Jump to content

JackPack

Members
 View Profile  See their activity

  • Posts

    10

  • Joined

  • Last visited

Reputation

0 Neutral
  1. JackPack
    I reinstalled windows and I think it fixed the problem. Thanks, I will get back to you if something goes haywire.
  2. JackPack
    Now I am getting pop up videos from blinkx.com. Some one help please...
  3. JackPack
    Bump, very frustrated, been surfing the internet for years and never had this kind of trouble. Thanks...
  4. JackPack
    Now I am getting Win 7 Anti-Spyware 2012 crap all over the screen. I know I did not install it so it must be another virus or what ever it is, it is not good.
  5. JackPack
    ComboFix 11-12-10.01 - Jack 12/10/2011 9:14.1.8 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6135.4347 [GMT -5:00] Running from: c:\users\Jack\Desktop\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\olkTjIawHsCT7B.exe c:\users\Jack\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk c:\users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix c:\users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix\System Fix.lnk c:\users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix\Uninstall System Fix.lnk c:\windows\SysWow64\processes.txt F:\install.exe . . ((((((((((((((((((((((((( Files Created from 2011-11-10 to 2011-12-10 ))))))))))))))))))))))))))))))) . . 2011-12-10 14:16 . 2011-12-10 14:16 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-12-10 01:21 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C2D4FEC5-E5C8-4CC3-8678-AF62E5AB1394}\mpengine.dll 2011-12-08 09:33 . 2011-12-08 09:33 -------- d-----w- C:\found.000 2011-12-05 23:36 . 2011-12-05 23:36 -------- d-----w- c:\users\Jack\AppData\Roaming\Unity 2011-12-05 23:02 . 2011-12-05 23:55 -------- d-----w- c:\users\Jack\AppData\Local\Unity 2011-12-03 05:40 . 2011-12-03 05:40 -------- d-----w- c:\users\Jack\AppData\Local\DDMSettings . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-06 00:40 . 2011-01-15 18:38 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2011-12-06 00:40 . 2011-01-15 18:38 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2011-12-05 14:11 . 2011-07-13 02:21 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2011-12-05 01:50 . 2011-01-15 18:38 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2011-11-09 02:57 . 2011-07-13 02:21 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2011-11-09 02:57 . 2011-07-13 02:21 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2011-11-09 02:57 . 2011-01-18 21:11 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\SysWow64\dpl100.dll 2011-10-02 22:13 . 2011-01-15 18:38 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2011-09-29 16:29 . 2011-11-09 02:56 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-09-29 04:03 . 2011-11-09 02:56 3144704 ----a-w- c:\windows\system32\win32k.sys 2011-09-22 22:41 . 2011-10-03 00:09 837952 ----a-w- c:\windows\system32\easyupdatusapiu64.dll 2011-09-22 22:41 . 2011-10-03 00:09 5067584 ----a-w- c:\windows\system32\nvsvc64.dll 2011-09-22 22:41 . 2011-10-03 00:09 222528 ----a-w- c:\windows\system32\nvmctray.dll 2011-09-22 22:41 . 2011-10-03 00:09 1640768 ----a-w- c:\windows\system32\nvvsvc.exe 2011-09-22 22:41 . 2011-10-03 00:09 137536 ----a-w- c:\windows\system32\nvshext.dll 2011-09-22 22:41 . 2011-10-03 00:09 10406208 ----a-w- c:\windows\system32\nvcpl.dll 2011-09-22 22:41 . 2011-10-03 00:07 8930624 ----a-w- c:\windows\system32\nvwgf2umx.dll 2011-09-22 22:41 . 2011-10-03 00:07 7580992 ----a-w- c:\windows\system32\nvcuda.dll 2011-09-22 22:41 . 2011-10-03 00:07 7183168 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2011-09-22 22:41 . 2011-10-03 00:07 68928 ----a-w- c:\windows\system32\OpenCL.dll 2011-09-22 22:41 . 2011-10-03 00:07 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll 2011-09-22 22:41 . 2011-10-03 00:07 5576000 ----a-w- c:\windows\SysWow64\nvcuda.dll 2011-09-22 22:41 . 2011-10-03 00:07 2808640 ----a-w- c:\windows\system32\nvapi64.dll 2011-09-22 22:41 . 2011-10-03 00:07 2542912 ----a-w- c:\windows\system32\nvcuvid.dll 2011-09-22 22:41 . 2011-10-03 00:07 24796480 ----a-w- c:\windows\system32\nvcompiler.dll 2011-09-22 22:41 . 2011-10-03 00:07 24743232 ----a-w- c:\windows\system32\nvoglv64.dll 2011-09-22 22:41 . 