Jump to content

Mystik

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Okay, I ran the Microsoft Fix It tool as requested. Here is my new DDS log: . DDS (Ver_11-03-05.01) - NTFS_AMD64 Run by Mystik at 21:44:05.20 on Thu 03/17/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.6134.4051 [GMT -7:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\system32\taskhost.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Program Files\Core Temp\Core Temp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\AIM\aim.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Steam\Steam.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Winamp\winamp.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\msiexec.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\taskeng.exe C:\Users\Mystik\Downloads\dds.scr C:\Windows\system32\conhost.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [EPSON WorkForce 610 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFJA.EXE /FU "C:\Windows\TEMP\E_S9C30.tmp" /EF "HKCU" uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [Google Update] "C:\Users\Mystik\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Mystik\AppData\Roaming\Mozilla\Firefox\Profiles\03goz7gn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Users\Mystik\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Users\Mystik\AppData\Roaming\Mozilla\Firefox\Profiles\03goz7gn.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false ============= SERVICES / DRIVERS =============== . R0 15749852;15749852 Boot Guard Driver;C:\Windows\System32\drivers\15749852.sys [2010-11-26 40464] R1 15749851;15749851;C:\Windows\System32\drivers\15749851.sys [2010-11-26 157712] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-16 505176] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-10-28 280408] R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-3-25 188928] R1 setup_9.0.0.722_27.11.2010_00-15drv;setup_9.0.0.722_27.11.2010_00-15drv;C:\Windows\System32\drivers\1574985.sys [2010-11-26 352784] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-10-28 22360] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-10-28 64344] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-3-16 42184] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-11-6 1153368] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-1-7 378984] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2011-1-18 155752] R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2010-8-30 14648] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-3-25 40832] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-4 1255736] . =============== Created Last 30 ================ . 2011-03-18 04:43:19 20702 ----a-w- C:\FixitRegBackup.reg 2011-03-17 03:34:06 505176 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2011-03-17 03:33:26 7947600 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{708CAF50-1931-44D9-A115-C591B3DDEAAA}\mpengine.dll 2011-03-17 02:27:20 -------- d-----w- C:\Program Files (x86)\ESET 2011-02-25 05:26:37 -------- d-----w- C:\Users\Mystik\AppData\Roaming\Need for Speed World 2011-02-25 03:57:01 -------- d-----w- C:\Users\Mystik\AppData\Local\Electronic_Arts_Inc 2011-02-25 03:56:40 -------- d-----w- C:\PROGRA~3\Electronic Arts 2011-02-23 10:11:43 367104 ----a-w- C:\Windows\System32\wcncsvc.dll 2011-02-23 10:11:43 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll 2011-02-23 03:14:12 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2011-02-23 03:14:11 662528 ----a-w- C:\Windows\System32\XpsPrint.dll 2011-02-23 03:14:11 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2011-02-23 03:14:11 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2011-02-21 04:45:46 -------- d-----w- C:\Program Files (x86)\JDownloader . ==================== Find3M ==================== . 