BleepingComputer.com: ron ads by

i have run mbam spy bot and super multiple times.
just updated them all and are running them again but i don't see success in the near feature with these programs.
im at a loss as to what to do next this thing keeps getting more an more annoying


Thank you for the time you spend aiding me on this problem



.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24
Run by Desktop at 18:50:02 on 2011-05-20
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3839.1153 [GMT -7:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\UltraMon\UltraMonTaskbar.exe
C:\Windows\SysWOW64\CtHelper.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\regsvr32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Windows\system32\msiexec.exe
C:\Users\Desktop\Downloads\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Users\Desktop\Downloads\dds.scr
C:\Windows\SysWOW64\WSCRIPT.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: brincome browser plug-in: {351aa9cc-76d4-21cd-ad26-65b46f1463f5} - C:\Windows\SysWow64\xixrwvzgedyw.dll
BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Desktop\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
BHO: Foxit PDF Creator Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Foxit PDF Creator Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [AdobeBridge]
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [heetmoxygo] C:\Windows\System32\regsvr32.exe /s "C:\Windows\SysWow64\xixrwvzgedyw.dll"
dRun: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\UltraMon.lnk - C:\Windows\Installer\{537056B7-32A4-4408-9B54-0341963C7C9C}\IcoUltraMon.ico
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Download All By FlashGet3 - C:\Users\Desktop\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download By FlashGet3 - C:\Users\Desktop\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: kuaiche.com\software
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {AE5F8DCA-62AC-4FA0-A6C5-86D9D1117124} = 192.168.1.1
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
Hosts: 192.1689.1.2 localhost
Hosts: 173.58.245.48 localhost
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6p0c0hg0.default\
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll
FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll
FF - plugin: C:\Users\Desktop\AppData\Roaming\Mozilla\Firefox\Profiles\6p0c0hg0.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-5-4 128384]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-19 365568]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-3-27 136360]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-3-27 269480]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 UltraMonUtility;UltraMon Utility Driver;C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-14 20512]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 androidusb;ADB Interface Driver;C:\Windows\system32\Drivers\androidusb.sys --> C:\Windows\system32\Drivers\androidusb.sys [?]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-4-24 130976]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 UsbGps;LGE CDMA USB GPS NMEA Port;C:\Windows\system32\DRIVERS\lgx64gps.sys --> C:\Windows\system32\DRIVERS\lgx64gps.sys [?]
.
=============== Created Last 30 ================
.
2011-05-20 20:50:53 -------- d-----w- C:\Users\Desktop\.thumbnails
2011-05-20 20:48:26 -------- d-----w- C:\Users\Desktop\.gimp-2.6
2011-05-20 20:48:03 -------- d-----w- C:\Program Files (x86)\GIMP-2.0
2011-05-20 15:57:35 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3572C16F-E76B-4D38-BD70-41CA0702289D}\mpengine.dll
2011-05-17 01:30:58 98816 ----a-w- C:\Windows\sed.exe
2011-05-17 01:30:58 89088 ----a-w- C:\Windows\MBR.exe
2011-05-17 01:30:58 256512 ----a-w- C:\Windows\PEV.exe
2011-05-17 01:30:58 161792 ----a-w- C:\Windows\SWREG.exe
2011-05-17 01:30:55 -------- d-s---w- C:\ComboFix
2011-05-17 00:21:18 -------- d-----w- C:\Users\Desktop\AppData\Roaming\SUPERAntiSpyware.com
2011-05-17 00:21:18 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-05-17 00:21:14 -------- d-----w- C:\ProgramData\!SASCORE
2011-05-17 00:21:12 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-05-17 00:03:02 -------- d-----w- C:\Windows\pss
2011-05-17 00:00:00 -------- d-----w- C:\Program Files\CCleaner
2011-05-16 23:55:25 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-16 08:27:14 718336 ----a-w- C:\Windows\SysWow64\xixrwvzgedyw.dll
2011-05-14 10:36:27 439391 ----a-w- C:\Program Files (x86)\Drivers_pack_v4.55.63_fix.exe
2011-05-14 06:48:11 -------- d-----w- C:\Users\Desktop\AppData\Roaming\Avira
2011-05-14 06:12:32 50305 ----a-w- C:\Windows\SysWow64\udciaoivcpduny.exe
2011-05-14 06:12:30 419712 ----a-w- C:\Program Files (x86)\Drivers_pack_v3.25.63.exe
2011-05-14 06:10:49 93761 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Web Components\messenger.exe
2011-05-14 02:36:49 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-05-14 02:36:49 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-14 02:28:48 -------- d-----w- C:\Users\Desktop\AppData\Roaming\Malwarebytes
2011-05-14 02:28:44 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-14 02:28:43 -------- d-----w- C:\ProgramData\Malwarebytes
2011-05-14 02:28:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-05-14 02:28:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-05-13 07:44:38 -------- d-----w- C:\Program Files (x86)\AMD APP
2011-05-12 05:41:51 -------- d-----w- C:\Users\Desktop\chliu.dvdcss
2011-05-12 05:41:29 -------- d-----w- C:\Users\Desktop\AppData\Roaming\Moyea
2011-05-12 05:41:29 -------- d-----w- C:\Users\Desktop\AppData\Roaming\Leawo
2011-05-12 05:41:08 606208 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2011-05-12 05:41:04 -------- d-----w- C:\Program Files (x86)\Leawo
2011-05-12 05:03:16 -------- d-----w- C:\Program Files (x86)\YouTube Downloader
2011-05-12 05:00:25 -------- d-----w- C:\Users\Desktop\AppData\Roaming\Xilisoft
2011-05-12 04:59:58 -------- d-----w- C:\ProgramData\Xilisoft
2011-05-12 04:59:58 -------- d-----w- C:\Program Files (x86)\Xilisoft
2011-05-12 04:53:25 -------- d-----w- C:\Program Files (x86)\AVI to 3GP