2011-10-03 00:07 2458432 ----a-w- c:\windows\SysWow64\nvapi.dll 2011-09-22 22:41 . 2011-10-03 00:07 2401088 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2011-09-22 22:41 . 2011-10-03 00:07 2232128 ----a-w- c:\windows\system32\nvcuvenc.dll 2011-09-22 22:41 . 2011-10-03 00:07 2099520 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2011-09-22 22:41 . 2011-10-03 00:07 18870592 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2011-09-22 22:41 . 2011-10-03 00:07 17248576 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2011-09-22 22:41 . 2011-10-03 00:07 15688512 ----a-w- c:\windows\system32\nvd3dumx.dll 2011-09-22 22:41 . 2011-10-03 00:07 1533248 ----a-w- c:\windows\system32\nvdispco64.dll 2011-09-22 22:41 . 2011-10-03 00:07 1454400 ----a-w- c:\windows\system32\nvgenco64.dll 2011-09-22 22:41 . 2011-10-03 00:07 13200704 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2011-09-22 22:41 . 2011-10-03 00:07 12961088 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2011-09-22 16:29 . 2011-09-22 16:29 321856 ----a-w- c:\windows\SysWow64\nvStreaming.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "avgnt"="f:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLUA"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer5"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-09-22 2253120] R3 dump_wmimmc;dump_wmimmc;f:\program files (x86)\steam\steamapps\common\ava\Binaries\GameGuard\dump_wmimmc.sys [x] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x] R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x] R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;f:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360] S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-09-22 381248] S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x] S3 RTCore64;RTCore64;f:\program files (x86)\EVGA Precision\RTCore64.sys [2011-08-31 14440] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Jack\AppData\Local\Temp\tmpA642.tmp [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WINRING0_1_2_0 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-06-17 16:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816] "Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616] "Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320] "EvtMgr6"="f:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - f:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\i0k6nc0j.default\ FF - user.js: network.protocol-handler.warn-external.dnupdate - false . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRing0_1_2_0] "ImagePath"="\??\c:\users\Jack\AppData\Local\Temp\tmpA642.tmp" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-4152632202-4090834572-3126930149-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:a2,f2,f9,fc,e5,cf,da,6b,92,20,08,95,d7,aa,b5,e6,be,53,67,65,70,cb,7c, c9,35,7c,bb,8e,d1,c9,46,06,26,b5,2a,8b,7d,6d,b4,77,ad,0d,a4,98,31,c1,9d,72,\ "??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f . [HKEY_USERS\S-1-5-21-4152632202-4090834572-3126930149-1001\Software\SecuROM\License information*] "datasecu"=hex:c3,ba,ae,5c,b2,2f,5c,ac,e7,92,ef,71,2a,99,3e,2e,25,97,57,8c,65, 14,6a,31,b1,11,bb,da,05,b8,3d,f4,dc,3f,6a,2d,60,d1,bd,1f,6a,4d,8a,43,e4,ad,\ "rkeysecu"=hex:18,10,ae,f4,b7,de,87,df,d3,2e,e3,25,2f,cf,27,29 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . f:\program files (x86)\Avira\AntiVir Desktop\avguard.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\windows\SysWOW64\PnkBstrA.exe f:\program files (x86)\EVGA Precision\EVGAPrecision.exe . ************************************************************************** . Completion time: 2011-12-10 09:19:04 - machine was rebooted ComboFix-quarantined-files.txt 2011-12-10 14:19 . Pre-Run: 86,980,153,344 bytes free Post-Run: 87,226,933,248 bytes free . - - End Of File - - B27403483773D1130FDC800036D08E9C
  6. JackPack