2011-02-23 14:04:21 40648 ----a-w- C:\Windows\avastSS.scr 2011-02-23 13:55:05 64344 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll 2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll 2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll 2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll 2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2011-02-03 05:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll 2011-01-08 04:49:34 795752 ----a-w- C:\Windows\System32\easyUpdatusAPIU64.dll 2011-01-08 04:49:28 6143080 ----a-w- C:\Windows\System32\nvcpl.dll 2011-01-08 04:49:10 3156072 ----a-w- C:\Windows\System32\nvsvc64.dll 2011-01-08 04:48:58 117864 ----a-w- C:\Windows\System32\nvmctray.dll 2011-01-08 04:48:58 1005160 ----a-w- C:\Windows\System32\nvvsvc.exe 2011-01-07 08:06:50 46080 ----a-w- C:\Windows\System32\atmlib.dll 2011-01-07 07:27:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2011-01-07 05:49:20 366080 ----a-w- C:\Windows\System32\atmfd.dll 2011-01-07 05:33:11 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll 2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll 2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll 2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys 2010-12-23 06:07:50 1118720 ----a-w- C:\Windows\System32\sbe.dll 2010-12-23 06:07:49 961024 ----a-w- C:\Windows\System32\CPFilters.dll 2010-12-23 06:07:49 723968 ----a-w- C:\Windows\System32\EncDec.dll 2010-12-23 06:02:33 259072 ----a-w- C:\Windows\System32\mpg2splt.ax 2010-12-23 05:28:29 850432 ----a-w- C:\Windows\SysWow64\sbe.dll 2010-12-23 05:28:28 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll 2010-12-23 05:28:28 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2010-12-23 05:24:02 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax 2010-12-21 06:16:27 97280 ----a-w- C:\Windows\System32\wscsvc.dll 2010-12-21 06:16:27 62976 ----a-w- C:\Windows\System32\wscapi.dll 2010-12-21 06:16:16 214016 ----a-w- C:\Windows\System32\winsrv.dll 2010-12-21 06:16:14 442880 ----a-w- C:\Windows\System32\winhttp.dll 2010-12-21 06:16:14 1197056 ----a-w- C:\Windows\System32\wininet.dll 2010-12-21 06:16:09 258048 ----a-w- C:\Windows\System32\WebClnt.dll 2010-12-21 06:15:55 264192 ----a-w- C:\Windows\System32\upnp.dll 2010-12-21 06:15:31 15360 ----a-w- C:\Windows\System32\slwga.dll 2010-12-21 06:13:03 2003968 ----a-w- C:\Windows\System32\msxml6.dll 2010-12-21 06:13:03 1880576 ----a-w- C:\Windows\System32\msxml3.dll 2010-12-21 06:10:22 100864 ----a-w- C:\Windows\System32\davclnt.dll 2010-12-21 05:38:24 51200 ----a-w- C:\Windows\SysWow64\wscapi.dll 2010-12-21 05:38:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2010-12-21 05:38:22 350720 ----a-w- C:\Windows\SysWow64\winhttp.dll 2010-12-21 05:38:21 204800 ----a-w- C:\Windows\SysWow64\WebClnt.dll 2010-12-21 05:38:19 204288 ----a-w- C:\Windows\SysWow64\upnp.dll 2010-12-21 05:38:16 14336 ----a-w- C:\Windows\SysWow64\slwga.dll 2010-12-21 05:36:17 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll 2010-12-21 05:36:16 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2010-12-21 05:34:12 80384 ----a-w- C:\Windows\SysWow64\davclnt.dll 2010-12-21 01:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2010-12-18 06:12:28 3138048 ----a-w- C:\Windows\System32\mstscax.dll 2010-12-18 06:11:41 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2010-12-18 06:11:34 714752 ----a-w- C:\Windows\System32\kerberos.dll 2010-12-18 06:08:15 1097216 ----a-w- C:\Windows\System32\mstsc.exe 2010-12-18 05:30:20 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll 2010-12-18 05:29:40 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2010-12-18 05:29:31 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll 2010-12-18 05:26:55 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe 2010-12-18 04:55:03 482816 ----a-w- C:\Windows\System32\html.iec . ============= FINISH: 21:45:44.38 =============== And here is my "Attached" log: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 10/1/2010 11:02:13 AM System Uptime: 3/17/2011 7:28:42 PM (2 hours ago) . Motherboard: ASUSTeK Computer INC. | | P6T Processor: Intel® Core i7 CPU 950 @ 3.07GHz | LGA1366 | 3068/133mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 931 GiB total, 815.703 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP176: 2/28/2011 8:19:35 PM - Windows Update RP177: 3/2/2011 7:32:44 AM - Windows Update RP178: 3/3/2011 7:49:41 PM - Windows Update RP179: 3/5/2011 1:32:25 AM - Windows Update RP180: 3/6/2011 5:46:35 PM - Windows Update RP181: 3/7/2011 7:27:00 PM - Windows Update RP182: 3/9/2011 12:36:09 AM - Windows Update RP183: 3/9/2011 7:34:03 AM - Windows Update RP184: 3/10/2011 7:40:46 AM - Windows Update RP185: 3/11/2011 5:53:16 PM - Windows Update RP186: 3/12/2011 9:54:54 PM - Windows Update RP187: 3/14/2011 7:37:21 AM - Windows Update RP188: 3/15/2011 7:44:28 PM - Windows Update RP189: 3/16/2011 8:33:11 PM - Windows Update RP190: 3/17/2011 9:43:07 PM - Installed Microsoft Fix it 50535 . ==== Installed Programs ====================== .
