Jump to content

theawesomeguy12

Members
 View Profile  See their activity

  • Posts

    7

  • Joined

  • Last visited

 Content Type 

Posts posted by theawesomeguy12

    cmd on startup

    in Resolved Malware Removal Logs

    Posted

    Results of screen317's Security Check version 0.99.62

    Windows 7 Service Pack 1 x64 (UAC is enabled)

    Internet Explorer 9

    ``````````````Antivirus/Firewall Check:``````````````

    Windows Firewall Disabled!

    Trend Micro Titanium Maximum Security 2012

    Antivirus up to date! (On Access scanning disabled!)

    `````````Anti-malware/Other Utilities Check:`````````

    Malwarebytes Anti-Malware version 1.75.0.1300

    Adobe Flash Player 11.7.700.169

    Adobe Reader XI

    ````````Process Check: objlist.exe by Laurent````````

    Comodo Firewall cmdagent.exe

    Trend Micro UniClient UiFrmWrk uiWatchDog.exe

    `````````````````System Health check`````````````````

    Total Fragmentation on Drive C: 1%

    ````````````````````End of Log``````````````````````

    cmd on startup

    in Resolved Malware Removal Logs

    Posted

    Hi,

    I ran Combofix and it told me samsrv.dll was infected and it restored it, but it didn't create a log file, it restarted and did not create a combofix.log in C:\ and now, when I run it again, it doesn't even show up, I downloaded a fresh copy but it didn't work.

    cmd on startup

    in Resolved Malware Removal Logs

    Posted

    RogueKiller Report

    RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy

    mail : tigzyRK<at>gmail<dot>com

    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

    Website : http://tigzy.geekstogo.com/roguekiller.php

    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

    Started in : Normal mode

    User : Kit and Fin [Admin rights]

    Mode : Scan -- Date : 04/20/2013 17:23:45

    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 7 ¤¤¤

    [RUN][bLACKLISTDLL] HKLM\[...]\Run : Cmaudio8788 (C:\windows\syswow64\RunDll32.exe C:\windows\Syswow64\cmicnfgp.dll,CMICtrlWnd) -> FOUND

    [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{85F6DD47-5685-47ED-9115-AC77498CACF3} : NameServer (8.26.56.26,156.154.70.22) -> FOUND

    [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{CD58BE2E-94A2-4C99-A4FD-64D606B70E43} : NameServer (8.26.56.26,156.154.70.22) -> FOUND

    [DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{85F6DD47-5685-47ED-9115-AC77498CACF3} : NameServer (8.26.56.26,156.154.70.22) -> FOUND

    [DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{CD58BE2E-94A2-4C99-A4FD-64D606B70E43} : NameServer (8.26.56.26,156.154.70.22) -> FOUND

    [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤

    --> C:\windows\system32\drivers\etc\hosts

    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: SEAGATE ST3750640NS SATA Disk Device +++++

    --- User ---

    [MBR] 04c52c34446692282c8b0dc18ee761cf

    [bSP] dfa450a4745d4e01175f84de8ecb66fe : Windows 7/8 MBR Code

    Partition table:

    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 500 Mo

    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1026048 | Size: 714902 Mo

    User = LL1 ... OK!

    User = LL2 ... OK!

    +++++ PhysicalDrive1: ST350062 0AS SATA Disk Device +++++

    --- User ---

    [MBR] a3a9c19c1c6f5150ce167b2b7450d4bd

    [bSP] 0225ebc2fe0f7f436262ab8569e96b9a : Windows Vista MBR Code

    Partition table:

    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 426938 Mo

    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 874371072 | Size: 49999 Mo

    User = LL1 ... OK!

    User = LL2 ... OK!

    Finished : << RKreport[1]_S_04202013_02d1723.txt >>

    RKreport[1]_S_04202013_02d1723.txt

    cmd on startup

    in Resolved Malware Removal Logs

    Posted

    Every time i boot my computer cmd.exe shows up and closes. I have scanned with Malwarebytes, Trend Micro, Hitman Pro and SuperAntiSpyware, but it all comes up clean. This only happened after i installed WinCDEmu. I have removed it now.

    DDS (Ver_2012-11-20.01) - NTFS_AMD64

    Internet Explorer: 10.0.9200.16537

    Run by Kit and Fin at 16:47:47 on 2013-04-20

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4079.2171 [GMT 1:00]

    .

