmn.exe" /AutoRun uRun: [Steam] "e:\spel og fanteri\steam\Steam.exe" -silent uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized mRun: [LifeChat] "c:\program files\microsoft lifechat\LifeChat.exe" mRun: [WindowsLivePhone] c:\program files\windows live\device manager\msgrdvmn.exe /AutoRun mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe" mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe" mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE mRun: [Easy-PrintToolBox] c:\program files\canon\easy-printtoolbox\BJPSMAIN.EXE /logon mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-2-8 216200] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-2-8 29512] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-2-8 242896] R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-12-2 149040] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-3-17 916760] R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-3-17 308064] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-1-11 240232] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2009-12-2 42368] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-14 311296] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 RzSynapse;Razer Naga Driver;c:\windows\system32\drivers\RzSynapse.sys [2010-3-11 60032] SUnknown fhvakfgf;fhvakfgf; [x] =============== Created Last 30 ================ 2010-04-30 14:42:47 51776 ----a-w- c:\windows\system32\drivers\TERMDD.SYS 2010-04-30 14:32:14 0 d-----w- c:\users\bakken\appdata\roaming\Malwarebytes 2010-04-30 14:32:05 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-30 14:32:04 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-30 14:32:04 0 d-----w- c:\programdata\Malwarebytes 2010-04-30 14:32:04 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-30 14:27:49 0 d-----w- c:\program files\Microsoft Security Essentials 2010-04-27 20:33:41 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2010-04-27 20:33:41 1037312 ----a-w- c:\windows\system32\lsasrv.dll 2010-04-22 09:21:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_RzSynapse_01007.Wdf 2010-04-21 13:37:15 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01005.Wdf 2010-04-20 15:46:45 0 d-----w- c:\users\bakken\Office Genuine Advantage 2010-04-14 15:31:14 3954568 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-04-14 15:31:14 3899280 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-04-14 15:31:13 427520 ----a-w- c:\windows\system32\vbscript.dll 2010-04-14 15:31:12 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2010-04-14 15:31:12 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2010-04-14 15:31:12 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-04-14 15:29:45 172032 ----a-w- c:\windows\system32\wintrust.dll 2010-04-14 15:29:45 132608 ----a-w- c:\windows\system32\cabview.dll ==================== Find3M ==================== 2010-04-22 09:17:38 73918 ----a-w- c:\windows\system32\perfc014.dat 2010-04-22 09:17:38 447972 ----a-w- c:\windows\system32\perfh014.dat 2010-04-21 13:09:09 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-03-29 03:51:27 215128 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-03-29 01:55:05 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-03-18 18:07:53 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2010-03-18 15:36:10 118304 ---ha-w- c:\windows\system32\mlfcache.dat 2010-03-16 23:00:12 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-03-16 23:00:08 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-03-14 15:04:04 138056 ----a-w- c:\users\bakken\appdata\roaming\PnkBstrK.sys 2010-03-14 15:03:25 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2010-03-14 15:03:25 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe 2010-03-11 12:05:10 60032 ----a-w- c:\windows\system32\drivers\RzSynapse.sys 2010-02-24 08:16:06 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-02-23 07:56:00 977920 ----a-w- c:\windows\system32\wininet.dll 2010-02-11 07:10:14 293376 ----a-w- c:\windows\system32\browserchoice.exe 2010-02-09 00:07:48 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-02-02 07:45:54 2048 ----a-w- c:\windows\system32\tzres.dll 2009-07-14 07:31:30 36156 ----a-w- c:\windows\inf\perflib\0414\perfd.dat 2009-07-14 07:31:30 36156 ----a-w- c:\windows\inf\perflib\0414\perfc.dat 2009-07-14 07:31:30 298300 ----a-w- c:\windows\inf\perflib\0414\perfi.dat 2009-07-14 07:31:30 298300 ----a-w- c:\windows\inf\perflib\0414\perfh.dat 2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 16:48:21,80 ===============