Jump to content

Bsebastian01

Members
  • Posts

    3
  • Joined

  • Last visited

Everything posted by Bsebastian01

  1. IE explorer often takes up 50 percent of my total CPU when I have it openned, I check my Processes and I se around 3 or 4 entries on it at once, I am only running one window, one tab. No downloads. (This is a repost due to some errors on my last logs) DDS (Ver_09-12-01.01) - NTFSx86 Run by Beau at 22:13:26.56 on Mon 03/08/2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2047.862 [GMT -7:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Beau\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\users\beau\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL ============= SERVICES / DRIVERS =============== R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-2-27 236368] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-1-11 240232] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-2-27 19160] R3 netr73;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\netr73.sys [2009-7-29 553472] R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2006-9-26 21920] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\dragon age\bin_ship\daupdatersvc.service.exe [2010-2-27 25832] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2009-10-29 30603640] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-9-26 4639136] =============== Created Last 30 ================ 2010-03-08 16:27:53 20 ----a-w- c:\users\beau\defogger_reenable 2010-03-08 04:57:52 0 d-----w- c:\program files\FL DataStorm 2010-03-08 04:57:36 0 d-----w- c:\windows\Downloaded Installations 2010-03-08 04:55:33 0 d-----w- c:\program files\Freelancer Companion 2010-03-08 04:53:23 0 d-----w- c:\program files\Freelancer Mod Manager 2010-03-08 03:10:03 0 d-----w- c:\programdata\IObit 2010-03-08 03:06:12 0 d-----w- c:\users\beau\appdata\roaming\IObit 2010-03-08 00:44:40 0 d-----w- c:\program files\IObit 2010-03-07 22:50:37 0 d-----w- c:\programdata\BioWare 2010-03-07 06:10:31 0 d-----w- c:\windows\usgwmt 2010-03-05 04:24:26 0 d-----w- c:\users\beau\appdata\roaming\Screaming Bee 2010-03-05 04:19:15 0 d-----w- c:\program files\common files\Screaming Bee 2010-03-05 02:26:25 0 d-----w- c:\users\beau\appdata\roaming\PeerNetworking 2010-03-01 06:19:35 0 d-----w- c:\program files\WOT 2010-03-01 06:16:48 0 d-----r- c:\users\beau\Virtual Machines 2010-02-28 09:58:54 0 d-----w- c:\program files\Alarm Clock 2010-02-28 09:42:38 0 d-----w- c:\program files\Windows Virtual PC 2010-02-28 08:57:28 0 d-----w- c:\program files\StarCraft II Beta 2010-02-28 08:46:51 14848 ----a-w- c:\windows\system32\vpchbuspipe.dll 2010-02-28 08:46:46 793600 ----a-w- c:\windows\system32\vmsal.exe 2010-02-28 08:46:46 78336 ----a-w- c:\windows\system32\drivers\vpcusb.sys 2010-02-28 08:46:46 559616 ----a-w- c:\windows\system32\VMCPropertyHandler.dll 2010-02-28 08:46:46 55040 ----a-w- c:\windows\system32\drivers\vpcnfltr.sys 2010-02-28 08:46:46 294912 ----a-w- c:\windows\system32\drivers\vpcvmm.sys 2010-02-28 08:46:46 2169856 ----a-w- c:\windows\system32\VPCWizard.exe 2010-02-28 08:46:46 165376 ----a-w- c:\windows\system32\drivers\vpchbus.sys 2010-02-28 08:46:46 1260032 ----a-w- c:\windows\system32\VPCSettings.exe 2010-02-28 08:46:46 1002496 ----a-w- c:\windows\system32\VMWindow.exe 2010-02-28 08:46:45 3329536 ----a-w- c:\windows\system32\vpc.exe 2010-02-28 08:40:09 0 d-----w- c:\windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP 2010-02-28 08:14:13 0 d-----w- c:\program files\Mass Effect 2 2010-02-28 07:41:52 0 d-----w- c:\windows\system32\appmgmt 2010-02-28 06:42:05 0 d--h--w- c:\windows\PIF 2010-02-28 06:06:14 0 d-----w- c:\program files\Diablo II 2010-02-28 04:54:09 0 