    AV: Trend Micro Titanium Maximum Security 2012 *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}

    SP: Trend Micro Titanium Maximum Security 2012 *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}

    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}

    FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

    .

    ============== Running Processes ===============

    .

    C:\windows\system32\lsm.exe

    C:\windows\system32\svchost.exe -k DcomLaunch

    C:\windows\system32\nvvsvc.exe

    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

    C:\windows\system32\svchost.exe -k RPCSS

    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

    C:\windows\system32\svchost.exe -k NetworkService

    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\windows\system32\svchost.exe -k LocalService

    C:\windows\system32\svchost.exe -k netsvcs

    C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

    C:\windows\system32\svchost.exe -k GPSvcGroup

    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

    C:\windows\system32\nvvsvc.exe

    C:\windows\system32\Dwm.exe

    C:\windows\System32\spoolsv.exe

    C:\windows\system32\taskhost.exe

    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

    C:\windows\Explorer.EXE

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe

    C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe

    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\Program Files\Bonjour\mDNSResponder.exe

    C:\windows\system32\dldncoms.exe

    C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe

    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

    C:\windows\system32\svchost.exe -k imgsvc

    C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

    C:\windows\system32\SearchIndexer.exe

    C:\windows\system32\svchost.exe -k bthsvcs

    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\windows\System32\WUDFHost.exe

    C:\Program Files\ASUS Xonar DG Audio\Customapp\ASUSAUDIOCENTER.EXE

    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

    C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

    C:\Program Files\COMODO\COMODO Internet Security\cis.exe

    C:\Program Files (x86)\Comodo\Dragon\dragon.exe

    C:\Program Files (x86)\Comodo\Dragon\dragon.exe

    C:\Program Files (x86)\Comodo\Dragon\dragon.exe

    C:\Program Files (x86)\Comodo\Dragon\dragon.exe

    C:\Program Files (x86)\Comodo\Dragon\dragon.exe

    C:\windows\System32\svchost.exe -k secsvcs

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\windows\servicing\TrustedInstaller.exe

    C:\Program Files (x86)\Comodo\Dragon\dragon.exe

    C:\windows\System32\svchost.exe -k swprv

    c:\program files\windows defender\MpCmdRun.exe

    C:\Program Files (x86)\Comodo\Dragon\dragon.exe

    C:\windows\system32\wbem\wmiprvse.exe

    C:\windows\System32\cscript.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.google.co.uk/

    uDefault_Page_URL = hxxp://www.computerplanet.co.uk

    mWinlogon: Userinit = userinit.exe

    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll

    BHO: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll

    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll

    TB: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

    mPolicies-Explorer: NoActiveDesktop = dword:1

    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

    mPolicies-System: ConsentPromptBehaviorUser = dword:3

    mPolicies-System: EnableUIADesktopToggle = dword:0

    IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3

    IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1

    IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0

    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000

    IE: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html

    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

    IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html

    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    TCP: NameServer = 192.168.1.254

    TCP: Interfaces\{75773531-0016-45E2-A0F0-C2DBADF74210} : DHCPNameServer = 192.168.1.254

    TCP: Interfaces\{85F6DD47-5685-47ED-9115-AC77498CACF3} : NameServer = 8.26.56.26,156.154.70.22

    TCP: Interfaces\{85F6DD47-5685-47ED-9115-AC77498CACF3} : DHCPNameServer = 192.168.1.254

    TCP: Interfaces\{CD58BE2E-94A2-4C99-A4FD-64D606B70E43} : NameServer = 8.26.56.26,156.154.70.22

    TCP: Interfaces\{CD58BE2E-94A2-4C99-A4FD-64D606B70E43} : DHCPNameServer = 192.168.1.254

    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll

    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll

    Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

    Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll

    AppInit_DLLs=

    SSODL: WebCheck - <orphaned>

    x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll

    x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

    x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll

    x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

    x64-Run: [Cmaudio8788] C:\windows\syswow64\RunDll32.exe C:\windows\Syswow64\cmicnfgp.dll,CMICtrlWnd

    x64-Run: [Cmaudio8788GX] C:\windows\syswow64\HsMgr.exe Envoke

    x64-Run: [Cmaudio8788GX64] C:\windows\system\HsMgr64.exe Envoke

    x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s

    x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""

    x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"

    x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

    x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll

    x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll

    x64-Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - <orphaned>

    x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>

    x64-Notify: WB - <no file>

    x64-SSODL: WebCheck - <orphaned>

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2012-7-28 82048]