    AhnLab-V3 2011.12.09.00 2011.12.09 - AntiVir 7.11.19.52 2011.12.09 - Antiy-AVL 2.0.3.7 2011.12.09 - Avast 6.0.1289.0 2011.12.09 - AVG 10.0.0.1190 2011.12.09 - BitDefender 7.2 2011.12.09 - ByteHero 1.0.0.1 2011.12.07 - CAT-QuickHeal 12.00 2011.12.09 - ClamAV 0.97.3.0 2011.12.09 - Commtouch 5.3.2.6 2011.12.09 - Comodo 10899 2011.12.09 - DrWeb 5.0.2.03300 2011.12.09 Trojan.Fakealert.27220 Emsisoft 5.1.0.11 2011.12.09 - eSafe 7.0.17.0 2011.12.08 - eTrust-Vet 37.0.9615 2011.12.09 - F-Prot 4.6.5.141 2011.11.29 - F-Secure 9.0.16440.0 2011.12.09 - Fortinet 4.3.388.0 2011.12.09 - GData 22 2011.12.09 - Ikarus T3.1.1.109.0 2011.12.09 Trojan.Win32.FakeSysdef Jiangmin 13.0.900 2011.12.09 - K7AntiVirus 9.119.5640 2011.12.09 - Kaspersky 9.0.0.837 2011.12.09 - McAfee 5.400.0.1158 2011.12.09 Generic FakeAlert.bz McAfee-GW-Edition 2010.1E 2011.12.09 Generic FakeAlert.bz Microsoft 1.7903 2011.12.09 - NOD32 6691 2011.12.07 - Norman 6.07.13 2011.12.09 - nProtect 2011-12-09.01 2011.12.09 - Panda 10.0.3.5 2011.12.09 Trj/CI.A PCTools 8.0.0.5 2011.12.09 - Prevx 3.0 2011.12.09 - Rising 23.87.03.02 2011.12.08 - Sophos 4.72.0 2011.12.09 Mal/Generic-L SUPERAntiSpyware 4.40.0.1006 2011.12.09 - Symantec 20111.2.0.82 2011.12.09 - TheHacker 6.7.0.1.353 2011.12.07 - TrendMicro 9.500.0.1008 2011.12.09 - TrendMicro-HouseCall 9.500.0.1008 2011.12.09 - VBA32 3.12.16.4 2011.12.09 - VIPRE 11224 2011.12.09 Trojan.Win32.Fakeav.paa (v) ViRobot 2011.12.9.4817 2011.12.09 - VirusBuster 14.1.107.0 2011.12.09 -
  7. JackPack
    Seems to have cleared it up for now, here is the attached and dds txt. dds . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24 Run by Jack at 20:21:43 on 2011-12-09 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6135.4411 [GMT -5:00] . AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\WUDFHost.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe F:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe F:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE F:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\conhost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE F:\Program Files (x86)\EVGA Precision\EVGAPrecision.exe F:\Users\Jack\Downloads\OpenHardwareMonitor\OpenHardwareMonitor.exe C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe F:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe F:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE F:\Program Files\Logitech\SetPointG\SetPointII.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\DllHost.exe F:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\wuauclt.exe C:\Windows\explorer.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - F:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [avgnt] "F:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) IE: E&xport to Microsoft Excel - F:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - F:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - F:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{159414C6-63CC-4B8E-9A95-821CC025866D} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{2684832D-BEFE-436A-8EC2-7EA6E468AA9C} : DhcpNameServer = 192.168.0.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun-x64: [avgnt] "F:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\i0k6nc0j.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Windows\system32\TVUAx\npTVUAx.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - plugin: F:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: F:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: F:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: F:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll FF - plugin: F:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false ============= SERVICES / DRIVERS =============== . R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;F:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-4-8 136360] R2 AntiVirService;Avira AntiVir Guard;F:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-4-8 269480] R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?] R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-2 2253120] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-9-22 381248] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?] R3 RTCore64;RTCore64;F:\Program Files (x86)\EVGA Precision\RTCore64.sys [2011-8-31 14440] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBMULCD;USB Multi-Channel Audio Device Interface;C:\Windows\system32\drivers\CM10664.sys --> C:\Windows\system32\drivers\CM10664.