Jump to content

FangZandith

Members
 View Profile  See their activity

  • Posts

    13

  • Joined

  • Last visited

 Content Type 

Everything posted by FangZandith

  1. FangZandith
    It's running just fine, I haven't had any unnecessary ads or anything in a while. I'd like to run a defrag and a system clean up just to polish it all over, but other than that it's peachy.
  2. FangZandith
    It just finished. It found one threat win32\downloadadmin.g. ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK
  3. FangZandith
    I'm still running the program, it's quite a lengthy run lol. I have a lot to do today, so it may be tomorrow that I post the results you've asked of me. I'll try and have the finished results up later this evening, I feel bad about being as late with it as I have been.
  4. FangZandith
    I'm really sorry, I keep forgetting to do it. It's been a busy week! I promise I'll get you the log by tomorrow, I'm sorry to keep you waiting.
  5. FangZandith
    I forgot to run this last evening, I'm very sorry. I'll be sure to run it tonight and post it first thing tomorrow morning.
  6. FangZandith
    Sorry for the delay! Here is the information you asked for Maniac. # AdwCleaner v2.115 - Logfile created 04/02/2013 at 14:52:50 # Updated 17/03/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Ryan - RYAN-PC # Boot Mode : Normal # Running from : C:\Users\Ryan\Desktop\Dan\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\END ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16470 [OK] Registry is clean. -\\ Google Chrome v26.0.1410.43 File : C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [805 octets] - [28/03/2013 17:30:45] AdwCleaner[s1].txt - [319 octets] - [02/04/2013 14:52:27] AdwCleaner[s2].txt - [797 octets] - [02/04/2013 14:52:50] ########## EOF - C:\AdwCleaner[s2].txt - [856 octets] ##########
  7. FangZandith
    I just wanted to give you a heads up that I probably wont be able to respond until April 1. I have a wedding to go to out of state this weekend, so if I don't respond for the next two or three days, I will respond by Monday. Thank you again for your time, I'm really grateful that people like you take such time out of your lives to help people like me.
  8. FangZandith
    # AdwCleaner v2.115 - Logfile created 03/28/2013 at 17:30:45 # Updated 17/03/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Ryan - RYAN-PC # Boot Mode : Normal # Running from : C:\Users\Ryan\Desktop\Dan\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\END ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16470 [OK] Registry is clean. -\\ Google Chrome v25.0.1364.172 File : C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [678 octets] - [28/03/2013 17:30:45] ########## EOF - C:\AdwCleaner[R1].txt - [737 octets] ##########
  9. FangZandith
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.7.3 (03.23.2013:1) OS: Windows 7 Home Premium x64 Ran by Ryan on Thu 03/28/2013 at 12:29:20.34 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files Successfully deleted: [File] C:\eula.1028.txt Successfully deleted: [File] C:\eula.1031.txt Successfully deleted: [File] C:\eula.1033.txt Successfully deleted: [File] C:\eula.1036.txt Successfully deleted: [File] C:\eula.1040.txt Successfully deleted: [File] C:\eula.1041.txt Successfully deleted: [File] C:\eula.1042.txt Successfully deleted: [File] C:\eula.2052.txt Successfully deleted: [File] C:\install.res.1028.dll Successfully deleted: [File] C:\install.res.1031.dll Successfully deleted: [File] C:\install.res.1033.dll Successfully deleted: [File] C:\install.res.1036.dll Successfully deleted: [File] C:\install.res.1040.dll Successfully deleted: [File] C:\install.res.1041.dll Successfully deleted: [File] C:\install.res.1042.dll Successfully deleted: [File] C:\install.res.2052.dll Successfully deleted: [File] C:\install.res.3082.dll ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\ask" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Thu 03/28/2013 at 12:35:39.24 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.03.28.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Ryan :: RYAN-PC [administrator] 3/28/2013 12:41:32 PM mbam-log-2013-03-28 (12-41-32).