    R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2012-7-28 42624]

    R1 cmderd;COMODO Internet Security Eradication Driver;C:\windows\System32\drivers\cmderd.sys [2012-12-14 23168]

    R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\windows\System32\drivers\cmdguard.sys [2012-12-14 706560]

    R1 cmdHlp;COMODO Internet Security Helper Driver;C:\windows\System32\drivers\cmdhlp.sys [2012-12-14 48360]

    R1 tmevtmgr;tmevtmgr;C:\windows\System32\drivers\tmevtmgr.sys [2012-8-13 77184]

    R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-8-13 275912]

    R2 dldn_device;dldn_device;C:\windows\System32\dldncoms.exe -service --> C:\windows\System32\dldncoms.exe -service [?]

    R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-4-19 2074760]

    R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-3-19 3289208]

    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]

    R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]

    R3 asmthub3;ASMedia USB3 Hub Service;C:\windows\System32\drivers\asmthub3.sys [2012-7-28 130536]

    R3 asmtxhci;ASMEDIA XHCI Service;C:\windows\System32\drivers\asmtxhci.sys [2012-7-28 396776]

    R3 cmudaxp;ASUS Xonar DG Audio Interface;C:\windows\System32\drivers\cmudaxp.sys [2012-7-31 2725376]

    R3 LVRS64;Logitech RightSound Filter Driver;C:\windows\System32\drivers\lvrs64.sys [2012-1-18 351136]

    R3 LVUVC64;Logitech Webcam 500(UVC);C:\windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]

    R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-7-28 708200]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    S2 dldnCATSCustConnectService;dldnCATSCustConnectService;C:\windows\System32\spool\drivers\x64\3\dldnserv.exe [2009-7-10 33448]

    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

    S3 ahcix64s;ahcix64s;C:\windows\System32\drivers\ahcix64s.sys [2012-7-28 226616]

    S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;C:\windows\System32\drivers\BazisVirtualCDBus.sys [2011-6-4 198480]

    S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2012-12-14 158928]

    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\drivers\ssudbus.sys [2012-12-21 102368]

    S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]

    S3 MRV6X64U;Marvell TOPDOG 802.11n WLAN Driver for Vista x64 (USB8x);C:\windows\System32\drivers\MRVW24C.sys [2007-10-28 340480]

    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-11-8 19456]

    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\drivers\ssudmdm.sys [2012-12-21 203104]

    S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-11-8 57856]

    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2012-11-8 30208]

    S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-7-27 1255736]

    .

    =============== Created Last 30 ================

    .

    2013-04-20 15:45:38 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3A1DD36A-7677-4E01-9786-71F105465847}\offreg.dll

    2013-04-20 11:54:13 -------- d-----w- C:\Program Files (x86)\VideoLAN

    2013-04-20 10:47:31 -------- d-----w- C:\ProgramData\Kaspersky Lab

    2013-04-20 09:38:28 -------- d-----w- C:\Users\Kit and Fin\AppData\Roaming\SUPERAntiSpyware.com

    2013-04-17 18:23:59 108448 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll

    2013-04-17 18:17:30 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes

    2013-04-17 17:51:23 -------- d-----w- C:\Users\Kit and Fin\New folder

    2013-04-17 17:50:02 -------- d-----w- C:\Program Files (x86)\hpHosts

    2013-04-13 16:09:12 -------- d-----w- C:\Users\Kit and Fin\AppData\Roaming\LOVE

    2013-04-13 10:32:36 -------- d-----w- C:\Program Files\Paint.NET

    2013-04-13 10:32:13 -------- d-----w- C:\Users\Kit and Fin\AppData\Local\Paint.NET

    2013-04-13 09:53:23 -------- d-----w- C:\Users\Kit and Fin\AppData\Local\Evernote

