Jump to content

Dogwithrabiez

Members
 View Profile  See their activity

  • Posts

    13

  • Joined

  • Last visited

 Content Type 

Posts posted by Dogwithrabiez

    TopArcadeHits Virus Help

    in Resolved Malware Removal Logs

    Posted

     Results of screen317's Security Check version 0.99.78  

     Windows 7 Service Pack 1 x64 (UAC is disabled!)  

     Internet Explorer 11  

    ``````````````Antivirus/Firewall Check:`````````````` 

     Windows Firewall Enabled!  

    Microsoft Security Essentials   

     Antivirus up to date!  

    `````````Anti-malware/Other Utilities Check:````````` 

     Sophos Anti-Rootkit 1.5.4   

     Malwarebytes Anti-Malware version 1.75.0.1300  

     JavaFX 2.1.1    

     Java 7 Update 45  

     Adobe Flash Player 11.9.900.170  

     Mozilla Firefox 25.0.1 Firefox out of Date!  

     Google Chrome 31.0.1650.57  

     Google Chrome 31.0.1650.63  

    ````````Process Check: objlist.exe by Laurent````````  

     Microsoft Security Essentials MSMpEng.exe 

     Microsoft Security Essentials msseces.exe 

    `````````````````System Health check````````````````` 

     Total Fragmentation on Drive C: 0% 

    ````````````````````End of Log`````````````````````` 

    TopArcadeHits Virus Help

    in Resolved Malware Removal Logs

    Posted

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-01-2014

    Ran by Gurn at 2014-01-03 16:33:01 Run:1

    Running from C:\Users\Gurn\Downloads

    Boot Mode: Normal

    ==============================================

     

    Content of fixlist:

    *****************

    HKCU\...\Run: [taskhost] - rundll32 "C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\taskhost.dll",_EntryPoint_RunDll32@16 

    SearchScopes: HKLM - DefaultScope value is missing.

    FF Extension: TopArcadeHits - C:\Users\Gurn\AppData\Roaming\Mozilla\Firefox\Profiles\42hg9yui.default\Extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}

    CHR Extension: () - C:\Users\Gurn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp

     

    *****************

     

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\taskhost => Value deleted successfully.

    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

    C:\Users\Gurn\AppData\Roaming\Mozilla\Firefox\Profiles\42hg9yui.default\Extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3} => Moved successfully.

    CHR Extension: () - C:\Users\Gurn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp directory not found.

     

    ==== End of Fixlog ====

    TopArcadeHits Virus Help

    in Resolved Malware Removal Logs

    Posted

    # AdwCleaner v3.016 - Report created 03/01/2014 at 13:35:27

    # Updated 23/12/2013 by Xplode

    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

    # Username : Gurn - ARTEMIS-02

    # Running from : C:\Users\Gurn\Downloads\adwcleaner.exe

    # Option : Clean

     

    ***** [ Services ] *****

     

     

    ***** [ Files / Folders ] *****

     

    Folder Deleted : C:\Users\Gurn\AppData\Roaming\Mozilla\Firefox\Profiles\42hg9yui.default\StumbleUpon

     

    ***** [ Shortcuts ] *****

     

     

    ***** [ Registry ] *****

     

     

    ***** [ Browsers ] *****

     

    -\\ Internet Explorer v11.0.9600.16428

     

     

    -\\ Mozilla Firefox v25.0.1 (en-US)

     

    [ File : C:\Users\Gurn\AppData\Roaming\Mozilla\Firefox\Profiles\42hg9yui.default\prefs.js ]

     

     

    -\\ Google Chrome v

     

    [ File : C:\Users\Gurn\AppData\Local\Google\Chrome\User Data\Default\preferences ]

     

     

    *************************

     

    AdwCleaner[R0].txt - [3898 octets] - [03/01/2014 02:41:48]

    AdwCleaner[R1].txt - [1104 octets] - [03/01/2014 13:31:59]

    AdwCleaner[s0].txt - [3913 octets] - [03/01/2014 02:45:41]

    AdwCleaner[s1].txt - [1030 octets] - [03/01/2014 13:35:27]

     

    ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1090 octets] ##########

     

     

     

    I am currently running Malwarebytes full scan. As of this moment, nothing has changed and TopArcadeHits still continues to give me random popups and highlights words on pages to link to ad sites.

