Jump to content

qazxxxx

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Ok unfortunately before i was able to do that my computer all of a sudden failed to boot. (blue screen of death on boot every time) So now I reinstalled windows and everything is okay. Lost some files but it's fine. Thank you very much for you help!
  2. Hello, Yesterday I found out that my computer has some malware, as IE download wasn't working and some random music started to play from svchost.exe process. I downloaded Malwarebytes and cleaned some garbage. Now computer seems to work just fine, it is not slow or anything, but IE download is still not working. No matter what file I download, IE would always say it is a virus and thus is removed, at the bottom of the screen. I also noticed my windows defender is not working, I cannot start it at all and I am wondering if it has anything to do with my problem. Maybe IE uses windows defender to check download files? I have no problem with the windows defender itself as I never use it anyways, but if anyone can help me get the download function back for my Internet Explorer that will be very nice On a side note, firefox downloads with no issue at all. The required log file is attached below. Thanks for any help. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.21.2 Run by Henry at 18:52:28 on 2013-05-21 Microsoft Windows 7 Home Premium 6.1.7601.1.936.86.1033.18.6058.3595 [GMT -4:00] . SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: 360°²È«ÎÀÊ¿ *Disabled/Updated* {1B9CA0DF-D058-CF02-4191-CE0E96A510E8} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files (x86)\360\360Safe\deepscan\ZhuDongFangYu.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\igfxtray.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\hkcmd.exe C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMECMNT.EXE C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\System32\MsSpellCheckingFacility.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\splwow64.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearch Bar = Preserve mWinlogon: Userinit = userinit.exe, BHO: {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - <orphaned> BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: ѸÀ×ÏÂÔØÖ§³Ö: {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO7.2.90.92.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: SafeMon Class: {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files (x86)\360\360Safe\safemon\safemon.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: ÏÔʾïýÂó(Xmlbar)¹¤¾ßÌõ: {6B896ADB-4A82-46e2-858C-13134782CE34} - C:\Program Files (x86)\Xmlbar\FLV Downloader\IEBar\xbietb.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [360Safetray] "C:\Program Files (x86)\360\360Safe\safemon\360Tray.exe" /start mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 uPolicies-Explorer: NoDriveTypeAutoRun = dword:221 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files (x86)\Xmlbar\FLV Downloader\FLVDownloader(xmlbar).exe IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll LSP: C:\Program Files\NetGameCar\ngcm4_2.dll LSP: C:\Windows\System32\xunyount.dll LSP: C:\Windows\System32\geiliLSP.dll Trusted Zone: rising.com.cn Trusted Zone: sdo.com DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E758BC30-C8C3-4379-B27B-B50E146460A9} - hxxp://update.tv.sina.com.cn/live/p2p/install_service_v4.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab TCP: NameServer = 64.71.255.204 64.71.255.198 TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE} : DHCPNameServer = 64.71.255.204 64.71.255.198 TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\14E697771697 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\25F6765627370303238323 : DHCPNameServer = 64.71.255.198 TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\25F676562737330313 : NameServer = 8.8.8.8,4.4.4.4 TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\25F676562737330313 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\25F6765627374313435393 : NameServer = 8.8.8.8,4.4.4.4 TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\25F6765627374313435393 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\5777D257E637563657275646 : DHCPNameServer = 129.97.2.1 129.97.129.10 129.97.2.2 TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\8616E6 : DHCPNameServer = 202.106.195.68 192.168.0.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: ѸÀ×ÏÂÔØÖ§³Ö: {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO647.2.3.3254.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: QQµçÄԹܼÒÍøÒ³·À»ðǽ: {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} - x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} - hxxps://www.tenpay.com/download/tenpaycert64.cab x64-DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} - hxxp://download.pplive.com/config/pplite/pluginsetup.cab x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\umxyc5mo.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.google.ca FF - prefs.js: network.proxy.http - 202.171.253.98 FF - prefs.js: network.proxy.http_port - 80 FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\360\360Safe\MobileMgr\np360MMPlugin.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Common Files\duowan\yy4.0\YYSSO\1.0.0.3\npChecker.dll FF - plugin: C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll FF - plugin: C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll FF - plugin: C:\Program Files (x86)\Internet Explorer\PPLite\plugin\1.0.0.54\npplugin2.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\npQzoneMusic.dll FF - plugin: C:\Program Files (x86)\Tencent\Qzone\npQQPhotoDrawEx.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Thunder Network\Thunder\data\npxunlei1.0.0.2.dll FF - plugin: C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\umxyc5mo.default\extensions\coba@mozilla.com.cn\plugins\npcoba32.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - plugin: C:\Windows\SysWOW64\npptools.dll . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-5-21 30496] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-6-28 55856] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2011-6-28 21616] R1 360AntiHacker;360Safe Anti Hacker Service;C:\Windows\System32\drivers\360AntiHacker64.sys [2012-4-1 62848] R1 360Box64;360Box mini-filter driver;C:\Windows\System32\drivers\360Box64.sys [2011-12-7 297336] R1 360Camera;360Safe Camera Filter Service;C:\Windows\System32\drivers\360Camera64.sys [2012-11-12 40688] R1 360FsFlt;360FsFlt mini-filter driver;C:\Windows\System32\drivers\360fsflt.sys [2011-7-6 211336] R1 360netmon;360netmon;C:\Windows\System32\drivers\360netmon.sys [2011-7-6 57984] R1 BAPIDRV;BAPIDRV;C:\Windows\System32\drivers\BAPIDRV64.SYS [2011-7-6 188808] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-12-9 283200] R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2013-5-21 284448] R2 360AntiARP;360AntiARP;C:\Windows\System32\drivers\360AntiARP.sys [2012-1-2 30808] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-6-28 98208] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-6-28 2656280] R2 ZhuDongFangYu;Ö÷¶¯·ÀÓù;C:\Program Files (x86)\360\360Safe\deepscan\ZhuDongFangYu.exe [2011-7-6 286568] R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2011-6-28 27760] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-6-28 175168] R3 debutfilter;Debut Filter Driver v6.10.01;C:\Windows\System32\drivers\debutfilterx64.sys [2013-2-6 32024] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-6-28 317440] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-6-28 82432] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-6-28 181760] R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2011-6-28 29288] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] S3 BaiduUpdater;Baidu Updater;C:\Program Files (x86)\baidu\BaiduUpdate\bdupdate.exe [2012-11-10 552568] S3 BAPIDRV64;BAPIDRV64;C:\Program Files (x86)\360\360Safe\firstaid\Fix\BAPIDRV64.sys [2013-5-21 188808] S3 HPLoader;HPLoader;C:\Windows\System32\drivers\HPLoader.sys [2012-9-28 164792] S3 ImeDictUpdateService;Microsoft IME Dictionary Update;C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [2010-10-20 83312] S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-6-28 158976] S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-6-28 172632] S3 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S3 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] S3 TesSafe;TesSafe;C:\Windows\System32\TesSafe.sys [2011-7-6 159160] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-6 1255736] S3 XLaccService;XLaccService;C:\Users\Henry\Desktop\ipacc\xlacc\bin\XLaccService.exe --> C:\Users\Henry\Desktop\ipacc\xlacc\bin\XLaccService.exe [?] S3 XLServicePlatform;XLServicePlatform;C:\Windows\System32\svchost -k XLServicePlatform --> C:\Windows\System32\svchost -k XLServicePlatform [?] S3 YDYDriver;YDYDriver;C:\Windows\System32\drivers\YDYDriver.sys [2012-9-28 146152] . =============== Created Last 30 ================ . 2013-05-21 04:34:34 -------- d-----w- C:\Users\Henry\AppData\Roaming\360SuperKiller 2013-05-21 04:34:16 -------- d-----w- C:\Users\Henry\AppData\Roaming\360DiagnoseScan 2013-05-21 04:23:44 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-05-21 04:23:34 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-05-21 02:17:05 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-05-21 01:52:53 -------- d-----w- C:\Users\Henry\AppData\Roaming\Malwarebytes 2013-05-21 01:52:41 -------- d-----w- C:\ProgramData\Malwarebytes 2013-05-21 01:52:26 -------- d-----w- C:\Users\Henry\AppData\Local\Programs 2013-05-21 01:49:17 65424 ----a-w- C:\Windows\System32\drivers\360AvFlt.sys 2013-05-11 10:37:28 209472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll 2013-05-09 00:48:47 -------- d-----w- C:\Users\Henry\AppData\Roaming\Mumble 2013-05-09 00:48:25 -------- d-----w- C:\Program Files (x86)\Mumble 2013-05-01 22:32:16 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-05-01 22:32:06 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2013-05-01 22:13:31 -------- d-----w- C:\Program Files (x86)\Cryptic Studios 2013-05-01 00:37:15 -------- d-----w- C:\Program Files\Ventrilo 2013-04-25 17:00:12 -------- d-----w- C:\Users\Henry\AppData\Local\{F5EDF173-AF11-495C-8C8A-67E7DE9CBF93} 2013-04-24 18:20:53 -------- d-----w- C:\Users\Henry\AppData\Local\{082FF1A4-689E-4188-9B4D-D8128E642D48} 2013-04-24 05:45:39 -------- d-----w- C:\Users\Henry\AppData\Local\{F122F1BF-3148-46F5-B282-435EAD399160} 2013-04-24 03:27:03 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client 2013-04-23 17:45:00 -------- d-----w- C:\Users\Henry\AppData\Local\{E59934E1-181E-4BA1-B1E9-D7B1D678FCBF} 2013-04-23 05:24:23 -------- d-----w- C:\Users\Henry\AppData\Local\{2338F71D-31CE-4108-B9B5-C3BEA9C148A9} 2013-04-22 17:23:44 -------- d-----w- C:\Users\Henry\AppData\Local\{9979046C-A2F8-4DFC-97DA-BBAD7CFC467C} 2013-04-21 23:36:57 -------- d-----w- C:\Users\Henry\AppData\Local\{2214B2F5-E216-42BD-A654-7EEB1629C9C8} . ==================== Find3M ==================== . 2013-05-21 05:04:03 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-05-21 05:04:02 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-21 04:23:24 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll 2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-03-27 04:28:07 8192 ----a-w- C:\Windows\SysWow64\srvany.exe 2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe 2013-03-17 20:31:05 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-03-15 05:53:06 968408 ----a-w- C:\Windows\SysWow64\nvumdshim.dll 2013-03-15 04:16:18 3477280 ----a-w- C:\Windows\System32\nvsvc64.dll 2013-03-15 04:16:17 6398240 ----a-w- C:\Windows\System32\nvcpl.dll 2013-03-15 04:16:10 877856 ----a-w- C:\Windows\System32\nvvsvc.exe 2013-03-15 04:16:10 76064 ----a-w- C:\Windows\System32\nv3dappshextr.dll 2013-03-15 04:16:10 63776 ----a-w- C:\Windows\System32\nvshext.dll 2013-03-15 04:16:10 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll 2013-03-15 04:16:10 237856 ----a-w- C:\Windows\System32\nvmctray.dll 2013-03-15 04:16:10 1016096 ----a-w- C:\Windows\System32\nv3dappshext.dll 2013-03-15 02:07:52 559904 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2013-03-13 16:24:01 3065455 ----a-w- C:\Windows\System32\nvcoproc.bin . ============= FINISH: 18:53:08.87 =============== attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.