d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP 2010-02-28 04:53:44 0 d-----w- c:\programdata\Media Center Programs 2010-02-28 04:44:59 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll 2010-02-28 04:38:55 0 d-----w- c:\program files\Dragon Age 2010-02-28 04:38:55 0 d-----w- c:\program files\common files\BioWare 2010-02-28 04:38:21 0 d-----w- c:\windows\system32\directx 2010-02-28 03:02:56 0 d-----w- c:\windows\Eurobattle.net 2010-02-28 02:45:03 83024 ----a-w- c:\windows\War3Unin.dat 2010-02-28 02:45:03 2829 ----a-w- c:\windows\War3Unin.pif 2010-02-28 02:45:02 139264 ----a-w- c:\windows\War3Unin.exe 2010-02-28 01:18:21 0 d-----w- c:\program files\K-Lite Codec Pack 2010-02-28 01:17:01 0 d-----w- c:\programdata\Sun 2010-02-28 01:14:45 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-02-28 01:10:03 0 d-----w- c:\programdata\Adobe 2010-02-28 01:09:22 0 d-----w- c:\programdata\NOS 2010-02-28 01:08:23 0 d-----w- c:\windows\system32\Adobe 2010-02-27 23:30:01 0 d-----w- c:\users\beau\Tracing 2010-02-27 23:28:37 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2010-02-27 23:27:15 0 d-----w- c:\program files\Microsoft 2010-02-27 23:26:54 0 d-----w- c:\program files\Windows Live SkyDrive 2010-02-27 23:11:45 0 d-----w- c:\program files\common files\Windows Live 2010-02-27 22:58:39 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-02-27 22:58:18 0 d-----w- c:\program files\DAEMON Tools Lite 2010-02-27 22:58:07 0 d-----w- c:\users\beau\appdata\roaming\DAEMON Tools Lite 2010-02-27 22:58:05 0 d-----w- c:\programdata\DAEMON Tools Lite 2010-02-27 22:56:33 0 d-----w- c:\programdata\Blizzard Entertainment 2010-02-27 22:51:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2010-02-27 22:42:37 0 d-----w- c:\program files\Microsoft Synchronization Services 2010-02-27 22:42:16 0 d-----w- c:\windows\PCHEALTH 2010-02-27 22:42:16 0 d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-02-27 22:41:09 0 d-----w- c:\program files\Microsoft Visual Studio 8 2010-02-27 22:39:59 0 d-----w- c:\program files\Microsoft Analysis Services 2010-02-27 22:38:49 0 d-----w- c:\programdata\Microsoft Help 2010-02-27 22:32:12 0 d-----w- c:\windows\system32\RTCOM 2010-02-27 22:31:56 0 d-----w- c:\program files\Realtek 2010-02-27 22:31:55 0 d--h--w- c:\program files\Temp 2010-02-27 22:18:21 53248 ----a-w- c:\windows\system32\CSVer.dll 2010-02-27 22:05:52 0 d-----w- c:\program files\common files\Blizzard Entertainment 2010-02-27 22:02:58 0 d-----w- c:\programdata\Blizzard 2010-02-27 18:56:09 1908 ----a-w- c:\windows\diagwrn.xml 2010-02-27 18:56:09 1908 ----a-w- c:\windows\diagerr.xml 2010-02-27 18:44:14 0 d-----w- c:\users\beau\appdata\roaming\Malwarebytes 2010-02-27 18:44:11 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-27 18:44:10 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-27 18:44:10 0 d-----w- c:\programdata\Malwarebytes 2010-02-27 18:44:10 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-02-27 18:38:11 0 d-----w- c:\programdata\NVIDIA 2010-02-27 18:37:41 0 d-----w- c:\program files\common files\Wise Installation Wizard 2010-02-27 18:37:35 0 d-----w- c:\program files\NVIDIA Corporation 2010-02-27 18:35:49 0 d-----w- c:\program files\Windows XP Mode 2010-02-27 18:35:22 0 d-sh--w- c:\windows\Installer 2010-02-27 18:28:14 0 d-----w- c:\windows\Panther 2010-02-27 18:26:40 0 d-----w- c:\program files\uTorrent 2010-02-27 18:26:03 0 d-----w- c:\users\beau\appdata\roaming\uTorrent 2010-02-27 18:18:44 257024 ----a-w- c:\windows\system32\msv1_0.dll 2010-02-27 18:18:05 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01009.Wdf 2010-02-27 18:17:49 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-02-27 18:15:25 