    TopArcadeHits Virus Help

    in Resolved Malware Removal Logs

    Posted

    RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy

    mail : tigzyRK<at>gmail<dot>com




     

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

    Started in : Normal mode

    User : Gurn [Admin rights]

    Mode : Scan -- Date : 01/03/2014 12:52:28

    | ARK || FAK || MBR |

     

    ¤¤¤ Bad processes : 0 ¤¤¤

     

    ¤¤¤ Registry Entries : 10 ¤¤¤

    [RUN][sUSP PATH] HKCU\[...]\Run : taskhost (rundll32 "C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\taskhost.dll",_EntryPoint_RunDll32@16 [x][-][x]) -> FOUND

    [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

    [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

    [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

    [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND

    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND

    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND

    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

     

    ¤¤¤ Scheduled tasks : 0 ¤¤¤

     

    ¤¤¤ Startup Entries : 0 ¤¤¤

     

    ¤¤¤ Web browsers : 0 ¤¤¤

     

    ¤¤¤ Browser Addons : 0 ¤¤¤

     

    ¤¤¤ Particular Files / Folders: ¤¤¤

     

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

     

    ¤¤¤ External Hives: ¤¤¤

    -> F:\windows\system32\config\SYSTEM | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - FOUND]

    -> F:\windows\system32\config\SOFTWARE | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - FOUND]

    -> F:\windows\system32\config\SECURITY | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - FOUND]

    -> F:\windows\system32\config\SAM | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - FOUND]

    -> F:\windows\system32\config\DEFAULT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - FOUND]

    -> F:\Users\Default\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

    -> F:\Users\Default User\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

    -> F:\Users\Gurn\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - FOUND]

    -> F:\Users\UpdatusUser\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

    -> F:\Documents and Settings\Default\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

    -> F:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

    -> F:\Documents and Settings\Gurn\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

    -> F:\Documents and Settings\UpdatusUser\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

     

    ¤¤¤ Infection :  ¤¤¤

     

    ¤¤¤ HOSTS File: ¤¤¤

    --> %SystemRoot%\System32\drivers\etc\hosts

     

     

    127.0.0.1       localhost

     

     

    ¤¤¤ MBR Check: ¤¤¤

     

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1001FALS-00Y6A0 ATA Device +++++

    --- User ---

    [MBR] 255c3cf1e5f04c2e593f7c556f437437

    [bSP] 09bbebd4e263a40444ff2e044cd00111 : Windows 7/8 MBR Code

    Partition table:

    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo

    User = LL1 ... OK!

    User = LL2 ... OK!

     

    +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD5000AADS-00S9B0 ATA Device +++++

    --- User ---

    [MBR] 3cb728527b73759917e10abb859fc121

    [bSP] 3c6f1447cc25f2a566443ae58d756341 : Windows 7/8 MBR Code

    Partition table:

    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo

    User = LL1 ... OK!

    User = LL2 ... OK!

     

    Finished : << RKreport[0]_S_01032014_125228.txt >>

    TopArcadeHits Virus Help

    in Resolved Malware Removal Logs

    Posted

    I recently came back from a vacation and booted my computer up, only to see this TopArcadeHits thing popping all sorts of ads and such across websites. I immediately ran a full Malwarebytes check, which caught it and removed it-- Or so it said. Here's the log for that:

     

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org
     
    Database version: v2014.01.03.01
     
    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.16476
    Gurn :: ARTEMIS-02 [administrator]
     
    1/2/2014 8:32:07 PM
    mbam-log-2014-01-02 (20-32-07).txt
     
    Scan type: Full scan (C:\|D:\|E:\|F:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 940679
    Time elapsed: 3 hour(s), 18 minute(s), 24 second(s)
     
    Memory Processes Detected: 0
    (No malicious items detected)
     
    Memory Modules Detected: 0
    (No malicious items detected)
     
    Registry Keys Detected: 9
    HKCR\CLSID\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    HKCR\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{39A17362-9C1D-4907-9428-0D28A94DC79D} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    HKCR\Interface\{627A968A-03E6-41C7-B11B-4E442B376F95} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1C3E833-420E-4D78-9BA7-86AEBB272384} (Adware.GameVance) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1C3E833-420E-4D78-9BA7-86AEBB272384} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Consumer Input Chrome Extension (PUP.Optional.Consumer.Input.A) -> Quarantined and deleted successfully.
     
    Registry Values Detected: 0
    (No malicious items detected)
     
    Registry Data Items Detected: 0
    (No malicious items detected)
     
    Folders Detected: 8
    C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits (Adware.GameVance) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Local\TopArcadeHits (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\skin (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Consumer Input (PUP.Optional.Consumer.Input.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Consumer Input\Chrome (PUP.Optional.Consumer.Input.A) -> Quarantined and deleted successfully.
     