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2011-12-10 01:21:46 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C2D4FEC5-E5C8-4CC3-8678-AF62E5AB1394}\offreg.dll 2011-12-10 01:21:45 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C2D4FEC5-E5C8-4CC3-8678-AF62E5AB1394}\mpengine.dll 2011-12-10 01:20:03 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{507F7F9C-F71A-4941-B4A6-E70C0EB90607}\offreg.dll 2011-12-09 02:33:56 349832 ----a-w- C:\ProgramData\olkTjIawHsCT7B.exe 2011-12-08 09:33:26 -------- d-sh--w- C:\found.000 2011-12-06 11:02:54 8822856 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{507F7F9C-F71A-4941-B4A6-E70C0EB90607}\mpengine.dll 2011-12-05 23:36:04 -------- d-----w- C:\Users\Jack\AppData\Roaming\Unity 2011-12-05 23:02:06 -------- d-----w- C:\Users\Jack\AppData\Local\Unity 2011-12-03 05:40:10 -------- d-----w- C:\Users\Jack\AppData\Local\DDMSettings . ==================== Find3M ==================== . 2011-12-06 00:40:50 271200 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2011-12-06 00:40:50 271200 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2011-12-05 01:50:20 271200 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2011-10-20 23:26:22 94208 ----a-w- C:\Windows\SysWow64\dpl100.dll 2011-10-02 22:13:45 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2011-09-29 04:03:32 3144704 ----a-w- C:\Windows\System32\win32k.sys 2011-09-22 16:29:58 321856 ----a-w- C:\Windows\SysWow64\nvStreaming.exe . ============= FINISH: 20:21:57.18 =============== attached . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 1/6/2011 12:58:12 AM System Uptime: 12/9/2011 8:17:43 PM (0 hours ago) . Motherboard: EVGA | | 132-BL-E758 Processor: Intel® Core i7 CPU 920 @ 2.67GHz | Socket 423 | 2653/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 112 GiB total, 81.381 GiB free. D: is FIXED (NTFS) - 0 GiB total, 0.07 GiB free. E: is CDROM () F: is FIXED (NTFS) - 699 GiB total, 322.243 GiB free. G: is CDROM () I: is Removable J: is Removable K: is Removable L: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318} Description: Standard PS/2 Keyboard Device ID: ACPI\PNP0303\4&136CDFB0&0 Manufacturer: (Standard keyboards) Name: Standard PS/2 Keyboard PNP Device ID: ACPI\PNP0303\4&136CDFB0&0 Service: i8042prt . ==== System Restore Points =================== . RP187: 11/12/2011 4:26:05 AM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) µTorrent Adobe AIR Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 10 Plugin Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Reader X (10.1.1) Adobe Stock Photos 1.0 Alien Swarm Alliance of Valiant Arms Apple Application Support Apple Software Update Avira AntiVir Personal - Free Antivirus AviSynth 2.5 Battlefield: Bad Company™ 2 BioShock BioShock 2 Borderlands Brink Bully: Scholarship Edition Call of Duty Black Ops - Mod Tools (BETA) Call of Duty® - World at War Call of Duty® - World at War 1.2 Patch Call of Duty® - World at War 1.4 Patch Call of Duty® - World at War 1.5 Patch Call of Duty® - World at War 1.6 Patch Call of Duty® - World at War 1.7 Patch Call of Duty® 2 Call of Duty® 2 Patch 1.3 Call of Duty® 4 - Modern Warfare Call of Duty® 4 - Modern Warfare 1.6 Patch Call of Duty® 4 - Modern Warfare 1.7 Patch Call of Duty: Modern Warfare 2 Call of Duty: Modern Warfare 2 - Multiplayer Call of Duty: Modern Warfare 3 Call of Duty: Modern Warfare 3 - Dedicated Server Call of Duty: Modern Warfare 3 - Multiplayer Coupon Printer for Windows Cryostasis Crysis® CueClub DiRT DivX Setup DJ_SF_06_D1600_SW_Min Dual-Core Optimizer DVD-CLONER V4.20 Build 917 eReg EVGA Precision 2.0.4 F.E.A.R. F.E.A.R. 2: Project Origin F.E.A.R.: Extraction Point F.E.A.R.: Perseus Mandate FileZilla Client 3.5.2 GTA San Andreas Half-Life 2 Half-Life 2: Episode One Half-Life 2: Episode Two Half-Life 2: Lost Coast HLSW v1.4.0.2 Java Auto Updater Java 6 Update 24 K-Lite Codec Pack 7.1.0 (Full) Killing Floor Killing Floor Mod: Defence Alliance 2 Learning Made Easy 2.2 Left 4 Dead Left 4 Dead 2 LightScribe System Software magicJack Malwarebytes' Anti-Malware version 1.51.2.1300 Max Payne Max Payne 2: The Fall of Max Payne Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 8.0 (x86 en-US) NVIDIA PhysX NVIDIA Stereoscopic 3D Driver Portal Post Apocalyptic Mayhem PSP Video 9 6 QuickTime RAD Video Tools Raptr SeaTools for Windows Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2553074) Security