Jump to content

sonobang

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hello, I recently got the Windows Security 2012 virus, and removed it using Malwarebytes. Everything was working fine for a bit, but then I got the 'windows could not automatically detect this network's proxy settings' error. I can no longer connect to nearby routers.. I've tried many different methods posted on internet, but no luck.. I need your help! Thank you, . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26 Run by JUNO at 16:42:04 on 2011-12-27 Microsoft Windows 7 Professional 6.1.7601.1.949.82.1033.18.3071.1958 [GMT -5:00] . AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\conhost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\system32\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\ATK Hotkey\HControl.exe C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\ASUS\ATK Hotkey\WDC.exe C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Razer\DeathAdder\razerhid.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Razer\DeathAdder\razerofa.exe C:\Program Files\Razer\DeathAdder\vdDaemon.exe C:\Windows\System32\StikyNot.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Razer\DeathAdder\razertra.exe C:\Windows\System32\msdt.exe C:\Windows\System32\sdiagnhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uWindow Title = Internet Explorer, optimized for Bing and MSN uInternet Settings,ProxyOverride = *.local BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\AxAutoMntSrv.exe" -automount uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [HControlUser] c:\program files\asus\atk hotkey\HControlUser.exe mRun: [<NO NAME>] mRun: [ATKOSD2] c:\program files\asus\atkosd2\ATKOSD2.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [AmIcoSinglun] c:\program files\amicosinglun\AmIcoSinglun.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [DeathAdder] c:\program files\razer\deathadder\razerhid.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRunOnce: [*Restore] c:\windows\system32\rstrui.exe /runonce StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: Interfaces\{2926171E-BE0C-439E-83B0-E012ABF163AE}\2414E47484F4D454 : DhcpNameServer = 24.226.1.93 24.226.10.193 24.226.10.194 TCP: Interfaces\{2926171E-BE0C-439E-83B0-E012ABF163AE}\2454C4C4437383 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{2926171E-BE0C-439E-83B0-E012ABF163AE}\4656661657C647 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{2926171E-BE0C-439E-83B0-E012ABF163AE}\746493E443 : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\juno\appdata\roaming\mozilla\firefox\profiles\b9d4s2hs.default\ FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\np_gp.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll FF - plugin: c:\program files\sony\media go\npmediago.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll . ============= SERVICES / DRIVERS =============== . R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-8-11 136360] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-8-11 269480] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-8-11 66616] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-8-3 379496] R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-11-13 110592] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480] R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2009-12-3 625224] R3 BTHprint;Microsoft Bluetooth Printer Class;c:\windows\system32\drivers\BTHPRINT.SYS [2009-7-13 50688] R3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [2011-8-8 9856] R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2010-7-13 65640] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-7-30 139368] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776] R3 VKbms;Virtual HID Minidriver;c:\windows\system32\drivers\VKbms.sys [2011-8-8 10240] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 KMService;KMService;c:\windows\system32\srvany.exe [2010-11-4 8192] S2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-23 370688] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2011-11-29 27192] S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-22 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-16 1343400] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520] . =============== Created Last 30 ================ . 2011-12-27 20:18:59 -------- d-----w- c:\users\juno\appdata\local\{86674FD1-6249-4EFE-A8FF-44261EF09FAD} 2011-12-27 20:01:38 -------- d-----w- c:\users\juno\appdata\local\{7BDCB178-D3FA-44A2-9537-33B92CA59CD6} 2011-12-27 19:40:26 -------- d-----w- c:\users\juno\appdata\local\{E45AF2AA-2C6D-4455-8EF1-610F03D268DA} 2011-12-27 19:33:05 -------- d-----w- c:\users\juno\appdata\local\{0C5587EB-36F5-402A-A4B5-087AB313A592} 2011-12-27 19:24:37 -------- d-----w- c:\program files\Microsoft Security Client 2011-12-27 19:20:56 -------- d-----w- c:\users\juno\appdata\local\{8D89FB09-58FC-4435-BE08-5DCC5EC6C60C} 2011-12-27 18:45:30 -------- d-----w- c:\users\juno\appdata\local\{14A26EE6-EA5E-439D-9D55-1B1E60C6919B} 2011-12-27 18:35:28 -------- d-----w- c:\users\juno\appdata\local\{EA43EDFE-BB06-4235-8412-D937D11DA5EE} 2011-12-27 18:24:59 -------- d-----w- c:\users\juno\appdata\local\{0D6B1304-7471-4CFC-82C9-A6B9B4602D7B} 