    Files Detected: 23
    C:\Users\Gurn\AppData\Local\TopArcadeHits\Toparcadehits.dll (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Local\TopArcadeHits\uninstaller.exe (Adware.GameVance) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Local\TopArcadeHits\updater.exe (Adware.GameVance) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\taskhost.exe (PUP.Bitminer) -> Quarantined and deleted successfully.
    C:\Users\Gurn\Downloads\coretemp_1236.exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.
    C:\Users\Gurn\Downloads\Doctor_Who_2005_S07E07_480p_HDTV_x264_(VectoR) (1).exe (PUP.BundleInstaller.DW) -> Quarantined and deleted successfully.
    C:\Users\Gurn\Downloads\Doctor_Who_2005_S07E07_480p_HDTV_x264_(VectoR).exe (PUP.BundleInstaller.DW) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\Play Toparcadehits Online.url (Adware.GameVance) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\Uninstall Toparcadehits.lnk (Adware.GameVance) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Local\TopArcadeHits\tah.config (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Local\TopArcadeHits\Toparcadehitsbrkr.exe (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Local\TopArcadeHits\uninstaller.exe (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Local\TopArcadeHits\updater.exe (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Windows\Tasks\TopArcadeHits.job (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome.manifest (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\icon.png (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\install.rdf (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content\browser.xul (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content\toparcadehits.js (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\skin\style.css (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Consumer Input\Chrome\cicr-3.1.0-2123.crx (PUP.Optional.Consumer.Input.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Consumer Input\Chrome\uninstall.exe (PUP.Optional.Consumer.Input.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Consumer Input\Chrome\uninstall.ico (PUP.Optional.Consumer.Input.A) -> Quarantined and deleted successfully.
     
    (end)
     
     
    Unfortunately, when my computer restarted, nothing was solved. I've downloaded and used the dds. Here's the logs for that:
     
    DDS (Ver_2012-11-20.01) - NTFS_AMD64 
    Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
    Run by Gurn at 2:55:05 on 2014-01-03
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8191.5630 [GMT -8:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
    C:\Users\Gurn\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
    C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\sppsvc.exe
    C:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Steam\Steam.exe
    C:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Malwarebytes' Anti-Malware\mbam.exe
    C:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exe
    \\?\C:\Windows\system32\wbem\WMIADAP.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    c:\Program Files\Microsoft Security Client\MpCmdRun.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll
    uRun: [taskhost] rundll32 "C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\taskhost.dll",_EntryPoint_RunDll32@16
    mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
    mRun: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
    mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    dRunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
    IE: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
    TCP: NameServer = 192.168.1.254
    TCP: Interfaces\{07A6B49D-CD07-4687-BEF0-67B09726261C} : DHCPNameServer = 192.168.1.254
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    SSODL: WebCheck - <orphaned>
    x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll
    x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
    x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-Run: [intelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
    x64-Run: [intelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
    x64-IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Gurn\AppData\Roaming\Mozilla\Firefox\Profiles\42hg9yui.default\
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
    FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
    FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Users\Gurn\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
    FF - ExtSQL: !HIDDEN! 2013-03-15 12:53; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
    R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.EXE [2013-8-30 193696]
    R2 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2012-12-6 2568120]
    R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 134944]
    R2 RzMaelstromVADStreamingService;Razer Surround Audio Service;C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [2013-5-17 4241920]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]
    R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
    R3 Ctafiltv;Ctafiltv;C:\Windows\System32\drivers\Ctafiltv.sys [2008-8-14 24064]
    R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-7-2 327576]
    R3 LVUVC64;Logitech Webcam 500(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-7-2 6377496]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-8-12 346144]
    R3 rzdaendpt;Razer DeathAdder end point;C:\Windows\System32\drivers\rzdaendpt.sys [2013-5-16 25600]
    R3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;C:\Windows\System32\drivers\RzMaelstromVAD.sys [2013-5-17 40696]
    R3 rzudd;Razer Keyboard Driver;C:\Windows\System32\drivers\rzudd.sys [2013-5-16 126464]
    R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2013-5-16 23040]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
    S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.EXE [2013-8-30 240288]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-6-4 103448]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616]
    S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-1-29 36720]
    S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-6-4 203672]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-7-2 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-2 1255736]
    S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
    .
    =============== Created Last 30 ================
    .
    2014-01-03 10:41:45 -------- d-----w- C:\AdwCleaner
    2014-01-03 04:20:53 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9AE8F813-89B8-4113-AA6C-8AADC867604D}\mpengine.dll
    2013-12-29 15:32:52 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2013-12-11 11:02:55 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
    2013-12-11 11:02:55 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    2013-12-11 11:02:54 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
    2013-12-11 11:02:54 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
    2013-12-11 05:47:13 335360 ----a-w- C:\Windows\System32\msieftp.dll
    2013-12-11 05:47:13 3155968 ----a-w- C:\Windows\System32\win32k.sys
    2013-12-11 05:47:13 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
    2013-12-11 05:47:12 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
    2013-12-11 05:47:12 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
    2013-12-11 05:47:11 81408 ----a-w- C:\Windows\System32\imagehlp.dll
    2013-12-11 05:47:11 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
    2013-12-11 05:43:56 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2013-12-11 05:43:56 2048 ----a-w- C:\Windows\System32\tzres.dll
    2013-12-11 05:43:54 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
    2013-12-11 05:43:54 150016 ----a-w- C:\Windows\System32\wshom.ocx
    2013-12-11 05:43:54 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
    2013-12-11 05:43:53 202752 ----a-w- C:\Windows\System32\scrrun.dll
    2013-12-11 05:43:53 168960 ----a-w- C:\Windows\System32\wscript.exe
    2013-12-11 05:43:53 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
    2013-12-11 05:43:53 156160 ----a-w- C:\Windows\System32\cscript.exe
    2013-12-11 05:43:53 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
    2013-12-11 05:43:53 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
    2013-12-11 05:43:53 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
    2013-12-06 06:14:35 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13D4DD4A-9411-48ED-A85B-672326D6F87B}\gapaengine.dll
    .
    ==================== Find3M  ====================
    .
    2013-12-13 11:09:21 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
    2013-12-13 10:50:18 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
    2013-12-11 16:34:16 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-12-11 16:34:16 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-12-03 14:25:41 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
    2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
    2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
    2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
    2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
    2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe
    2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
    2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
    2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
    2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
    2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
    2013-10-08 15:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
    2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
    .
    ============= FINISH:  2:55:51.80 ===============
     