Update for 2007 Microsoft Office System (KB2553089) Security Update for 2007 Microsoft Office System (KB2553090) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB2553073) Security Update for Microsoft Office Groove 2007 (KB2552997) Security Update for Microsoft Office InfoPath 2007 (KB2510061) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2535818) Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) Security Update for Microsoft Office Publisher 2007 (KB2284697) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Shattered Horizon SpeedFan (remove only) Steam Team Fortress 2 TeamSpeak 2 RC2 Toolbox TurboIRC 7 Uninstall Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2583910) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Outlook 2007 Junk Email Filter (KB2596560) VC80CRTRedist - 8.0.50727.6195 Windows Media Player Firefox Plugin Wolfenstein - Enemy Territory Xfire (remove only) . ==== Event Viewer Messages From Past Week ======== . 12/9/2011 8:17:50 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 7 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 12/9/2011 8:17:50 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 6 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 12/9/2011 8:17:50 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 5 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 12/9/2011 8:17:50 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 4 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 12/9/2011 8:17:50 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 3 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 12/9/2011 8:17:50 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 2 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 12/9/2011 8:17:50 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 12/9/2011 8:17:50 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware. 12/9/2011 8:16:44 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 12/9/2011 5:09:38 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 12/9/2011 5:09:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 12/9/2011 5:09:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 12/9/2011 5:09:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 12/9/2011 5:09:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 12/9/2011 5:09:21 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avipbb discache spldr Wanarpv6 12/9/2011 4:25:05 PM, Error: Microsoft-Windows-WMPNSS-Service [14346] - A new media server was not initialized because RegisterRunningDevice() encountered error '0x80070005'. Restart your computer, and then restart the WMPNetworkSvc service. 12/9/2011 4:24:34 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 12/9/2011 4:24:23 PM, Error: Service Control Manager [7034] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 3 time(s). 12/9/2011 4:23:51 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 12/9/2011 4:23:40 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 12/9/2011 4:23:26 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 12/9/2011 4:22:43 PM, Error: Service Control Manager [7034] - The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s). 12/9/2011 3:17:08 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: Access is denied. 12/9/2011 3:17:08 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: Access is denied. 12/9/2011 3:17:08 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80070005. 12/8/2011 9:42:44 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 12/8/2011 9:42:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 12/8/2011 9:42:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 12/8/2011 9:42:28 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avipbb CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf 12/8/2011 9:42:28 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 12/8/2011 9:42:28 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 12/8/2011 9:42:28 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 12/8/2011 9:42:28 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 12/8/2011 9:42:28 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 12/8/2011 9:42:28 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 12/8/2011 9:42:28 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 12/8/2011 9:42:28 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 12/8/2011 9:42:28 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 12/8/2011 9:42:28 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 12/8/2011 8:35:33 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 12/8/2011 8:35:03 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 12/8/2011 8:35:03 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 12/6/2011 6:45:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 12/4/2011 1:43:26 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR4. 