    2013-04-13 09:52:41 -------- d-----w- C:\Program Files (x86)\Evernote

    2013-04-11 09:00:31 -------- d-----w- C:\Users\Kit and Fin\AppData\Local\Unity

    2013-04-10 18:05:59 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll

    2013-04-10 18:05:59 3958784 ----a-w- C:\windows\System32\jscript9.dll

    2013-04-10 18:05:59 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll

    2013-04-10 18:05:58 1766912 ----a-w- C:\windows\SysWow64\wininet.dll

    2013-04-10 18:05:57 2240512 ----a-w- C:\windows\System32\wininet.dll

    2013-04-10 15:34:45 3153408 ----a-w- C:\windows\System32\win32k.sys

    2013-04-10 15:34:44 223752 ----a-w- C:\windows\System32\drivers\fvevol.sys

    2013-04-10 15:34:44 1655656 ----a-w- C:\windows\System32\drivers\ntfs.sys

    2013-04-10 15:34:43 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe

    2013-04-10 15:34:42 43520 ----a-w- C:\windows\System32\csrsrv.dll

    2013-04-10 15:34:42 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe

    2013-04-10 15:34:42 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe

    2013-04-10 15:34:42 112640 ----a-w- C:\windows\System32\smss.exe

    2013-04-10 15:34:41 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll

    2013-04-10 14:42:05 -------- d-----w- C:\Program Files (x86)\ESET

    2013-04-10 14:41:45 -------- d-----w- C:\Users\Kit and Fin\AppData\Roaming\.minecraft

    2013-04-10 10:47:15 -------- d--h--w- C:\VTRoot

    2013-04-07 07:01:27 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll

    2013-04-07 07:01:26 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll

    2013-04-07 07:01:26 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll

    2013-04-07 07:01:26 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe

    2013-04-07 07:01:26 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll

    2013-04-07 07:01:21 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll

    2013-04-07 07:01:19 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll

    2013-04-01 17:15:22 -------- d-----w- C:\ProgramData\dl_Cats

    2013-04-01 17:14:30 -------- d-----w- C:\Dell

    2013-04-01 16:32:33 -------- d-----w- C:\Users\Kit and Fin\AppData\Roaming\Dell Imaging Toolbox

    2013-03-30 18:28:50 -------- d-----w- C:\Users\Kit and Fin\AppData\Local\CrashDumps

    .

    ==================== Find3M ====================

    .