  2. My Eset Online Scanner log: ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6425 # api_version=3.0.2 # EOSSerial=4b93c59466e96849bcd6dab516440526 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2011-03-17 03:30:11 # local_time=2011-03-16 08:30:11 (-0800, Pacific Daylight Time) # country="United States" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=768 16777215 100 0 11127600 11127600 0 0 # compatibility_mode=5893 16776574 66 85 51857577 51872494 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=204961 # found=0 # cleaned=0 # scan_time=3567
  3. Here is my new DDS log: . DDS (Ver_11-03-05.01) - NTFS_AMD64 Run by Mystik at 19:42:46.45 on Mon 03/14/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.6134.4035 [GMT -7:00] . AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Program Files\Core Temp\Core Temp.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\AIM\aim.exe C:\Program Files (x86)\Winamp\winamp.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\Mystik\Downloads\dds.scr C:\Windows\system32\conhost.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [EPSON WorkForce 610 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFJA.EXE /FU "C:\Windows\TEMP\E_S9C30.tmp" /EF "HKCU" uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [Google Update] "C:\Users\Mystik\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Mystik\AppData\Roaming\Mozilla\Firefox\Profiles\03goz7gn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Users\Mystik\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Users\Mystik\AppData\Roaming\Mozilla\Firefox\Profiles\03goz7gn.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false ============= SERVICES / DRIVERS =============== . R0 15749852;15749852 Boot Guard Driver;C:\Windows\System32\drivers\15749852.sys [2010-11-26 40464] R1 15749851;15749851;C:\Windows\System32\drivers\15749851.sys [2010-11-26 157712] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-10-28 273488] R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-3-25 188928] R1 setup_9.0.0.722_27.11.2010_00-15drv;setup_9.0.0.722_27.11.2010_00-15drv;C:\Windows\System32\drivers\1574985.sys [2010-11-26 352784] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-10-28 20560] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-10-28 62032] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-2-8 40384] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-11-6 1153368] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-1-7 378984] R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-3-25 40832] R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2011-1-18 155752] R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2010-8-30 14648] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-4 1255736] . =============== Created Last 30 ================ . 2011-03-14 14:37:34 7947600 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{3464F83E-CE9D-47F5-B43C-37E95B1D979F}\mpengine.dll 2011-02-25 05:26:37 -------- d-----w- C:\Users\Mystik\AppData\Roaming\Need for Speed World 2011-02-25 03:57:01 -------- d-----w- C:\Users\Mystik\AppData\Local\Electronic_Arts_Inc 2011-02-25 03:56:40 -------- d-----w- C:\PROGRA~3\Electronic Arts 2011-02-23 10:11:43 367104 ----a-w- C:\Windows\System32\wcncsvc.dll 2011-02-23 10:11:43 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll 2011-02-23 03:14:12 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2011-02-23 03:14:11 662528 ----a-w- C:\Windows\System32\XpsPrint.dll 2011-02-23 03:14:11 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2011-02-23 03:14:11 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2011-02-21 04:45:46 -------- d-----w- C:\Program Files (x86)\JDownloader . ==================== Find3M ==================== . 