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-02-27 18:15:25 85504 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-02-27 18:15:25 369152 ----a-w- c:\windows\system32\secproc.dll 2010-02-27 18:15:25 365568 ----a-w- c:\windows\system32\secproc_isv.dll 2010-02-27 18:15:25 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-02-27 18:15:25 320512 ----a-w- c:\windows\system32\RMActivate.exe 2010-02-27 18:15:25 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-02-27 18:15:25 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-02-27 18:15:12 2048 ----a-w- c:\windows\system32\tzres.dll 2010-02-27 18:13:27 717892 ----a-w- c:\windows\system32\PerfStringBackup.INI 2010-02-27 18:13:08 0 d-----w- c:\windows\system32\wbem\Performance ==================== Find3M ==================== 2010-02-04 17:01:14 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll 2010-02-04 17:01:14 528216 ----a-w- c:\windows\system32\XAudio2_6.dll 2010-02-04 17:01:14 238936 ----a-w- c:\windows\system32\xactengine3_6.dll 2010-02-04 17:01:14 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll 2010-02-02 18:00:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2010-01-12 05:48:00 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-01-12 05:48:00 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-01-12 05:18:00 962664 ----a-w- c:\windows\system32\nvsvc.dll 2010-01-12 05:18:00 66664 ----a-w- c:\windows\system32\nvshext.dll 2010-01-12 05:18:00 13679720 ----a-w- c:\windows\system32\nvcpl.dll 2010-01-12 05:18:00 129640 ----a-w- c:\windows\system32\nvvsvc.exe 2010-01-12 05:18:00 110696 ----a-w- c:\windows\system32\nvmctray.dll 2009-12-19 09:02:55 977920 ----a-w- c:\windows\system32\wininet.dll 2009-12-19 09:02:52 12288 ----a-w- c:\windows\system32\tsbyuv.dll 2009-12-19 09:02:48 1328640 ----a-w- c:\windows\system32\quartz.dll 2009-12-19 09:02:46 22016 ----a-w- c:\windows\system32\msyuv.dll 2009-12-19 09:02:45 31744 ----a-w- c:\windows\system32\msvidc32.dll 2009-12-19 09:02:45 13312 ----a-w- c:\windows\system32\msrle32.dll 2009-12-19 09:02:40 84480 ----a-w- c:\windows\system32\mciavi32.dll 2009-12-19 09:02:39 50176 ----a-w- c:\windows\system32\iyuv_32.dll 2009-12-19 09:02:01 91648 ----a-w- c:\windows\system32\avifil32.dll 2009-12-13 09:30:50 641536 ----a-w- c:\windows\system32\CPFilters.dll 2009-12-13 09:30:50 465408 ----a-w- c:\windows\system32\psisdecd.dll 2009-12-13 09:29:33 417792 ----a-w- c:\windows\system32\msdri.dll 2009-12-12 14:15:30 178176 ----a-w- c:\windows\system32\unrar.dll 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 22:13:42.72 =============== Malwarebytes' Anti-Malware 1.44 Database version: 3836 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 3/8/2010 9:27:05 AM mbam-log-2010-03-08 (09-27-05).txt Scan type: Quick Scan Objects scanned: 106626 Time elapsed: 3 minute(s), 4 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Attach.zip
  2. Forgot to upload this, my mistake. Attach.zip
  3. I've recently noticed after a reformat due to Stupid Validation things (Microsoft gave me a new key) I have noticed atleast two iexplorer.exes running, every once in awhile more processes open up, getting to atleast 6 iexplorer.exe processes running, oh dear me. I will say that I very good with computers, I fix them everyday, and I build them alot too. My most common method of Virus removal would be Running Malwarebytes and then combo fix. I have done this and uninstalled Combofix, yet I still have these problems. Also, any reccomendations including program removal and possible ways of speed up would be great. I want to utilize my great system to be at it's best. I have slight Framerate issues with Dragon age with my 9800 gtx +. Let me know, Thanks. DDS (Ver_09-12-01.01) - NTFSx86 Run by Beau at 9:31:27.77 on Mon 03/08/2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2047.1417 [GMT -7:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Users\Beau\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\users\beau\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL ============= SERVICES / DRIVERS =============== R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-2-27 236368] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-1-11 240232] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-2-27 19160] R3 netr73;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\netr73.sys [2009-7-29 553472] R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2006-9-26 21920] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\dragon age\bin_ship\daupdatersvc.service.exe [2010-2-27 25832] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2009-10-29 30603640] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-9-26 4639136] =============== Created Last 30 ================ 2010-03-08 16:27:53 20 ----a-w- c:\users\beau\defogger_reenable 2010-03-08 04:57:52 0 d-----w- c:\program files\FL DataStorm 2010-03-08 04:57:36 0 d-----w- c:\windows\Downloaded Installations 2010-03-08 04:55:33 0 d-----w- c:\program files\Freelancer Companion 2010-03-08 04:53:23 0 d-----w- c:\program files\Freelancer Mod Manager 2010-03-08 03:10:03 0 d-----w- c:\programdata\IObit 2010-03-08 03:06:12 0 d-----w- c:\users\beau\appdata\roaming\IObit 2010-03-08 00:44:40 0 d-----w- c:\program files\IObit 2010-03-07 22:50:37 0 d-----w- c:\programdata\BioWare 2010-03-07 06:10:31 0 d-----w- c:\windows\usgwmt 2010-03-05 04:24:26 0 d-----w- c:\users\beau\appdata\roaming\Screaming Bee 2010-03-05 04:24:25 0 d-----w- c:\programdata\Screaming Bee 2010-03-05 04:19:15 0 d-----w- c:\program files\common files\Screaming Bee 2010-03-05 04:19:14 0 d-----w- c:\program files\Screaming Bee 2010-03-05 04:09:55 0 d-----w- c:\program files\Ventrilo 2010-03-05 04:09:50 262 ----a-w- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini 2010-03-05 04:02:14 207029 ----a-w- c:\users\beau\Untitled (4).wma 2010-03-05 04:01:21 36409 ----a-w- c:\users\beau\Untitled (2).wma 2010-03-05 02:26:25 0 d-----w- c:\users\beau\appdata\roaming\PeerNetworking 2010-03-03 05:15:31 20198 ----a-w- c:\windows\W2BNEUnin.dat 2010-03-03 05:15:30 98304 ----a-w- c:\windows\W2BNEUnin.exe 2010-03-03 05:15:30 2829 ----a-w- c:\windows\W2BNEUnin.pif 2010-03-03 05:15:07 0 d-----w- c:\program files\Warcraft II BNE 2010-03-01 06:19:35 0 d-----w- c:\program files\WOT 2010-03-01 06:16:48 0 d-----r- c:\users\beau\Virtual Machines 2010-02-28 09:58:54 0 d-----w- c:\program files\Alarm Clock 2010-02-28 09:42:38 0 d-----w- c:\program files\Windows Virtual PC 2010-02-28 08:57:28 0 d-----w- c:\program files\StarCraft II Beta 2010-02-28 08:46:51 14848 ----a-w- c:\windows\system32\vpchbuspipe.dll 2010-02-28 08:46:46 793600 ----a-w- c:\windows\system32\vmsal.exe 2010-02-28 08:46:46 78336 ----a-w- c:\windows\system32\drivers\vpcusb.sys 2010-02-28 08:46:46 559616 ----a-w- c:\windows\system32\VMCPropertyHandler.dll 2010-02-28 08:46:46 55040 ----a-w- c:\windows\system32\drivers\vpcnfltr.sys 2010-02-28 08:46:46 294912 ----a-w- c:\windows\system32\drivers\vpcvmm.sys 2010-02-28 08:46:46 2169856 ----a-w- c:\windows\system32\VPCWizard.exe 2010-02-28 08:46:46 165376 ----a-w- c:\windows\system32\drivers\vpchbus.sys 2010-02-28 08:46:46 1260032 ----a-w- c:\windows\system32\VPCSettings.exe 2010-02-28 08:46:46 1002496 ----a-w- c:\windows\system32\VMWindow.exe 2010-02-28 08:46:45 3329536 ----a-w- c:\windows\system32\vpc.exe 2010-02-28 08:40:09 0 d-----w- c:\windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP 2010-02-28 08:14:13 0 d-----w- c:\program files\Mass Effect 2 2010-02-28 07:41:52 0 d-----w- c:\windows\system32\appmgmt 2010-02-28 07:06:05 0 d-----w- C:\WARCRAFT 2010-02-28 06:42:05 0 d--h--w- c:\windows\PIF 2010-02-28 06:40:51 0 d-----w- c:\program files\DOSBox-0.73 2010-02-28 06:06:14 0 d-----w- c:\program files\Diablo II 2010-02-28 05:43:40 2829 ----a-w- c:\windows\DiabUnin.pif 2010-02-28 05:43:40 118784 ----a-w- c:\windows\DiabUnin.exe 2010-02-28 05:43:38 6788 ----a-w- c:\windows\DiabUnin.dat 2010-02-28 05:43:38 0 d-----w- c:\program files\Diablo 2010-02-28 04:54:09 0 d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP 2010-02-28 04:53:44 0 d-----w- c:\programdata\Media Center Programs 2010-02-28 04:44:59 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll 2010-02-28 04:38:55 0 d-----w- c:\program files\Dragon Age 2010-02-28 04:38:55 0 d-----w- c:\program files\common files\BioWare 2010-02-28 04:38:21 0 d-----w- c:\windows\system32\directx 2010-02-28 03:59:48 967 ----a-w- c:\windows\ScUnin.pif 2010-02-28 03:59:48 94208 ----a-w- c:\windows\ScUnin.exe 2010-02-28 03:59:48 34501 ----a-w- c:\windows\scunin.dat 2010-02-28 03:59:06 0 d-----w- c:\program files\Starcraft 2010-02-28 03:02:56 0 d-----w- c:\windows\Eurobattle.net 2010-02-28 02:45:03 83024 ----a-w- c:\windows\War3Unin.dat 2010-02-28 02:45:03 2829 ----a-w- c:\windows\War3Unin.pif 2010-02-28 02:45:02 139264 ----a-w- c:\windows\War3Unin.exe 2010-02-28 01:18:21 0 d-----w- c:\program files\K-Lite Codec Pack 2010-02-28 01:17:01 0 d-----w- c:\programdata\Sun 2010-02-28 01:14:45 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-02-28 01:10:03 0 d-----w- c:\programdata\Adobe 2010-02-28 01:09:22 0 d-----w- c:\programdata\NOS 2010-02-28 01:08:23 0 d-----w- c:\windows\system32\Adobe 2010-02-27 23:30:01 0 d-----w- c:\users\beau\Tracing 2010-02-27 23:28:37 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2010-02-27 23:27:15 0 d-----w- c:\program files\Microsoft 2010-02-27 23:26:54 0 d-----w- c:\program files\Windows Live SkyDrive 2010-02-27 23:11:45 0 d-----w- c:\program files\common files\Windows Live 2010-02-27 23:03:11 0 d-----w- c:\programdata\2DBoy 2010-02-27 22:58:39 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-02-27 22:58:18 0 d-----w- c:\program files\DAEMON Tools Lite 2010-02-27 22:58:07 0 d-----w- c:\users\beau\appdata\roaming\DAEMON Tools Lite 2010-02-27 22:58:05 0 d-----w- c:\programdata\DAEMON Tools Lite 2010-02-27 22:56:33 0 d-----w- c:\programdata\Blizzard Entertainment 2010-02-27 22:51:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2010-02-27 22:42:37 0 d-----w- c:\program files\Microsoft Synchronization Services 2010-02-27 22:42:16 0 d-----w- c:\windows\PCHEALTH 2010-02-27 22:42:16 0 d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-02-27 22:41:09 0 d-----w- c:\program files\Microsoft Visual Studio 8 2010-02-27 22:39:59 0 d-----w- c:\program files\Microsoft Analysis Services 2010-02-27 22:38:49 0 d-----w- c:\programdata\Microsoft Help 2010-02-27 22:32:12 0 d-----w- c:\windows\system32\RTCOM 2010-02-27 22:31:56 0 d-----w- c:\program files\Realtek 2010-02-27 22:31:55 0 d--h--w- c:\program files\Temp 2010-02-27 22:18:21 53248 ----a-w- c:\windows\system32\CSVer.dll 2010-02-27 22:05:52 0 d-----w- c:\program files\common files\Blizzard Entertainment 2010-02-27 22:02:58 0 d-----w- c:\programdata\Blizzard 2010-02-27 18:56:09 1908 ----a-w- c:\windows\diagwrn.xml 2010-02-27 18:56:09 1908 ----a-w- c:\windows\diagerr.xml 2010-02-27 18:44:14 0 d-----w- c:\users\beau\appdata\roaming\Malwarebytes 2010-02-27 18:44:11 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-27 18:44:10 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-27 18:44:10 