2011-05-12 04:50:33 -------- d-----w- C:\Users\Desktop\AppData\Roaming\Regensoft
2011-05-10 23:25:50 5562240 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-10 23:25:49 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-10 23:25:49 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-10 23:25:47 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-05-10 23:25:47 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-05-10 23:25:47 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-05-10 23:25:47 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-05-10 23:25:47 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-05-10 23:25:47 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-05-07 22:20:03 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2011-05-07 22:20:03 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2011-05-07 22:20:03 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2011-05-07 22:19:26 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-05-07 22:19:26 -------- d-----w- C:\Program Files\iPod
2011-05-07 22:19:26 -------- d-----w- C:\Program Files (x86)\iTunes
2011-05-07 22:19:25 -------- d-----w- C:\Program Files\iTunes
2011-05-04 15:55:04 93761 ----a-w- C:\messenger.exe
2011-05-03 08:09:54 -------- d-----w- C:\Users\Desktop\AppData\Roaming\WindSolutions
2011-05-03 08:09:54 -------- d-----w- C:\ProgramData\WindSolutions
2011-05-03 07:16:36 -------- d-----w- C:\Downloads
2011-05-03 07:16:22 -------- d-----w- C:\Users\Desktop\AppData\Roaming\FlashGet
2011-05-03 07:16:22 -------- d-----w- C:\Users\Desktop\AppData\Roaming\BITS
2011-05-03 07:16:19 -------- d-----w- C:\Users\Desktop\AppData\Roaming\FlashGetBHO
2011-05-03 07:16:17 -------- d-----w- C:\Program Files (x86)\FlashGet Network
2011-05-03 07:06:35 -------- d-----w- C:\Users\Desktop\AppData\Roaming\Red Kawa
2011-05-01 06:56:48 892928 ----a-w- C:\Windows\SysWow64\iconv.dll
2011-05-01 06:56:48 675840 ----a-w- C:\Windows\SysWow64\ac3filter.ax
2011-05-01 06:56:48 139264 ----a-w- C:\Windows\SysWow64\xvid.ax
2011-05-01 06:56:46 -------- d-----w- C:\Program Files (x86)\Aimersoft
2011-05-01 06:46:32 -------- d-----w- C:\Program Files (x86)\E-Zsoft
2011-05-01 06:39:26 -------- d-----w- C:\Users\Desktop\AppData\Local\Geckofx
2011-05-01 06:39:13 -------- d-----w- C:\Program Files (x86)\Regensoft
2011-05-01 06:39:11 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
2011-05-01 06:39:08 -------- d-----w- C:\Program Files (x86)\Red Kawa
2011-05-01 06:34:11 -------- d-----w- C:\Users\Desktop\AppData\Roaming\MoveFab
2011-05-01 04:26:44 -------- d-----w- C:\Program Files (x86)\TeamViewer
2011-04-29 21:59:57 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-04-29 21:59:54 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-04-29 21:53:12 -------- d-----w- C:\Program Files (x86)\EA Games
2011-04-26 08:16:53 -------- d-----w- C:\PXE
2011-04-26 07:29:09 -------- d-----w- C:\Program Files (x86)\Tftpd32
2011-04-26 05:21:27 -------- d-----w- C:\Program Files (x86)\LiveUSB Creator
2011-04-25 08:02:59 72200 ----a-w- C:\Windows\System32\XAPOFX1_1.dll
2011-04-25 08:01:28 -------- d--h--w- C:\Windows\msdownld.tmp
2011-04-25 08:01:22 -------- d-----w- C:\Windows\SysWow64\directx
2011-04-25 07:32:17 -------- d-----w- C:\Program Files (x86)\MadOnion.com
2011-04-25 07:29:57 306688 ----a-w- C:\Windows\IsUninst.exe
2011-04-25 06:47:55 -------- d-----w- C:\ProgramData\Futuremark
2011-04-25 06:44:12 -------- d-----w- C:\Program Files (x86)\Futuremark
2011-04-25 06:44:08 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-04-25 06:44:04 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-04-25 06:13:54 -------- d-----w- C:\Users\Desktop\AppData\Local\IsolatedStorage
2011-04-25 06:13:53 -------- d-----w- C:\Users\Desktop\AppData\Local\Futuremark_Corporation
2011-04-25 03:15:26 21992 ----a-w- C:\Windows\System32\drivers\cpuz135_x64.sys
2011-04-25 03:15:26 -------- d-----w- C:\Program Files\CPUID
2011-04-22 10:57:10 -------- d-----w- C:\Users\Desktop\.android
2011-04-22 10:56:43 -------- d-----w- C:\Program Files (x86)\Android
2011-04-22 10:54:59 33792 ----a-w- C:\Windows\System32\drivers\lgx64modem.sys
2011-04-22 10:54:59 27136 ----a-w- C:\Windows\System32\drivers\lgx64gps.sys
2011-04-22 10:54:59 27136 ----a-w- C:\Windows\System32\drivers\lgx64diag.sys
2011-04-22 10:54:59 17920 ----a-w- C:\Windows\System32\drivers\lgx64bus.sys
2011-04-22 10:54:58 -------- d-----w- C:\Program Files (x86)\LG Electronics
2011-04-22 10:54:48 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-04-22 10:54:48 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2011-04-22 10:54:48 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-04-22 10:54:48 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-04-22 10:54:48 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-04-22 10:45:21 -------- d-----w- C:\Users\Desktop\AppData\Local\{64A3A4F2-B792-11D6-A78A-00B0D0150220}
2011-04-22 10:10:36 -------- d-----w- C:\Windows\WindowsMobile
2011-04-22 09:07:05 -------- d-----w- C:\ruu_log
2011-04-22 08:58:22 -------- d-----w- C:\Users\Desktop\AppData\Roaming\Dropbox
.
==================== Find3M ====================
.
2011-04-22 07:59:46 708168 ----a-w- C:\Windows\System32\WinUSBCoInstaller.dll
2011-04-22 07:59:46 1490656 ----a-w- C:\Windows\System32\WdfCoInstaller01007.dll
2011-04-20 05:10:34 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-04-20 05:10:32 59904 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-04-20 05:10:22 53760 ----a-w- C:\Windows\System32\OpenCL.dll
2011-04-20 05:10:18 51712 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2011-04-20 05:10:14 16116224 ----a-w- C:\Windows\System32\amdocl64.dll
2011-04-20 05:10:02 12385280 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-04-20 02:44:48 9319936 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-04-20 02:30:16 22900736 ----a-w- C:\Windows\System32\atio6axx.dll
2011-04-20 02:09:18 151552 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-04-20 02:09:04 676864 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-04-20 02:07:46 795648 ----a-w- C:\Windows\System32\aticfx64.dll