2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll 2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll 2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll 2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll 2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2011-02-03 05:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll 2011-01-13 08:47:35 38848 ----a-w- C:\Windows\avastSS.scr 2011-01-13 08:37:23 62032 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2011-01-08 04:49:34 795752 ----a-w- C:\Windows\System32\easyUpdatusAPIU64.dll 2011-01-08 04:49:28 6143080 ----a-w- C:\Windows\System32\nvcpl.dll 2011-01-08 04:49:10 3156072 ----a-w- C:\Windows\System32\nvsvc64.dll 2011-01-08 04:48:58 117864 ----a-w- C:\Windows\System32\nvmctray.dll 2011-01-08 04:48:58 1005160 ----a-w- C:\Windows\System32\nvvsvc.exe 2011-01-07 08:06:50 46080 ----a-w- C:\Windows\System32\atmlib.dll 2011-01-07 07:27:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2011-01-07 05:49:20 366080 ----a-w- C:\Windows\System32\atmfd.dll 2011-01-07 05:33:11 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll 2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll 2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll 2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys 2010-12-23 06:07:50 1118720 ----a-w- C:\Windows\System32\sbe.dll 2010-12-23 06:07:49 961024 ----a-w- C:\Windows\System32\CPFilters.dll 2010-12-23 06:07:49 723968 ----a-w- C:\Windows\System32\EncDec.dll 2010-12-23 06:02:33 259072 ----a-w- C:\Windows\System32\mpg2splt.ax 2010-12-23 05:28:29 850432 ----a-w- C:\Windows\SysWow64\sbe.dll 2010-12-23 05:28:28 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll 2010-12-23 05:28:28 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2010-12-23 05:24:02 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax 2010-12-21 06:16:27 97280 ----a-w- C:\Windows\System32\wscsvc.dll 2010-12-21 06:16:27 62976 ----a-w- C:\Windows\System32\wscapi.dll 2010-12-21 06:16:16 214016 ----a-w- C:\Windows\System32\winsrv.dll 2010-12-21 06:16:14 442880 ----a-w- C:\Windows\System32\winhttp.dll 2010-12-21 06:16:14 1197056 ----a-w- C:\Windows\System32\wininet.dll 2010-12-21 06:16:09 258048 ----a-w- C:\Windows\System32\WebClnt.dll 2010-12-21 06:15:55 264192 ----a-w- C:\Windows\System32\upnp.dll 2010-12-21 06:15:31 15360 ----a-w- C:\Windows\System32\slwga.dll 2010-12-21 06:13:03 2003968 ----a-w- C:\Windows\System32\msxml6.dll 2010-12-21 06:13:03 1880576 ----a-w- C:\Windows\System32\msxml3.dll 2010-12-21 06:10:22 100864 ----a-w- C:\Windows\System32\davclnt.dll 2010-12-21 05:38:24 51200 ----a-w- C:\Windows\SysWow64\wscapi.dll 2010-12-21 05:38:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2010-12-21 05:38:22 350720 ----a-w- C:\Windows\SysWow64\winhttp.dll 2010-12-21 05:38:21 204800 ----a-w- C:\Windows\SysWow64\WebClnt.dll 2010-12-21 05:38:19 204288 ----a-w- C:\Windows\SysWow64\upnp.dll 2010-12-21 05:38:16 14336 ----a-w- C:\Windows\SysWow64\slwga.dll 2010-12-21 05:36:17 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll 2010-12-21 05:36:16 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2010-12-21 05:34:12 80384 ----a-w- C:\Windows\SysWow64\davclnt.dll 2010-12-21 01:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2010-12-18 06:12:28 3138048 ----a-w- C:\Windows\System32\mstscax.dll 2010-12-18 06:11:41 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2010-12-18 06:11:34 714752 ----a-w- C:\Windows\System32\kerberos.dll 2010-12-18 06:08:15 1097216 ----a-w- C:\Windows\System32\mstsc.exe 2010-12-18 05:30:20 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll 2010-12-18 05:29:40 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2010-12-18 05:29:31 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll 2010-12-18 05:26:55 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe 2010-12-18 04:55:03 482816 ----a-w- C:\Windows\System32\html.iec 2010-12-18 04:20:55 386048 ----a-w- C:\Windows\SysWow64\html.iec 2010-12-18 04:13:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2010-12-18 03:47:59 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 19:43:22.35 =============== And here is the "Attached" log: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 10/1/2010 11:02:13 AM System Uptime: 3/14/2011 7:04:59 PM (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | P6T Processor: Intel® Core i7 CPU 950 @ 3.07GHz | LGA1366 | 3068/133mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 931 GiB total, 815.536 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP173: 2/26/2011 11:40:14 AM - Windows Update RP174: 2/27/2011 12:47:08 PM - Windows Update RP175: 2/27/2011 7:50:51 PM - Windows Update RP176: 2/28/2011 8:19:35 PM - Windows Update RP177: 3/2/2011 7:32:44 AM - Windows Update RP178: 3/3/2011 7:49:41 PM - Windows Update RP179: 3/5/2011 1:32:25 AM - Windows Update RP180: 3/6/2011 5:46:35 PM - Windows Update RP181: 3/7/2011 7:27:00 PM - Windows Update RP182: 3/9/2011 12:36:09 AM - Windows Update RP183: 3/9/2011 7:34:03 AM - Windows Update RP184: 3/10/2011 7:40:46 AM - Windows Update RP185: 3/11/2011 5:53:16 PM - Windows Update RP186: 3/12/2011 9:54:54 PM - Windows Update RP187: 3/14/2011 7:37:21 AM - Windows Update . ==== Installed Programs ====================== .
  4. Here is my Malwarebytes log, it showed no infections: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6059 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 3/14/2011 7:38:54 PM mbam-log-2011-03-14 (19-38-54).txt Scan type: Quick scan Objects scanned: 160854 Time elapsed: 2 minute(s), 1 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ----END------
  5. Here's my "Attached" log: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 10/1/2010 11:02:13 AM System Uptime: 3/13/2011 7:42:33 PM (4 hours ago) . Motherboard: ASUSTeK Computer INC. | | P6T Processor: Intel® Core i7 CPU 950 @ 3.07GHz | LGA1366 | 3068/133mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 931 GiB total, 815.58 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP172: 2/25/2011 7:32:40 AM - Windows Update RP173: 2/26/2011 11:40:14 AM - Windows Update RP174: 2/27/2011 12:47:08 PM - Windows Update RP175: 2/27/2011 7:50:51 PM - Windows Update RP176: 2/28/2011 8:19:35 PM - Windows Update RP177: 3/2/2011 7:32:44 AM - Windows Update RP178: 3/3/2011 7:49:41 PM - Windows Update RP179: 3/5/2011 1:32:25 AM - Windows Update RP180: 3/6/2011 5:46:35 PM - Windows Update RP181: 3/7/2011 7:27:00 PM - Windows Update RP182: 3/9/2011 12:36:09 AM - Windows Update RP183: 3/9/2011 7:34:03 AM - Windows Update RP184: 3/10/2011 7:40:46 AM - Windows Update RP185: 3/11/2011 5:53:16 PM - Windows Update RP186: 3/12/2011 9:54:54 PM - Windows Update . ==== Installed Programs ====================== .