     
     
     
     
     
     
     
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium 
    Boot Device: \Device\HarddiskVolume1
    Install Date: 6/30/2012 4:02:26 PM
    System Uptime: 1/3/2014 2:48:43 AM (0 hours ago)
    .
    Motherboard: ASRock |  | 870 Extreme3
    Processor: AMD Phenom II X6 1055T Processor | CPUSocket | 2800/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 931 GiB total, 344.004 GiB free.
    D: is CDROM (CDFS)
    E: is FIXED (NTFS) - 0 GiB total, 0.069 GiB free.
    F: is FIXED (NTFS) - 466 GiB total, 318.664 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Description: Standard PS/2 Keyboard
    Device ID: ACPI\PNP0303\4&8AB8035&0
    Manufacturer: (Standard keyboards)
    Name: Standard PS/2 Keyboard
    PNP Device ID: ACPI\PNP0303\4&8AB8035&0
    Service: i8042prt
    .
    ==== System Restore Points ===================
    .
    RP224: 12/18/2013 7:33:00 AM - Windows Update
    RP225: 12/22/2013 7:33:07 AM - Windows Update
    RP226: 12/26/2013 7:33:02 AM - Windows Update
    RP227: 1/2/2014 8:20:00 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    µTorrent
    7-Zip 9.20 (x64 edition)
    AbiWord 2.8.6
    Active@ UNDELETE 7
    Adobe Flash Player 11 Plugin
    AIM 7
    Amazon Cloud Player
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Artemis Artemis
    Bastion
    Battlefield 3™
    Battlefield 4™
    Battlelog Web Plugins
    Bing Bar
    Bonjour
    Borderlands 2
    C3
    Canon IJ Network Scanner Selector EX
    Canon IJ Network Tool
    Canon IJ Scan Utility
    Canon MG5400 series MP Drivers
    CCleaner
    Chivalry: Medieval Warfare
    Chivalry: Medieval Warfare Dedicated Server
    CMUD 3.34
    Core Temp 1.0 RC5
    Corrupt Open Office Salvager version 1.2
    Counter-Strike: Global Offensive
    Crysis
    Crysis Warhead
    Crysis Wars
    Divekick
    ERUNT 1.1j
    ESET Online Scanner v3
    ESN Sonar
    f.lux
    Foxit Reader
    Fraps (remove only)
    Free YouTube to MP3 Converter version 3.12.0.128
    GIMP 2.8.0
    GOM Player
    GOMTV Streamer
    Google Chrome
    Halo Combat Evolved
    ICY Hexplorer (remove only)
    iTunes
    Jade Empire: Special Edition
    Java 7 Update 45
    Java Auto Updater
    JavaFX 2.1.1
    Kernel for Writer Evaluation ver 8.12.01
    Logitech High Quality Video
    Logitech Webcam Software Driver Package
    Magicka
    Malwarebytes Anti-Malware version 1.75.0.1300
    Mass Effect™ 3
    MechWarrior Online
    Metro 2033
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Mouse and Keyboard Center
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
    Microsoft XNA Framework Redistributable 3.1
    Microsoft XNA Framework Redistributable 4.0 Refresh
    Mount & Blade: Warband
    Mozilla Firefox 25.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MUSHclient (remove only)
    Nexus Mod Manager
    No More Room in Hell
    Notepad++
    NVIDIA 3D Vision Controller Driver 314.07
    NVIDIA 3D Vision Driver 314.07
    NVIDIA Control Panel 314.07
    NVIDIA Graphics Driver 314.07
    NVIDIA HD Audio Driver 1.3.23.1
    NVIDIA Install Application
    NVIDIA PhysX
    NVIDIA PhysX System Software 9.12.1031
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update 1.12.12
    NVIDIA Update Components