    2013-04-20 08:20:40 56072 ----a-w- C:\windows\System32\certsentry.dll

    2013-04-20 08:20:40 47368 ----a-w- C:\windows\SysWow64\certsentry.dll

    2013-04-17 18:23:47 971680 ----a-w- C:\windows\System32\deployJava1.dll

    2013-04-17 18:23:47 1092512 ----a-w- C:\windows\System32\npDeployJava1.dll

    2013-04-15 17:38:52 48360 ----a-w- C:\windows\System32\drivers\cmdhlp.sys

    2013-04-15 17:38:51 706560 ----a-w- C:\windows\System32\drivers\cmdguard.sys

    2013-04-15 17:38:51 23168 ----a-w- C:\windows\System32\drivers\cmderd.sys

    2013-04-15 17:38:38 43216 ----a-w- C:\windows\System32\cmdcsr.dll

    2013-04-15 17:38:37 348584 ----a-w- C:\windows\SysWow64\guard32.dll

    2013-04-15 17:38:36 437176 ----a-w- C:\windows\System32\guard64.dll

    2013-04-15 17:38:29 343760 ----a-w- C:\windows\System32\cmdvrt64.dll

    2013-04-15 17:38:28 45776 ----a-w- C:\windows\System32\cmdkbd64.dll

    2013-04-15 17:38:25 276688 ----a-w- C:\windows\SysWow64\cmdvrt32.dll

    2013-04-15 17:38:24 40656 ----a-w- C:\windows\SysWow64\cmdkbd32.dll

    2013-04-13 11:25:29 691592 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

    2013-04-13 11:25:28 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

    2013-04-04 13:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

    2013-03-14 09:23:28 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll

    2013-03-14 09:23:28 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll

    2013-03-03 17:56:05 9728 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

    2013-03-01 15:45:17 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll

    2013-02-21 10:29:37 61440 ----a-w- C:\windows\SysWow64\iesetup.dll

    2013-02-21 10:29:37 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll

    2013-02-21 10:14:05 67072 ----a-w- C:\windows\System32\iesetup.dll

    2013-02-21 10:14:05 136704 ----a-w- C:\windows\System32\iesysprep.dll

    2013-02-19 12:01:03 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb

    2013-02-19 11:42:14 2706432 ----a-w- C:\windows\System32\mshtml.tlb

    2013-02-19 11:10:53 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe

    2013-02-19 10:51:18 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe

    2013-02-12 05:45:24 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll

    2013-02-12 05:45:22 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll

    2013-02-12 05:45:22 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll

    2013-02-12 05:45:22 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll

    2013-02-12 04:48:31 474112 ----a-w- C:\windows\apppatch\AcSpecfc.dll

    2013-02-12 04:48:26 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll

    2013-02-12 04:12:05 19968 ----a-w- C:\windows\System32\drivers\usb8023.sys

    2013-02-10 01:04:31 6393120 ----a-w- C:\windows\System32\nvcpl.dll

    2013-02-10 01:04:31 3472672 ----a-w- C:\windows\System32\nvsvc64.dll

    2013-02-10 01:04:29 877856 ----a-w- C:\windows\System32\nvvsvc.exe

    2013-02-10 01:04:29 63776 ----a-w- C:\windows\System32\nvshext.dll

    2013-02-10 01:04:29 2555680 ----a-w- C:\windows\System32\nvsvcr.dll

    2013-02-10 01:04:29 237856 ----a-w- C:\windows\System32\nvmctray.dll

    2013-02-09 18:43:52 555808 ----a-w- C:\windows\SysWow64\nvStreaming.exe

    2013-02-09 13:25:36 3035306 ----a-w- C:\windows\System32\nvcoproc.bin

    .

    ============= FINISH: 17:02:49.37 ===============

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2012-11-20.01)

    .

    Microsoft Windows 7 Home Premium

    Boot Device: \Device\HarddiskVolume1

    Install Date: 13/08/2012 20:10:07

    System Uptime: 20/04/2013 16:32:19 (1 hours ago)

    .

    Motherboard: ASUSTeK Computer INC. | | M5A87

    Processor: AMD FX-4170 Quad-Core Processor | AM3R2 | 2100/200mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 698 GiB total, 613.551 GiB free.

    D: is CDROM (UDF)

    E: is FIXED (NTFS) - 417 GiB total, 416.831 GiB free.

    F: is Removable

    G: is Removable

    H: is Removable

    I: is Removable

    O: is FIXED (NTFS) - 49 GiB total, 46.876 GiB free.

    .

    ==== Disabled Device Manager Items =============

    .

    ==== System Restore Points ===================

    .

    RP159: 07/04/2013 08:03:01 - Installed WinFast DTV Dongle Gold USB Driver

    RP160: 07/04/2013 08:51:46 - Removed WinFast Multimedia Driver Installation

    RP161: 07/04/2013 09:00:48 - Installed WinFast Multimedia Driver Installation

    RP162: 10/04/2013 19:04:58 - Windows Update

    RP163: 13/04/2013 10:51:57 - Installed Evernote v. 4.6.4

    RP165: 13/04/2013 11:32:13 - Paint.NET v3.5.10

    RP166: 17/04/2013 19:17:46 - Device Driver Package Install: Elaborate Bytes AG Storage controllers

    RP167: 17/04/2013 19:20:25 - Removed Java 7 Update 17 (64-bit)

    RP168: 17/04/2013 19:21:23 - Removed Java 7 Update 17

    RP169: 17/04/2013 19:23:28 - Installed Java 7 Update 21 (64-bit)

    RP170: 18/04/2013 18:55:05 - Device Driver Package Install: SysProgs.org Storage controllers

    RP171: 20/04/2013 09:29:14 - Installed Microsoft Fix it 50267

    .

    ==== Installed Programs ======================

    .