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 226089 Time elapsed: 2 minute(s), 21 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-03-28 12:51:25 ----------------------------- 12:51:25.541 OS Version: Windows x64 6.1.7601 Service Pack 1 12:51:25.541 Number of processors: 4 586 0x1707 12:51:25.542 ComputerName: RYAN-PC UserName: Ryan 12:51:26.442 Initialize success 12:51:41.282 Disk 0 \Device\Harddisk0\DR0 -> \Device\0000005a 12:51:41.284 Disk 0 Vendor: ST350063 3.AD Size: 476940MB BusType: 8 12:51:41.286 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\0000005b 12:51:41.288 Disk 1 Vendor: ST350062 DE12 Size: 476940MB BusType: 8 12:51:41.412 Disk 1 MBR read successfully 12:51:41.415 Disk 1 MBR scan 12:51:41.418 Disk 1 Windows 7 default MBR code 12:51:41.428 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 12:51:41.435 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848 12:51:41.469 Disk 1 scanning C:\Windows\system32\drivers 12:51:49.554 Service scanning 12:52:03.093 Modules scanning 12:52:03.100 Disk 1 trace - called modules: 12:52:03.117 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor.sys 12:52:03.446 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8004d58060] 12:52:03.451 3 CLASSPNP.SYS[fffff8800102643f] -> nt!IofCallDriver -> [0xfffffa8004ad18e0] 12:52:03.456 5 ACPI.sys[fffff88000f937a1] -> nt!IofCallDriver -> \Device\0000005b[0xfffffa8004ac3060] 12:52:03.461 Scan finished successfully 13:01:56.634 Disk 1 MBR has been saved successfully to "C:\Users\Ryan\Desktop\Dan\New folder\MBR.dat" 13:01:56.641 The log file has been saved successfully to "C:\Users\Ryan\Desktop\Dan\New folder\aswMBR.txt" DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.17.2 Run by Ryan at 13:08:54 on 2013-03-28 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4094.2691 [GMT -4:00] . AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\dlcqcoms.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe C:\Windows\System32\StikyNot.exe C:\Users\Ryan\Local Settings\Apps\F.lux\flux.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\splwow64.exe C:\Program Files\Windows NT\Accessories\wordpad.exe C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe C:\Windows\explorer.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: {53A3D6ED-94C0-4CAD-ADBA-F54F841D5CCA} - <orphaned> BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe uRun: [F.lux] "C:\Users\Ryan\Local Settings\Apps\F.lux\flux.exe" /noshow uRun: [GoogleChromeAutoLaunch_530306471311B0DB2757A99884EC74AF] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY StartupFolder: C:\Users\Ryan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: NameServer = 192.168.1.1 71.242.0.12 TCP: Interfaces\{0553A5F9-276A-47D2-9CDB-F3F514905F62} : DHCPNameServer = 192.168.1.1 71.242.0.12 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-Run: [dlcqmon.exe] "C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe" x64-Run: [MemoryCardManager] "C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe" x64-Run: [DLCQCATS] rundll32 C:\Windows\System32\spool\DRIVERS\x64\3\DLCQtime.dll,RunDLLEntry x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-2-26 246072] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-2-14 239416] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-2-19 282624] R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-2-9 8704] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-9 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-9 682344] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-9 24176] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-2-27 4937264] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-11 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-10 1255736] . =============== Created Last 30 ================ . 2013-03-28 16:29:12 -------- d-----w- C:\Windows\ERUNT 2013-03-28 16:27:49 -------- d-----w- C:\JRT 2013-03-26 05:39:16 -------- d-----w- C:\Program Files\CCleaner 2013-03-26 01:01:34 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-03-25 06:12:59 -------- d-----w- C:\Users\Ryan\AppData\Roaming\AVG2013 2013-03-25 06:10:04 -------- d-----w- C:\Users\Ryan\AppData\Roaming\TuneUp Software 2013-03-25 06:08:46 -------- d--h--w- C:\$AVG 2013-03-25 06:08:46 -------- d-----w- C:\ProgramData\AVG2013 2013-03-25 06:08:03 -------- d-----w- C:\Program Files (x86)\AVG 2013-03-25 06:05:00 -------- d--h--w- C:\ProgramData\Common Files 2013-03-25 06:05:00 -------- d-----w- C:\Users\Ryan\AppData\Local\MFAData 2013-03-25 06:05:00 -------- d-----w- C:\Users\Ryan\AppData\Local\Avg2013 2013-03-25 06:05:00 -------- d-----w- C:\ProgramData\MFAData 2013-03-25 05:23:15 -------- d-----w- C:\Users\Ryan\AppData\Roaming\SuperAdBlocker.com 2013-03-25 05:23:06 -------- d-----w- C:\Windows\SysWow64\URTTemp 2013-03-25 05:22:17 -------- d-----w- C:\Users\Ryan\AppData\Roaming\CheckPoint 2013-03-25 05:21:18 -------- d-----w- C:\ProgramData\CheckPoint 2013-03-22 15:40:16 