12/4/2011 1:43:24 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. 12/4/2011 1:40:01 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5. 12/4/2011 1:38:54 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3. . ==== End Of File ===========================
  8. JackPack
    Right now, I am in the middle of running a full scan with malwarebytes in safe mode with networking (as administrator). I already ran rkill, unhide (as administrator), and tdsskiller(as administrator) no results from tdsskiller. I am going to wait on results before trying combofix. I will get back to you in about 2 hours when malwarebytes is done, Thanks... It found 2 before I stopped it because I forgot to run as administrator. Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8344 Windows 6.1.7601 Service Pack 1 (Safe Mode) Internet Explorer 9.0.8112.16421 12/9/2011 5:38:09 PM mbam-log-2011-12-09 (17-37-49).txt Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|I:\|J:\|K:\|L:\|) Objects scanned: 225827 Time elapsed: 24 minute(s), 38 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FNFPDoJienHIJQ.exe (Rogue.FakeHDD) -> Value: FNFPDoJienHIJQ.exe -> No action taken. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\programdata\fnfpdojienhijq.exe (Rogue.FakeHDD) -> No action taken.
  9. JackPack
    Seems as though I have gotten it again. I used rkill after several full scans by malwarebytes also in safe mode. It said it was gone, well I used the unhide.exe and all seemed fine. I was surfing the internet and bam, it came back last night. Here is the rkill log from today. This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Rkill was run on 12/08/2011 at 20:37:31. Operating System: Windows 7 Ultimate Processes terminated by Rkill or while it was running: Rkill completed on 12/08/2011 at 20:37:35. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Rkill was run on 12/09/2011 at 4:52:37. Operating System: Windows 7 Ultimate Processes terminated by Rkill or while it was running: C:\ProgramData\FNFPDoJienHIJQ.exe C:\ProgramData\olkTjIawHsCT7B.exe Rkill completed on 12/09/2011 at 4:52:41. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Rkill was run on 12/09/2011 at 5:26:00. Operating System: Windows 7 Ultimate Processes terminated by Rkill or while it was running: C:\ProgramData\FNFPDoJienHIJQ.exe C:\ProgramData\olkTjIawHsCT7B.exe C:\Windows\SysWOW64\grpconv.exe Rkill completed on 12/09/2011 at 5:26:04. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Rkill was run on 12/09/2011 at 15:18:02. Operating System: Windows 7 Ultimate Processes terminated by Rkill or while it was running: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\ProgramData\FNFPDoJienHIJQ.exe C:\ProgramData\olkTjIawHsCT7B.exe Rkill completed on 12/09/2011 at 15:18:06. malwarebytes log from last night. Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8336 Windows 6.1.7601 Service Pack 1 (Safe Mode) Internet Explorer 9.0.8112.16421 12/9/2011 4:38:55 AM mbam-log-2011-12-09 (04-38-55).txt Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|I:\|J:\|K:\|L:\|) Objects scanned: 746435 Time elapsed: 1 hour(s), 55 minute(s), 24 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 3 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: c:\Users\Jack\AppData\Local\Temp\3A72.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Jack\AppData\Local\Temp\googleupdate.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. Now I run a lot of programs from the f drive since my c drive is 2 ssd's in raid 0 for gaming. Not sure if that is why it is not getting it? It is still there today, and thanks for any help...