0 d-----w- c:\programdata\Malwarebytes 2010-02-27 18:44:10 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-02-27 18:38:11 0 d-----w- c:\programdata\NVIDIA 2010-02-27 18:37:41 0 d-----w- c:\program files\common files\Wise Installation Wizard 2010-02-27 18:37:35 0 d-----w- c:\program files\NVIDIA Corporation 2010-02-27 18:35:49 0 d-----w- c:\program files\Windows XP Mode 2010-02-27 18:35:22 0 d-sh--w- c:\windows\Installer 2010-02-27 18:28:14 0 d-----w- c:\windows\Panther 2010-02-27 18:27:18 4370432 ----a-w- c:\windows\Windows 7 Activador.2 2010-02-27 18:26:40 0 d-----w- c:\program files\uTorrent 2010-02-27 18:26:03 0 d-----w- c:\users\beau\appdata\roaming\uTorrent 2010-02-27 18:18:44 257024 ----a-w- c:\windows\system32\msv1_0.dll 2010-02-27 18:18:05 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01009.Wdf 2010-02-27 18:17:49 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-02-27 18:15:25 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-02-27 18:15:25 85504 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-02-27 18:15:25 369152 ----a-w- c:\windows\system32\secproc.dll 2010-02-27 18:15:25 365568 ----a-w- c:\windows\system32\secproc_isv.dll 2010-02-27 18:15:25 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-02-27 18:15:25 320512 ----a-w- c:\windows\system32\RMActivate.exe 2010-02-27 18:15:25 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-02-27 18:15:25 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-02-27 18:15:12 2048 ----a-w- c:\windows\system32\tzres.dll 2010-02-27 18:13:27 717892 ----a-w- c:\windows\system32\PerfStringBackup.INI 2010-02-27 18:13:08 0 d-----w- c:\windows\system32\wbem\Performance ==================== Find3M ==================== 2010-02-04 17:01:14 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll 2010-02-04 17:01:14 528216 ----a-w- c:\windows\system32\XAudio2_6.dll 2010-02-04 17:01:14 238936 ----a-w- c:\windows\system32\xactengine3_6.dll 2010-02-04 17:01:14 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll 2010-02-02 18:00:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2010-01-12 05:48:00 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-01-12 05:48:00 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-01-12 05:18:00 962664 ----a-w- c:\windows\system32\nvsvc.dll 2010-01-12 05:18:00 66664 ----a-w- c:\windows\system32\nvshext.dll 2010-01-12 05:18:00 13679720 ----a-w- c:\windows\system32\nvcpl.dll 2010-01-12 05:18:00 129640 ----a-w- c:\windows\system32\nvvsvc.exe 2010-01-12 05:18:00 110696 ----a-w- c:\windows\system32\nvmctray.dll 2010-01-08 03:18:02 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2010-01-08 03:17:36 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2009-12-19 09:02:55 977920 ----a-w- c:\windows\system32\wininet.dll 2009-12-19 09:02:52 12288 ----a-w- c:\windows\system32\tsbyuv.dll 2009-12-19 09:02:48 1328640 ----a-w- c:\windows\system32\quartz.dll 2009-12-19 09:02:46 22016 ----a-w- c:\windows\system32\msyuv.dll 2009-12-19 09:02:45 31744 ----a-w- c:\windows\system32\msvidc32.dll 2009-12-19 09:02:45 13312 ----a-w- c:\windows\system32\msrle32.dll 2009-12-19 09:02:40 84480 ----a-w- c:\windows\system32\mciavi32.dll 2009-12-19 09:02:39 50176 ----a-w- c:\windows\system32\iyuv_32.dll 2009-12-19 09:02:01 91648 ----a-w- c:\windows\system32\avifil32.dll 2009-12-13 09:30:50 641536 ----a-w- c:\windows\system32\CPFilters.dll 2009-12-13 09:30:50 465408 ----a-w- c:\windows\system32\psisdecd.dll 2009-12-13 09:29:33 417792 ----a-w- c:\windows\system32\msdri.dll 2009-12-12 14:15:30 178176 ----a-w- c:\windows\system32\unrar.dll 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 9:31:47.96 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.