2011-04-20 02:07:02 17693184 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-04-20 02:05:08 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-04-20 02:04:54 480256 ----a-w- C:\Windows\System32\atieclxx.exe
2011-04-20 02:04:18 203776 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-04-20 02:03:04 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-04-20 02:02:48 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-04-20 02:02:42 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-04-20 02:02:30 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-04-20 02:02:24 16384 ----a-w- C:\Windows\System32\atimuixx.dll
2011-04-20 02:02:20 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-04-20 02:02:16 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-04-20 01:59:20 4161536 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-04-20 01:49:30 4951552 ----a-w- C:\Windows\System32\atidxx64.dll
2011-04-20 01:46:16 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-04-20 01:46:14 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-04-20 01:46:04 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-04-20 01:46:02 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-04-20 01:45:52 7768064 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-04-20 01:42:04 6389760 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-04-20 01:40:48 1222656 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-04-20 01:40:14 1923584 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-04-20 01:40:02 3868672 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-04-20 01:38:04 4286464 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-04-20 01:31:12 5440000 ----a-w- C:\Windows\System32\atiumd64.dll
2011-04-20 01:30:36 4056576 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-04-20 01:27:00 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-04-20 01:23:12 366080 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-04-20 01:23:06 262144 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-04-20 01:22:54 14848 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-04-20 01:22:52 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-04-20 01:22:52 12800 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-04-20 01:22:48 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-04-20 01:22:40 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-04-20 01:22:32 306176 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-04-20 01:21:44 40960 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-04-20 01:21:38 31232 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-04-20 01:21:32 38912 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-04-20 01:21:24 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-04-20 01:20:50 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-04-20 01:13:36 53760 ----a-w- C:\Windows\System32\atimpc64.dll
2011-04-20 01:13:36 53760 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-04-20 01:13:28 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-04-20 01:13:28 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-04-10 03:28:08 870683 ----a-w- C:\Windows\PlagiarismFinder 2.0 Uninstaller.exe
2011-04-06 23:26:58 96544 ----a-w- C:\Windows\System32\dnssd.dll
2011-04-06 23:26:58 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-04-06 23:26:58 237856 ----a-w- C:\Windows\System32\dnssdX.dll
2011-04-06 23:26:58 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2011-04-06 23:20:16 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-04-06 23:20:16 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-04-06 23:20:16 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-04-06 23:20:16 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-03-27 19:53:24 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-03-27 19:53:23 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-03-27 07:11:37 0 ----a-w- C:\Windows\ativpsrm.bin
2011-03-27 07:09:10 431104 ----a-w- C:\Windows\System32\wrap_oal.dll
2011-03-27 07:09:10 409600 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2011-03-27 07:09:10 136192 ----a-w- C:\Windows\System32\OpenAL32.dll
2011-03-27 07:09:10 114688 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2011-03-12 12:08:49 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-03-12 11:23:45 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-03-11 06:41:37 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-03-11 06:41:34 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-03-11 06:41:34 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-03-11 06:41:34 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-03-11 06:41:26 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-03-11 06:41:12 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-03-11 06:41:12 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-03-11 06:34:51 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 06:34:50 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:33:29 2565632 ----a-w- C:\Windows\System32\esent.dll
2011-03-11 06:30:28 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-03-11 05:33:59 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:33:59 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-11 05:33:09 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2011-03-11 05:31:07 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-03-08 06:29:32 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:28:29 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-07 06:31:44 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-03-07 05:33:13 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-03-07 04:24:34 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-03-07 03:52:25 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-03-04 21:37:12 83120 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2011-03-04 06:19:28 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19:27 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24:16 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-03-03 06:21:57 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
.
============= FINISH: 18:51:58.65 ===============

