DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.4.0 Run by at 18:35:49 on 2014-12-13 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.47.1044.18.7657.4755 [GMT 1:00] . AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\Bluetooth Suite\adminservice.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\OFFICE14\osa.exe C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe C:\Program Files\ASUS\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Windows\system32\Dwm.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\Explorer.EXE C:\Windows\SysWOW64\PnkBstrB.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Trend Micro\Titanium\TiMiniService.exe C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Program Files\Logitech Gaming Software\LCore.exe C:\Program Files\Common Files\Microsoft Shared\OFFICE14\osaui.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\AVAST Software\Avast\ng\ngservice.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\SysWOW64\ACEngSvr.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe C:\Windows\SysWOW64\DllHost.exe C:\Users\\AppData\Roaming\Curse Client\Bin\Curse.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\taskhost.exe C:\Windows\SysWOW64\ctfmon.exe C:\Windows\SysWOW64\ctfmon.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxps://no.search.yahoo.com/?fr=hp-avast&type=avastbcl uSearch Bar = hxxps://no.search.yahoo.com/?fr=hp-avast&type=avastbcl uSearch Page = hxxps://no.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} mStart Page = hxxps://no.search.yahoo.com/?fr=hp-avast&type=avastbcl mSearch Bar = hxxps://no.search.yahoo.com/?fr=hp-avast&type=avastbcl mSearch Page = hxxps://no.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} uProxyOverride = <-loopback> mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - uRun: [Spotify Web Helper] "C:\Users\\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" uRun: [ChicaPasswordManager] "C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned uRun: [Driver Whiz] C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe /applicationMode:systemTray /showWelcome:false uRun: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe -mini uRun: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [Spotify] "C:\Users\\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart uRun: [{79BF4901-1EC4-4726-B3C2-A7859706C6E7}] "C:\Users\\Downloads\LeagueofLegends_EUNE_Installer_04_21_14.exe" /cmdloc "HKCU\Software\Riot Games AiTemp\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" uRun: [MKLOL] "C:\Program Files (x86)\MKJogo\MKLOL\MK.exe" -auto uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe /autorun mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui StartupFolder: C:\Users\\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Curse.lnk - C:\Users\Gunnar\AppData\Roaming\Curse Client\Bin\Curse.exe StartupFolder: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip StartupFolder: C:\Users\\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FIFA09~1.LNK - C:\Program Files (x86)\EA Sports\FIFA 09\Support\EAregister.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: HideSCAHealth = dword:1 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: SoftwareSASGeneration = dword:1 IE: E&ksporter til Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd til OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab TCP: NameServer = 193.213.112.4 130.67.15.198 TCP: Interfaces\{62D036B4-5862-4A30-B195-D3793AFF1416} : DHCPNameServer = 193.213.112.4 130.67.15.198 TCP: Interfaces\{62D036B4-5862-4A30-B195-D3793AFF1416}\149627C496E6B6138356833683 : DHCPNameServer = 195.159.0.100 TCP: Interfaces\{62D036B4-5862-4A30-B195-D3793AFF1416}\4556C656E6F62743838363D69756 : DHCPNameServer = 193.213.112.4 130.67.15.198 10.0.0.138 TCP: Interfaces\{62D036B4-5862-4A30-B195-D3793AFF1416}\45F6664756 : DHCPNameServer = 83.242.31.18 83.242.31.19 TCP: Interfaces\{62D036B4-5862-4A30-B195-D3793AFF1416}\C696E6B6A797A7A7 : DHCPNameServer = 109.247.114.4 81.167.36.11 TCP: Interfaces\{E1530F25-6ECE-4668-9CFA-437312FB2CD2} : DHCPNameServer = 193.213.112.4 130.67.15.198 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - SSODL: WebCheck - SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp msoidssp mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mStart Page = www.google.com x64-mSearch Page = www.google.com x64-mDefault_Page_URL = www.google.com x64-mDefault_Search_URL = www.google.com x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF" x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none" x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized x64-Run: [OfficeSubscriptionAgent] "C:\Program Files\Common Files\Microsoft Shared\OFFICE14\osaui.exe" x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - x64-SSODL: WebCheck - x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\6ozv8o2h.default-1418491900935\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Users\\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll FF - plugin: C:\Users\\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-12-6 80512] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-12-6 42624] R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-12-13 65776] R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-12-13 267632] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2014-12-13 1050432] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-12-13 436624] R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536] R2 70e6ca8c;Optimizer Pro Crash Monitor;C:\Windows\System32\rundll32.exe [2009-7-14 45568] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-3-27 204288] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-2 361984] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416] R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-12-13 29208] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-12-13 83280] R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-12-13 116728] R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-13 138400] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-13 74912] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-13 50344] R2 msoidsvc;Microsoft Online Services Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2012-5-17 2079520] R2 osubsvc;Microsoft Office 2010 Subscription Agent;C:\Program Files\Common Files\Microsoft Shared\OFFICE14\osa.exe [2011-11-16 607048] R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2011-4-28 241488] R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-10-20 67664] R2 VBoxAswDrv;VBoxAsw Support Driver;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-12-13 271752] R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2012-3-27 17152] R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2012-3-27 96896] R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-3-27 46136] R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2012-3-27 214144] R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-13 36000] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-3-27 93712] R3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-12-13 4012248] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2012-2-13 240408] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-13 298656] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-13 28832] R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-13 201376] R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-13 55456] R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-13 154272] R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-13 280224] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-12-6 138024] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-24 22408] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-24 16008] R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-12-12 129752] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-27 452200] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-3-27 53376] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2012-2-13 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe --> C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [?] S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-10-20 267480] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-10-20 48488] S3 fsssvc;Windows Live Family Safety Service;"C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" --> C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [?] S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344] S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2012-10-2 66360] S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;C:\Windows\System32\drivers\LGSUsbFilt.sys [2012-10-2 43832] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-3-27 250984] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-18 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-27 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;"C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" --> C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [?] . =============== Created Last 30 ================ . 2014-12-13 12:16:16 -------- d-----w- C:\Users\\AppData\Roaming\AVAST Software 2014-12-13 12:16:14 -------- d-----w- C:\Windows\SysWow64\vbox 2014-12-13 12:16:14 -------- d-----w- C:\Windows\System32\vbox 2014-12-13 12:15:21 116728 ----a-w- C:\Windows\System32\drivers\aswStm.sys 2014-12-13 12:15:19 267632 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2014-12-13 12:15:15 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2014-12-13 12:15:11 83280 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2014-12-13 12:15:10 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2014-12-13 12:15:10 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2014-12-13 12:15:05 1050432 ----a-w- C:\Windows\System32\drivers\aswsnx.sys 2014-12-13 12:14:39 43152 ----a-w- C:\Windows\avastSS.scr 2014-12-13 12:06:55 -------- d-----w- C:\Program Files\AVAST Software 2014-12-13 12:05:41 -------- d-----w- C:\ProgramData\AVAST Software 2014-12-12 23:54:44 -------- d-----w- C:\ProgramData\601955868073209715 2014-12-12 18:03:35 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-12-12 18:02:20 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-12-12 18:02:20 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-12-12 18:02:20 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-12-12 18:02:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware . ==================== Find3M ==================== . 2014-11-21 15:40:09 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe . ============= FINISH: 18:36:44,44 ===============