  10. JackPack
    Hiding my programs, can not update malwarebytes, can't keep a screen saver, won't let me chose a desktop wall paper, blah blah blah. Nasty one called Windows Recovery Virus I believe. Will some one please help, been taking over my computer? Thanks... . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24 Run by Jack at 16:13:11 on 2011-12-07 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6135.4395 [GMT -5:00] . AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\WUDFHost.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe F:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe F:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE F:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\conhost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE F:\Program Files (x86)\EVGA Precision\EVGAPrecision.exe F:\Users\Jack\Downloads\OpenHardwareMonitor\OpenHardwareMonitor.exe C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Windows\system32\SearchIndexer.exe F:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe F:\Program Files\Logitech\SetPointG\SetPointII.exe F:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe F:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k secsvcs F:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\explorer.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - F:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll uRun: [cdloader] "C:\Users\Jack\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe mRun: [GrooveMonitor] "F:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [avgnt] "F:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) IE: E&xport to Microsoft Excel - F:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - F:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - F:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{159414C6-63CC-4B8E-9A95-821CC025866D} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{2684832D-BEFE-436A-8EC2-7EA6E468AA9C} : DhcpNameServer = 192.168.0.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe mRun-x64: [GrooveMonitor] "F:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun-x64: [avgnt] "F:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\i0k6nc0j.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Windows\system32\TVUAx\npTVUAx.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - plugin: F:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: F:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: F:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: F:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll FF - plugin: F:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll FF - plugin: F:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false ============= SERVICES / DRIVERS =============== . R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;F:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-4-8 136360] R2 AntiVirService;Avira AntiVir Guard;F:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-4-8 269480] R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?] R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-2 2253120] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-9-22 381248] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?] R3 RTCore64;RTCore64;F:\Program Files (x86)\EVGA Precision\RTCore64.sys [2011-8-31 14440] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBMULCD;USB Multi-Channel Audio Device Interface;C:\Windows\system32\drivers\CM10664.sys --> C:\Windows\system32\drivers\CM10664.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2011-12-07 21:08:20 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{507F7F9C-F71A-4941-B4A6-E70C0EB90607}\offreg.dll 2011-12-06 23:32:11 351880 ---ha-w- C:\ProgramData\zyuFqFdu13aDif.exe 2011-12-06 23:29:47 444552 ---ha-w- C:\ProgramData\uRshEirOfhWeeq.exe 2011-12-06 11:02:54 8822856 ---ha-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{507F7F9C-F71A-4941-B4A6-E70C0EB90607}\mpengine.dll 2011-12-05 23:36:04 -------- d--h--w- C:\Users\Jack\AppData\Roaming\Unity 2011-12-05 23:02:06 -------- d--h--w- C:\Users\Jack\AppData\Local\Unity 2011-12-03 05:40:10 -------- d--h--w- C:\Users\Jack\AppData\Local\DDMSettings 2011-11-09 02:56:24 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll 2011-11-09 02:56:24 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll 2011-11-09 02:56:23 3144704 ----a-w- C:\Windows\System32\win32k.sys 2011-11-09 02:56:23 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ==================== Find3M ==================== . 2011-12-06 00:40:50 271200 ---ha-w- C:\Windows\SysWow64\PnkBstrB.xtr 2011-12-06 00:40:50 271200 ---ha-w- C:\Windows\SysWow64\PnkBstrB.exe 2011-12-05 01:50:20 271200 ---ha-w- C:\Windows\SysWow64\PnkBstrB.ex0 2011-10-20 23:26:22 94208 ---ha-w- C:\Windows\SysWow64\dpl100.dll 2011-10-02 22:13:45 75136 ---ha-w- C:\Windows\SysWow64\PnkBstrA.exe 2011-09-22 16:29:58 321856 ---ha-w- C:\Windows\SysWow64\nvStreaming.exe 2011-09-10 03:01:42 59392 ---ha-w- C:\Windows\SysWow64\speexw.acm . ============= FINISH: 16:13:24.74 =============== Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.