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7A5843CD-F270-4033-AC71-80235615A8E1}\mpengine.dll 2013-03-18 06:43:53 -------- d-----r- C:\Program Files (x86)\Skype 2013-03-12 05:51:50 -------- d-----w- C:\Users\Ryan\AppData\Local\SCE 2013-03-12 01:44:18 -------- d-----w- C:\Users\Ryan\AppData\Local\Apple Computer 2013-03-12 01:44:06 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2013-03-12 01:43:35 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-03-12 01:43:35 -------- d-----w- C:\Program Files\iTunes 2013-03-12 01:43:35 -------- d-----w- C:\Program Files\iPod 2013-03-12 01:43:35 -------- d-----w- C:\Program Files (x86)\iTunes 2013-03-12 01:41:39 -------- d-----w- C:\Users\Ryan\AppData\Local\Apple 2013-03-12 01:40:58 -------- d-----w- C:\Program Files\Bonjour 2013-03-12 01:40:58 -------- d-----w- C:\Program Files (x86)\Bonjour 2013-03-11 16:23:34 -------- d-----w- C:\Users\Ryan\AppData\Roaming\.mono 2013-03-11 16:22:15 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Full Control 2013-03-07 02:43:34 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-28 18:24:49 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-28 08:00:59 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-02-28 04:04:48 -------- d-----w- C:\Users\Ryan\AppData\Local\WarThunder 2013-02-28 04:04:48 -------- d-----w- C:\ProgramData\WarThunder 2013-02-28 04:04:34 -------- d-----w- C:\Program Files (x86)\War Thunder 2013-02-27 03:40:46 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys . ==================== Find3M ==================== . 2013-03-12 18:44:58 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-07 02:43:29 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-03-07 02:43:29 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-02-14 07:52:46 239416 ----a-w- C:\Windows\System32\drivers\avgtdia.sys 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-02-12 01:33:08 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2013-02-12 01:33:07 175616 ----a-w- C:\Windows\System32\msclmd.dll 2013-02-08 08:37:56 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys 2013-02-08 08:37:54 311096 ----a-w- C:\Windows\System32\drivers\avgloga.sys 2013-02-08 08:37:50 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys 2013-02-08 08:37:42 206136 ----a-w- C:\Windows\System32\drivers\avgldx64.sys 2013-02-08 08:37:40 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys 2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-17 05:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe 2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll 2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll 2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll 2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll 2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll 2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll 2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll 2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll 2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll 2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll 2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll 2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll 2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll 2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll 2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll 2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-12-29 08:40:27 6382008 ----a-w- C:\Windows\System32\nvcpl.dll 2012-12-29 08:40:27 3455416 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-12-29 08:40:11 2923201 ----a-w- C:\Windows\System32\nvcoproc.bin 2012-12-29 08:40:09 884152 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-12-29 08:40:09 63928 ----a-w- C:\Windows\System32\nvshext.dll . ============= FINISH: 13:09:14.79 =============== DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 2/9/2013 12:52:07 AM System Uptime: 3/27/2013 6:44:58 PM (19 hours ago) . Motherboard: Dell Inc. | | 0F642F Processor: Intel® Core2 Quad CPU Q9550 @ 2.83GHz | Socket 775 | 2833/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 334.637 GiB free. D: is CDROM () E: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP36: 3/21/2013 12:20:20 AM - Scheduled Checkpoint RP37: 3/21/2013 3:00:31 AM - Windows Update RP38: 3/25/2013 1:22:14 AM - Installed Super Ad Blocker RP39: 3/25/2013 1:42:09 AM - Removed Super Ad Blocker RP40: 3/25/2013 2:07:06 AM - Installed AVG 2013 RP41: 3/25/2013 2:08:19 AM - Installed AVG 2013 RP42: 3/26/2013 3:00:18 AM - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 11 Plugin Apple Application Support Apple Mobile Device Support Apple Software Update Auslogics Disk Defrag AVG 2013 Bonjour CCleaner Counter-Strike: Source Dell Photo AIO Printer 966 F.lux Frontline Tactics Google Chrome Google Earth Google Update Helper Hi-Rez Studios Authenticate and Update Service iTunes Java 7 Update 17 Java Auto Updater League of Legends Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4 Client Profile Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 NVIDIA 3D Vision Controller Driver 310.90 NVIDIA 3D Vision Driver 310.90 NVIDIA Control Panel 310.90 NVIDIA Graphics Driver 310.90 NVIDIA HD Audio Driver 1.3.18.