2011-12-27 18:15:38 -------- d-----w- c:\users\juno\appdata\local\{71108DCC-31AF-4391-B0B0-1CCD2FAD2FCE} 2011-12-27 08:38:52 -------- d-----w- c:\users\juno\appdata\local\{57C9974D-008C-4437-848F-69DD862AD718} 2011-12-26 16:26:21 -------- d-----w- c:\users\juno\appdata\local\{634F5C2D-B3E8-4AA1-85B7-58F4513B61B6} 2011-12-24 23:44:23 -------- d-----w- c:\users\juno\appdata\local\{48228480-3A7E-4AD3-B050-BCCCA66936DD} 2011-12-24 23:44:12 -------- d-----w- c:\users\juno\appdata\local\{ED972E01-4B35-4ABA-BAC2-5F38AF462865} 2011-12-23 13:54:35 6823496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{17c502dd-2f1e-4e13-8416-4037752ef494}\mpengine.dll 2011-12-14 21:53:53 -------- d-----w- c:\program files\iTunes 2011-12-14 21:53:53 -------- d-----w- c:\program files\iPod 2011-12-14 08:02:59 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2011-12-13 22:30:48 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-12-13 22:30:46 2048 ----a-w- c:\windows\system32\tzres.dll 2011-12-13 22:30:37 534528 ----a-w- c:\windows\system32\EncDec.dll 2011-12-13 22:30:36 38912 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-13 22:30:33 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-12-13 22:30:33 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-12-07 12:09:45 -------- d-----w- c:\users\juno\appdata\local\{9A48CA79-77EC-498F-A496-094FEBF6C6BE} 2011-12-07 12:09:30 -------- d-----w- c:\users\juno\appdata\local\{9588D5E6-6FEF-460F-8AFB-54EFD2E72BC7} 2011-11-30 00:41:14 -------- d-----w- c:\users\juno\appdata\local\VS Revo Group 2011-11-30 00:41:06 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2011-11-30 00:41:03 -------- d-----w- c:\program files\VS Revo Group 2011-11-30 00:22:51 -------- d-----w- c:\windows\system32\appmgmt . ==================== Find3M ==================== . 2011-11-15 02:17:36 141200 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-11-15 02:17:26 281656 ----a-w- c:\windows\system32\PnkBstrB.xtr 2011-11-15 02:17:26 281656 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-11-15 02:16:07 281200 ----a-w- c:\windows\system32\PnkBstrB.ex0 2011-11-13 09:33:19 138056 ----a-w- c:\users\juno\appdata\roaming\PnkBstrK.sys 2011-11-13 09:32:57 75136 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll 2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll 2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-10-24 18:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-10-24 18:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts 2011-09-29 16:03:04 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys Attach.zip
  2. Hello, I recently got the Windows Security 2012 virus, and removed it using Malwarebytes. Everything was working fine for a bit, but then I got the 'windows could not automatically detect this network's proxy settings' error. I can no longer connect to nearby routers.. I've tried many different methods posted on internet, but no luck.. I need your help! Thank you, . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26 Run by JUNO at 16:42:04 on 2011-12-27 Microsoft Windows 7 Professional 6.1.7601.1.949.82.1033.18.3071.1958 [GMT -5:00] . AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\conhost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\system32\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\ATK Hotkey\HControl.exe C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\ASUS\ATK Hotkey\WDC.exe C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Razer\DeathAdder\razerhid.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Razer\DeathAdder\razerofa.exe C:\Program Files\Razer\DeathAdder\vdDaemon.exe C:\Windows\System32\StikyNot.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Razer\DeathAdder\razertra.exe C:\Windows\System32\msdt.exe C:\Windows\System32\sdiagnhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uWindow Title = Internet Explorer, optimized for Bing and MSN uInternet Settings,ProxyOverride = *.local BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\AxAutoMntSrv.exe" -automount uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [HControlUser] c:\program files\asus\atk hotkey\HControlUser.exe mRun: [<NO NAME>] mRun: [ATKOSD2] c:\program files\asus\atkosd2\ATKOSD2.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [AmIcoSinglun] c:\program files\amicosinglun\AmIcoSinglun.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [DeathAdder] c:\program files\razer\deathadder\razerhid.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRunOnce: [*Restore] c:\windows\system32\rstrui.exe /runonce StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: Interfaces\{2926171E-BE0C-439E-83B0-E012ABF163AE}\2414E47484F4D454 : DhcpNameServer = 24.226.1.93 24.226.10.193 24.226.10.194 TCP: Interfaces\{2926171E-BE0C-439E-83B0-E012ABF163AE}\2454C4C4437383 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{2926171E-BE0C-439E-83B0-E012ABF163AE}\4656661657C647 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{2926171E-BE0C-439E-83B0-E012ABF163AE}\746493E443 : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\juno\appdata\roaming\mozilla\firefox\profiles\b9d4s2hs.default\ FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\np_gp.