    7-Zip 9.20

    Adobe AIR

    Adobe Flash Player 11 ActiveX

    Adobe Flash Player 11 Plugin

    Adobe Reader XI (11.0.02)

    Apple Application Support

    Apple Mobile Device Support

    Apple Software Update

    ASUS Xonar DG Audio Driver

    BlackBerry Desktop Software 7.1

    Bonjour

    CameraHelperMsi

    CCleaner

    Comodo Dragon

    COMODO Internet Security

    Compatibility Pack for the 2007 Office system

    Creation Kit

    Defraggler

    erLT

    ESET Online Scanner v3

    Evernote v. 4.6.4

    Fallout 3

    FINAL FANTASY VII

    Garry's Mod

    Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

    iTunes

    Java 7 Update 21 (64-bit)

    Logitech Webcam Software

    LWS Facebook

    LWS Gallery

    LWS Help_main

    LWS Launcher

    LWS Motion Detection

    LWS Pictures And Video

    LWS Twitter

    LWS Video Mask Maker

    LWS VideoEffects

    LWS Webcam Software

    LWS WLM Plugin

    LWS YouTube Plugin

    Malwarebytes Anti-Malware version 1.75.0.1300

    Microsoft .NET Framework 4 Client Profile

    Microsoft .NET Framework 4 Extended

    Microsoft .NET Framework 4 Multi-Targeting Pack

    Microsoft Application Error Reporting

    Microsoft Games for Windows - LIVE Redistributable

    Microsoft Games for Windows Marketplace

    Microsoft Help Viewer 1.0

    Microsoft Office File Validation Add-In

    Microsoft Office Small Business Edition 2003

    Microsoft Silverlight

    Microsoft SQL Server 2008 R2 Management Objects

    Microsoft SQL Server Compact 3.5 SP2 ENU

    Microsoft SQL Server Compact 3.5 SP2 x64 ENU

    Microsoft SQL Server System CLR Types

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2005 Redistributable (x64)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

    Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319

    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

    Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU

    Microsoft Visual Studio 2010 Service Pack 1

    Microsoft_VC80_CRT_x86

    Microsoft_VC90_CRT_x86

    NVIDIA 3D Vision Controller Driver 314.07

    NVIDIA 3D Vision Driver 314.07

    NVIDIA Control Panel 314.07

    NVIDIA Graphics Driver 314.07

    NVIDIA HD Audio Driver 1.3.23.1

    NVIDIA Install Application

    NVIDIA PhysX

    NVIDIA PhysX System Software 9.12.1031

    NVIDIA Stereoscopic 3D Driver

    NVIDIA Update 1.12.12

    NVIDIA Update Components

    Paint.NET v3.5.10

    PlayReady PC Runtime amd64

    RealNetworks - Microsoft Visual C++ 2008 Runtime

    RealNetworks - Microsoft Visual C++ 2010 Runtime

    Realtek High Definition Audio Driver

    Revo Uninstaller 1.94

    SAMSUNG USB Driver for Mobile Phones

    Security Update for CAPICOM (KB931906)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

    Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

    Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

    Skype Click to Call

    Skype™ 5.10

    Steam

    swMSM

    The Elder Scrolls V: Skyrim

    tools-windows

    Trend Micro Titanium

    Trend Micro Titanium Maximum Security 2012

    Unity Web Player

    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

    Update for Microsoft .NET Framework 4 Extended (KB2468871)

    Update for Microsoft .NET Framework 4 Extended (KB2533523)

    Update for Microsoft .NET Framework 4 Extended (KB2600217)

    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

    VLC media player 2.0.6

    Windows Live ID Sign-in Assistant

    WinFast DTV Dongle Gold USB Driver

    WinFast Multimedia Driver Installation

    .

    ==== Event Viewer Messages From Past Week ========

    .

    20/04/2013 16:35:31, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

    20/04/2013 16:35:31, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.

    20/04/2013 16:32:55, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the dldnCATSCustConnectService service to connect.

    20/04/2013 16:32:55, Error: Service Control Manager [7000] - The dldnCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

    20/04/2013 09:30:30, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.

    18/04/2013 17:59:01, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    18/04/2013 17:59:01, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

    18/04/2013 17:37:37, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

    18/04/2013 17:37:34, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

    18/04/2013 17:37:34, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

    18/04/2013 17:37:30, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

    18/04/2013 17:37:23, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

    18/04/2013 17:37:15, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cmdGuard discache ElbyCDIO spldr tmactmon tmcomm tmevtmgr tmtdi Wanarpv6

    14/04/2013 19:36:07, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

    14/04/2013 19:36:07, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

    14/04/2013 19:35:49, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

    .

    ==== End Of File ===========================

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.