This post has been edited by hbd944: 20 May 2011 - 09:39 PM

Hello hbd944 ! Welcome to BleepingComputer Forums!

My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

• I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  
• The logs can take some time to research, so please be patient with me.
  
• Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  
• Instructions that I give are for your system only!
  
• Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  
• Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  
• Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

We need to run an OTL Custom Scan

• Please download OTL from the link below:
  • OTL.exe
  
  
• Save it to your desktop.
  
• Double click on the icon on your desktop.
  
• OTL should now start. Change the following settings:
  - Click on Scan All Users checkbox given at the top.
  - Under File Scans, change File age to 90
  - Under the Standard Registry box change it to All
  - Check the boxes beside LOP Check and Purity Check.
  
• Copy and Paste the following code into the textbox.
  

  netsvcs
  %SYSTEMDRIVE%\*.*
  %USERPROFILE%\*.*
  %USERPROFILE%\AppData\Local\*.*
  %USERPROFILE%\AppData\Roaming\*.*
  %ProgramData%\*.*
  %CommonProgramFiles%\*.*
  %PROGRAMFILES%\*.*
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /90
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
  /md5start
  hlp.dat
  winlogon.exe
  wininit.exe
  userinit.exe
  explorer.exe
  volsnap.sys
  /md5stop
  

  
  
• Push the button.
  
• Two reports will open, copy and paste them in a reply here:
  • OTL.txt <-- Will be opened
    
  • Extra.txt <-- Will be minimized

Please download aswMBR ( 511KB ) to your desktop.

• Double click the aswMBR.exe icon to run it
  
• Click the Scan button to start the scan
  
• On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Please include the following logs in your next reply:

• OTL.txt and Extra.txt
  
• aswMBR.txt

Regards,
Georgi

Hi hbd944,



It's been several days. Do you still need help on this?
This thread will be closed if you don't respond within 48 hours.



Regards,
Georgi

Due to the lack of feedback, this topic is now closed.
In the event you still have problems, please send a Private Message to any Moderator or the Malware Helper who replied to you here and ask them to reopen this topic within the next 5 days.