  6. Okay. I ran the program and this is my DDS log file: . DDS (Ver_11-03-05.01) - NTFS_AMD64 Run by Mystik at 23:10:42.57 on Sun 03/13/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.6134.3755 [GMT -7:00] . AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Core Temp\Core Temp.exe C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\AIM\aim.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Winamp\winamp.exe C:\Windows\splwow64.exe C:\Users\Mystik\Downloads\HijackThis(2).exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Mystik\Downloads\dds.scr C:\Windows\system32\conhost.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [EPSON WorkForce 610 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFJA.EXE /FU "C:\Windows\TEMP\E_S9C30.tmp" /EF "HKCU" uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [Google Update] "C:\Users\Mystik\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRunOnce: [Malwarebytes' Anti-Malware (registration)] regsvr32.exe /s "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll" mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent mRunOnce: [innoSetupRegFile.0000000001] "C:\Windows\is-075SK.exe" /REG /REGSVRMODE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Mystik\AppData\Roaming\Mozilla\Firefox\Profiles\03goz7gn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Users\Mystik\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Users\Mystik\AppData\Roaming\Mozilla\Firefox\Profiles\03goz7gn.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false ============= SERVICES / DRIVERS =============== . R0 15749852;15749852 Boot Guard Driver;C:\Windows\System32\drivers\15749852.sys [2010-11-26 40464] R1 15749851;15749851;C:\Windows\System32\drivers\15749851.sys [2010-11-26 157712] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-10-28 273488] R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-3-25 188928] R1 setup_9.0.0.722_27.11.2010_00-15drv;setup_9.0.0.722_27.11.2010_00-15drv;C:\Windows\System32\drivers\1574985.sys [2010-11-26 352784] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-10-28 20560] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-10-28 62032] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-2-8 40384] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-11-6 1153368] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-1-7 378984] R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-3-25 40832] R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2011-1-18 155752] R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2010-8-30 14648] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-4 1255736] . =============== Created Last 30 ================ . 2011-03-14 06:01:01 709456 ----a-w- C:\Windows\is-075SK.exe 2011-03-13 04:55:15 7947600 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{6D466240-25EC-4170-B0EA-007F455BED25}\mpengine.dll 2011-02-25 05:26:37 -------- d-----w- C:\Users\Mystik\AppData\Roaming\Need for Speed World 2011-02-25 03:57:01 -------- d-----w- C:\Users\Mystik\AppData\Local\Electronic_Arts_Inc 2011-02-25 03:56:40 -------- d-----w- C:\PROGRA~3\Electronic Arts 2011-02-23 10:11:43 367104 ----a-w- C:\Windows\System32\wcncsvc.dll 2011-02-23 10:11:43 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll 2011-02-23 03:14:12 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2011-02-23 03:14:11 662528 ----a-w- C:\Windows\System32\XpsPrint.dll 2011-02-23 03:14:11 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2011-02-23 03:14:11 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2011-02-21 04:45:46 -------- d-----w- C:\Program Files (x86)\JDownloader . ==================== Find3M ==================== . 2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll 2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll 2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll 2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll 2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2011-02-03 05:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll 2011-01-13 08:47:35 38848 ----a-w- C:\Windows\avastSS.scr 2011-01-13 08:37:23 62032 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2011-01-08 04:49:34 795752 ----a-w- C:\Windows\System32\easyUpdatusAPIU64.dll 2011-01-08 04:49:28 6143080 ----a-w- C:\Windows\System32\nvcpl.dll 2011-01-08 04:49:10 3156072 ----a-w- C:\Windows\System32\nvsvc64.dll 2011-01-08 04:48:58 117864 ----a-w- C:\Windows\System32\nvmctray.dll 2011-01-08 04:48:58 1005160 ----a-w- C:\Windows\System32\nvvsvc.exe 2011-01-07 08:06:50 46080 ----a-w- C:\Windows\System32\atmlib.dll 2011-01-07 