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components OpenOffice.org 3.4.1 Pando Media Booster PlanetSide 2 Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Skype™ 6.3 Steam The Elder Scrolls V: Skyrim Tribes Ascend Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Visual Studio 2010 x64 Redistributables War Thunder Launcher 1.0.1.152 ZoneAlarm LTD Toolbar . ==== End Of File ===========================
  10. FangZandith
    I apologize for my delay, I just got a minute before bed to hop on the PC and take a look. I'm having an issue finding the Zonealarm LTD Toolbar. I have found the path for the file in C:\ProgramData and in C:\Users\Ryan\AppData\Roaming. I have no uninstall feature in either category, or in my programs list. Should I just delete the folders and clear them from my recycling bin and continue with the rest of your steps?
  11. FangZandith
    Hi Maniac ! Nice to meet you, and thank you for coming to help me! I unfortunately do not pay for malwarebytes, just the free version. From here on out I'll wait to do scans until directed to do so. Thanks again Maniac! DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.17.2 Run by Ryan at 12:34:39 on 2013-03-26 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4094.2740 [GMT -4:00] . AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2013\avgrsa.exe C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\dlcqcoms.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe C:\Program Files (x86)\AVG\AVG2013\avgemca.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe C:\Users\Ryan\Local Settings\Apps\F.lux\flux.exe C:\Windows\System32\StikyNot.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: {53A3D6ED-94C0-4CAD-ADBA-F54F841D5CCA} - <orphaned> BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe uRun: [F.lux] "C:\Users\Ryan\Local Settings\Apps\F.lux\flux.exe" /noshow uRun: [GoogleChromeAutoLaunch_530306471311B0DB2757A99884EC74AF] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY StartupFolder: C:\Users\Ryan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: NameServer = 192.168.1.1 71.242.0.12 TCP: Interfaces\{0553A5F9-276A-47D2-9CDB-F3F514905F62} : DHCPNameServer = 192.168.1.1 71.242.0.12 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-Run: [dlcqmon.exe] "C:\Program Files (x86)\Dell Photo AIO Printer 966\dlcqmon.exe" x64-Run: [MemoryCardManager] "C:\Program Files (x86)\Dell Photo AIO Printer 966\memcard.exe" x64-Run: [DLCQCATS] rundll32 C:\Windows\System32\spool\DRIVERS\x64\3\DLCQtime.dll,RunDLLEntry x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-2-26 246072] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-2-14 239416] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-2-27 4937264] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-2-19 282624] R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-2-9 8704] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-9 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-9 682344] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-9 24176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-11 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-10 1255736] . =============== Created Last 30 ================ . 2013-03-26 05:39:16 -------- d-----w- C:\Program Files\CCleaner 2013-03-26 01:01:34 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-03-25 06:12:59 -------- d-----w- C:\Users\Ryan\AppData\Roaming\AVG2013 2013-03-25 06:10:04 -------- d-----w- C:\Users\Ryan\AppData\Roaming\TuneUp Software 2013-03-25 06:08:46 -------- d--h--w- C:\$AVG 2013-03-25 06:08:46 -------- d-----w- C:\ProgramData\AVG2013 2013-03-25 06:08:03 -------- d-----w- C:\Program Files (x86)\AVG 2013-03-25 06:05:00 -------- d--h--w- C:\ProgramData\Common Files 2013-03-25 06:05:00 -------- d-----w- C:\Users\Ryan\AppData\Local\MFAData 2013-03-25 06:05:00 -------- d-----w- C:\Users\Ryan\AppData\Local\Avg2013 2013-03-25 06:05:00 -------- d-----w- C:\ProgramData\MFAData 2013-03-25 05:23:15 -------- d-----w- C:\Users\Ryan\AppData\Roaming\SuperAdBlocker.com 2013-03-25 05:23:06 -------- d-----w- C:\Windows\SysWow64\URTTemp 2013-03-25 05:22:17 -------- d-----w- C:\Users\Ryan\AppData\Roaming\CheckPoint 2013-03-25 05:21:18 -------- d-----w- C:\ProgramData\CheckPoint 2013-03-22 15:40:16 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7A5843CD-F270-4033-AC71-80235615A8E1}\mpengine.dll 2013-03-18 06:43:53 -------- d-----r- C:\Program Files (x86)\Skype 2013-03-12 05:51:50 -------- d-----w- C:\Users\Ryan\AppData\Local\SCE 2013-03-12 01:44:18 -------- d-----w- C:\Users\Ryan\AppData\Local\Apple Computer 2013-03-12 01:44:06 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2013-03-12 01:43:35 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-03-12 01:43:35 -------- d-----w- C:\Program Files\iTunes 2013-03-12 01:43:35 -------- d-----w- C:\Program Files\iPod 2013-03-12 01:43:35 -------- d-----w- C:\Program Files (x86)\iTunes 2013-03-12 01:41:39 -------- d-----w- C:\Users\Ryan\AppData\Local\Apple 2013-03-12 01:40:58 -------- d-----w- C:\Program Files\Bonjour 2013-03-12 01:40:58 -------- d-----w- C:\Program Files (x86)\Bonjour 2013-03-11 16:23:34 -------- d-----w- C:\Users\Ryan\AppData\Roaming\.mono 2013-03-11 16:22:15 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Full Control 2013-03-07 02:43:34 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-28 18:24:49 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-28 08:00:59 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-02-28 04:04:48 -------- d-----w- C:\Users\Ryan\AppData\Local\WarThunder 2013-02-28 04:04:48 -------- d-----w- C:\ProgramData\WarThunder 2013-02-28 04:04:34 -------- d-----w- C:\Program Files (x86)\War Thunder 2013-02-27 03:40:46 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys . ==================== Find3M ==================== . 2013-03-12 18:44:58 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-07 02:43:29 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-03-07 02:43:29 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-02-14 07:52:46 239416 ----a-w- C:\Windows\System32\drivers\avgtdia.sys 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-02-12 01:33:08 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2013-02-12 01:33:07 175616 ----a-w- C:\Windows\System32\msclmd.dll 2013-02-08 08:37:56 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys 2013-02-08 08:37:54 311096 ----a-w- C:\Windows\System32\drivers\avgloga.sys 2013-02-08 08:37:50 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys 2013-02-08 08:37:42 206136 ----a-w- C:\Windows\System32\drivers\avgldx64.sys 2013-02-08 08:37:40 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys 2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-17 05:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe 2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll 2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll 2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll 2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll 2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll 2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll 2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll 2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll 2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll 2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll 2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll 2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll 2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll 2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll 2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll 2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-12-29 08:40:27 6382008 ----a-w- C:\Windows\System32\nvcpl.dll 2012-12-29 08:40:27 3455416 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-12-29 08:40:11 2923201 ----a-w- C:\Windows\System32\nvcoproc.bin 2012-12-29 08:40:09 884152 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-12-29 08:40:09 63928 ----a-w- C:\Windows\System32\nvshext.dll . ============= FINISH: 12:35:04.66 =============== . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 2/9/2013 12:52:07 AM System Uptime: 3/26/2013 11:59:39 AM (1 hours ago) . Motherboard: Dell Inc. | | 0F642F Processor: Intel® Core2 Quad CPU Q9550 @ 2.83GHz | Socket 775 | 2833/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 340.451 GiB free. D: is CDROM () E: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP36: 3/21/2013 12:20:20 AM - Scheduled Checkpoint RP37: 3/21/2013 3:00:31 AM - Windows Update RP38: 3/25/2013 1:22:14 AM - Installed Super Ad Blocker RP39: 3/25/2013 1:42:09 AM - Removed Super Ad Blocker RP40: 3/25/2013 2:07:06 AM - Installed AVG 2013 RP41: 3/25/2013 2:08:19 AM - Installed AVG 2013 RP42: 3/26/2013 3:00:18 AM - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 11 Plugin Apple Application Support Apple Mobile Device Support Apple Software Update Auslogics Disk Defrag AVG 2013 Bonjour CCleaner Counter-Strike: Source Dell Photo AIO Printer 966 F.lux Frontline Tactics Google Chrome Google Earth Google Update Helper Hi-Rez Studios Authenticate and Update Service iTunes Java 7 Update 17 Java Auto Updater League of Legends Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4 Client Profile Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 NVIDIA 3D Vision Controller Driver 310.90 NVIDIA 3D Vision Driver 310.90 NVIDIA Control Panel 310.90 NVIDIA Graphics Driver 310.90 NVIDIA HD Audio Driver 1.3.18.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components OpenOffice.org 3.4.1 Pando Media Booster PlanetSide 2 Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Skype™ 6.3 Steam The Elder Scrolls V: Skyrim Tribes Ascend Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Visual Studio 2010 x64 Redistributables War Thunder Launcher 1.0.1.152 ZoneAlarm LTD Toolbar . ==== Event Viewer Messages From Past Week ======== . 3/26/2013 3:19:41 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 3/26/2013 3:19:41 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. 3/26/2013 3:17:40 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SABKUTIL 3/26/2013 3:16:23 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied. 3/25/2013 1:23:28 AM, Error: Service Control Manager [7000] - The SABProcEnum service failed to start due to the following error: This driver has been blocked from loading 3/25/2013 1:23:28 AM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\ has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 3/25/2013 1:23:26 AM, Error: Service Control Manager [7000] - The SABKUTIL service failed to start due to the following error: This driver has been blocked from loading 3/25/2013 1:23:25 AM, Error: Service Control Manager [7000] - The SABDIFSV service failed to start due to the following error: This driver has been blocked from loading 3/25/2013 1:22:37 AM, Error: Service Control Manager [7030] - The TrueVector Internet Monitor service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 3/20/2013 5:58:07 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 3/19/2013 10:35:10 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 3/19/2013 10:35:10 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File ===========================
  12. FangZandith
    Oh, I felt that it might be helpful if I listed the additional items I found from the quarantine yesterday. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{103089DA-0F31-4A8B-843F-7D24A7FE8345} (PUP.InfoAtoms) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{103089DA-0F31-4A8B-843F-7D24A7FE8345} (PUP.InfoAtoms) -> Quarantined and deleted successfully.
  13. FangZandith
    Hello folks, I've come here to really try and clear up all the remaining crap from my recent mistake. About two days ago I decided to try and download some ad blocking software from C|NET download.com. Against my own gut feeling, I trudged on with the bundled installation. This installation left me with some zonealarm related nonsense, and specifically the getsavin adware. Now, I've run Malwarebytes, AVG, CCleaner, and Hijack This; but I keep getting a BHO file that was from the getsavin adware. I'm at the point where it's coming up as a (no name) (no file), or at least it's coming up in the same place the getsavin adware was appearing. At this point I'd really just like to try and finish off the rest of the clutter I'm seeing in Hijack This, but I'm not entirely sure what all I should be removing, or how to completely remove this pesky BHO file. So, I just ran CCleaner, cleaned up my registry and used the standard cleaner tool. I'm going to run Malwarebytes again tonight while I sleep. Yesterday when I ran it, it did identify and remove two items. AVG came up clean from yesterdays sweep. I also just updated Malwarebytes, to further ensure it's getting a good full scan of what I've got going on. It's been a long time since I've goofed up my rig, and I'm rather at odds with myself for making such a stupid mistake. So thanks for your time, I wish I didn't have to eat it up. I look forwards to working with you to clear this up.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.