    OpenOffice.org 3.4.1
    Origin
    PAYDAY 2
    PunkBuster Services
    Rainmeter
    Razer Surround
    Razer Synapse 2.0
    Recover My Files
    Rune Classic
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
    Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
    Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
    Skype™ 6.10
    Skyrim NPC Editor
    Sophos Anti-Rootkit 1.5.4
    Source SDK
    Spec Ops: The Line
    StarCraft II
    SUPERAntiSpyware
    SyTools Open Office Writer Recovery
    The Elder Scrolls Online Beta
    The Stanley Parable
    The Walking Dead
    Torchlight II
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2836939)
    Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
    Urban Terror 4.1
    War of the Roses
    Warhammer 40,000 Space Marine
    Warhammer® 40,000™: Dawn of War® II
    Windows 7 USB/DVD Download Tool
    WinRAR 4.20 (32-bit)
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/29/2013 2:37:43 AM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 252.
    1/3/2014 2:51:22 AM, Error: Service Control Manager [7038]  - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:  Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    1/3/2014 2:51:22 AM, Error: Service Control Manager [7000]  - The NVIDIA Update Service Daemon service failed to start due to the following error:  The service did not start due to a logon failure.
    1/2/2014 8:10:11 PM, Error: Service Control Manager [7034]  - The Skype Updater service terminated unexpectedly.  It has done this 1 time(s).
    .
    ==== End Of File ===========================
     
     
     
     
     
     
     
     
     
     
     
     
     
     

    Infected with a lot of viruses that came from nowhere

    in Resolved Malware Removal Logs

    Posted

    Well, I tried all the methods suggested, but I encountered a lot of problems. MalwareBytes and AVG won't start, though AVG got its files completely corrupted while MalwareBytes is just unable to start. Can't access any sites to download new ones, and I have to use my repair disc quite often, as one of the viruses seems to be a boot-sector virus. One of them also likes to download porn applications-- I disabled my internet and am using another computer to try and get fixes. These viruses just came out of nowhere, just a day after I scanned my computer for viruses.

    A couple problems I have, the main one being that I can't get MalwareBytes to start. I followed the instructions, but...

    1. Tdssserv.sys doesn't show up on the non plug and play.

    2. RootRepeal comes up with a few dozen hits, with things like

    C:\WINDOWS\System32\Drivers\Fastfat.SYS

    C:\Windows\System32\DRIVERS\ELmou.sys

    C"\WINDOWS\System32\DRIVERS\e1e5132.sys

    C:\WINDOWS\System32\DLA\DLApoolM.SYS

    atapi.sys

    ACPI.sys

    PrtMr.sys

    pciide.sys

    Ntfs.sys

    NDIS.sys

    Mup.sys

    DRVMCB.SYS

    And so on. It goes on for quite a large list, and I don't know what to do.

    My system is a Windows XP Media Edition, if that helps. In retrospect, it might've been one of the song lyric sites I went on(totally forgot to have Securemaker on), but I dunno. Any help please?

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.