07:27:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2011-01-07 05:49:20 366080 ----a-w- C:\Windows\System32\atmfd.dll 2011-01-07 05:33:11 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll 2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll 2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll 2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys 2010-12-23 06:07:50 1118720 ----a-w- C:\Windows\System32\sbe.dll 2010-12-23 06:07:49 961024 ----a-w- C:\Windows\System32\CPFilters.dll 2010-12-23 06:07:49 723968 ----a-w- C:\Windows\System32\EncDec.dll 2010-12-23 06:02:33 259072 ----a-w- C:\Windows\System32\mpg2splt.ax 2010-12-23 05:28:29 850432 ----a-w- C:\Windows\SysWow64\sbe.dll 2010-12-23 05:28:28 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll 2010-12-23 05:28:28 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2010-12-23 05:24:02 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax 2010-12-21 06:16:27 97280 ----a-w- C:\Windows\System32\wscsvc.dll 2010-12-21 06:16:27 62976 ----a-w- C:\Windows\System32\wscapi.dll 2010-12-21 06:16:16 214016 ----a-w- C:\Windows\System32\winsrv.dll 2010-12-21 06:16:14 442880 ----a-w- C:\Windows\System32\winhttp.dll 2010-12-21 06:16:14 1197056 ----a-w- C:\Windows\System32\wininet.dll 2010-12-21 06:16:09 258048 ----a-w- C:\Windows\System32\WebClnt.dll 2010-12-21 06:15:55 264192 ----a-w- C:\Windows\System32\upnp.dll 2010-12-21 06:15:31 15360 ----a-w- C:\Windows\System32\slwga.dll 2010-12-21 06:13:03 2003968 ----a-w- C:\Windows\System32\msxml6.dll 2010-12-21 06:13:03 1880576 ----a-w- C:\Windows\System32\msxml3.dll 2010-12-21 06:10:22 100864 ----a-w- C:\Windows\System32\davclnt.dll 2010-12-21 05:38:24 51200 ----a-w- C:\Windows\SysWow64\wscapi.dll 2010-12-21 05:38:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2010-12-21 05:38:22 350720 ----a-w- C:\Windows\SysWow64\winhttp.dll 2010-12-21 05:38:21 204800 ----a-w- C:\Windows\SysWow64\WebClnt.dll 2010-12-21 05:38:19 204288 ----a-w- C:\Windows\SysWow64\upnp.dll 2010-12-21 05:38:16 14336 ----a-w- C:\Windows\SysWow64\slwga.dll 2010-12-21 05:36:17 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll 2010-12-21 05:36:16 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2010-12-21 05:34:12 80384 ----a-w- C:\Windows\SysWow64\davclnt.dll 2010-12-21 01:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2010-12-18 06:12:28 3138048 ----a-w- C:\Windows\System32\mstscax.dll 2010-12-18 06:11:41 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2010-12-18 06:11:34 714752 ----a-w- C:\Windows\System32\kerberos.dll 2010-12-18 06:08:15 1097216 ----a-w- C:\Windows\System32\mstsc.exe 2010-12-18 05:30:20 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll 2010-12-18 05:29:40 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2010-12-18 05:29:31 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll 2010-12-18 05:26:55 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe 2010-12-18 04:55:03 482816 ----a-w- C:\Windows\System32\html.iec 2010-12-18 04:20:55 386048 ----a-w- C:\Windows\SysWow64\html.iec 2010-12-18 04:13:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2010-12-18 03:47:59 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 23:11:18.72 ===============
  7. Hello, all. I'm having with my computer freezing occasionally. Please forgive me if I happen to break some forum rules, but I didn't see any rules posted up to view. I've consulted with my computer science friend and he said to run a HiJackThis scan and have you kind folks here look at it. He suggests that there's a software problem that's taking over the CPU and won't allow the CPU to continue until the task is completed. This has been happening since February 2011, a month ago, but I haven't installed any new drivers or major software updates then. Can you folks help me figure it out? Here's my HiJackthis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:01:18 PM, on 3/13/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\AIM\aim.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Winamp\winamp.exe C:\Users\Mystik\Downloads\HijackThis(2).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [EPSON WorkForce 610 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFJA.EXE /FU "C:\Windows\TEMP\E_S9C30.tmp" /EF "HKCU" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Google Update] "C:\Users\Mystik\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Logitech SetPoint.lnk = ? O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8089 bytes I see a bunch of system root errors, not sure what they mean. Thank you! hijackthis.log
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.