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll FF - plugin: c:\program files\sony\media go\npmediago.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll . ============= SERVICES / DRIVERS =============== . R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-8-11 136360] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-8-11 269480] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-8-11 66616] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-8-3 379496] R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-11-13 110592] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480] R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2009-12-3 625224] R3 BTHprint;Microsoft Bluetooth Printer Class;c:\windows\system32\drivers\BTHPRINT.SYS [2009-7-13 50688] R3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [2011-8-8 9856] R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2010-7-13 65640] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-7-30 139368] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776] R3 VKbms;Virtual HID Minidriver;c:\windows\system32\drivers\VKbms.sys [2011-8-8 10240] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 KMService;KMService;c:\windows\system32\srvany.exe [2010-11-4 8192] S2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-23 370688] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2011-11-29 27192] S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-22 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-16 1343400] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520] . =============== Created Last 30 ================ . 2011-12-27 20:18:59 -------- d-----w- c:\users\juno\appdata\local\{86674FD1-6249-4EFE-A8FF-44261EF09FAD} 2011-12-27 20:01:38 -------- d-----w- c:\users\juno\appdata\local\{7BDCB178-D3FA-44A2-9537-33B92CA59CD6} 2011-12-27 19:40:26 -------- d-----w- c:\users\juno\appdata\local\{E45AF2AA-2C6D-4455-8EF1-610F03D268DA} 2011-12-27 19:33:05 -------- d-----w- c:\users\juno\appdata\local\{0C5587EB-36F5-402A-A4B5-087AB313A592} 2011-12-27 19:24:37 -------- d-----w- c:\program files\Microsoft Security Client 2011-12-27 19:20:56 -------- d-----w- c:\users\juno\appdata\local\{8D89FB09-58FC-4435-BE08-5DCC5EC6C60C} 2011-12-27 18:45:30 -------- d-----w- c:\users\juno\appdata\local\{14A26EE6-EA5E-439D-9D55-1B1E60C6919B} 2011-12-27 18:35:28 -------- d-----w- c:\users\juno\appdata\local\{EA43EDFE-BB06-4235-8412-D937D11DA5EE} 2011-12-27 18:24:59 -------- d-----w- c:\users\juno\appdata\local\{0D6B1304-7471-4CFC-82C9-A6B9B4602D7B} 2011-12-27 18:15:38 -------- d-----w- c:\users\juno\appdata\local\{71108DCC-31AF-4391-B0B0-1CCD2FAD2FCE} 2011-12-27 08:38:52 -------- d-----w- c:\users\juno\appdata\local\{57C9974D-008C-4437-848F-69DD862AD718} 2011-12-26 16:26:21 -------- d-----w- c:\users\juno\appdata\local\{634F5C2D-B3E8-4AA1-85B7-58F4513B61B6} 2011-12-24 23:44:23 -------- d-----w- c:\users\juno\appdata\local\{48228480-3A7E-4AD3-B050-BCCCA66936DD} 2011-12-24 23:44:12 -------- d-----w- c:\users\juno\appdata\local\{ED972E01-4B35-4ABA-BAC2-5F38AF462865} 2011-12-23 13:54:35 6823496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{17c502dd-2f1e-4e13-8416-4037752ef494}\mpengine.dll 2011-12-14 21:53:53 -------- d-----w- c:\program files\iTunes 2011-12-14 21:53:53 -------- d-----w- c:\program files\iPod 2011-12-14 08:02:59 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2011-12-13 22:30:48 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-12-13 22:30:46 2048 ----a-w- c:\windows\system32\tzres.dll 2011-12-13 22:30:37 534528 ----a-w- c:\windows\system32\EncDec.dll 2011-12-13 22:30:36 38912 ----a-w- c:\windows\system32\csrsrv.dll 2011-12-13 22:30:33 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-12-13 22:30:33 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-12-07 12:09:45 -------- d-----w- c:\users\juno\appdata\local\{9A48CA79-77EC-498F-A496-094FEBF6C6BE} 2011-12-07 12:09:30 -------- d-----w- c:\users\juno\appdata\local\{9588D5E6-6FEF-460F-8AFB-54EFD2E72BC7} 2011-11-30 00:41:14 -------- d-----w- c:\users\juno\appdata\local\VS Revo Group 2011-11-30 00:41:06 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2011-11-30 00:41:03 -------- d-----w- c:\program files\VS Revo Group 2011-11-30 00:22:51 -------- d-----w- c:\windows\system32\appmgmt . ==================== Find3M ==================== . 2011-11-15 02:17:36 141200 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-11-15 02:17:26 281656 ----a-w- c:\windows\system32\PnkBstrB.xtr 2011-11-15 02:17:26 281656 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-11-15 02:16:07 281200 ----a-w- c:\windows\system32\PnkBstrB.ex0 2011-11-13 09:33:19 138056 ----a-w- c:\users\juno\appdata\roaming\PnkBstrK.sys 2011-11-13 09:32:57 75136 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll 2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll 2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-10-24 18:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-10-24 18:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts 2011-09-29 16:03:04 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys . ============= FINISH: 16:42:46.05 =============== Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.