Jump to content

Slagathor

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral

About Slagathor

  • Birthday 06/06/1970
  1. C:\Users\All Users\InstallMate\{67F79B84-2A75-4724-A5CF-6257BC14B972}\Custom.dll Win32/InstalleRex.M potentially unwanted application C:\Program Files (x86)\Litecoin\litecoin-qt.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application deleted - quarantined C:\Program Files (x86)\Litecoin\daemon\litecoind.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application deleted - quarantined C:\Program Files (x86)\SWATH 1.9.8\SWATH.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined C:\Program Files (x86)\SWATH 1.9.8\SwathReg.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined C:\ProgramData\InstallMate\{67F79B84-2A75-4724-A5CF-6257BC14B972}\Custom.dll Win32/InstalleRex.M potentially unwanted application deleted - quarantined C:\Users\Slagathor\Documents\OffercastInstaller_AVR_U-0002-01-P_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined D:\$RECYCLE.BIN\S-1-5-21-4025940775-695107249-3715929747-1000\$RQJ4R54.rar Win32/OpenCandy potentially unsafe application deleted - quarantined D:\bfgmine\bfgminer-3.5.7-win64\bfgminer-rpc.exe a variant of Win64/BitCoinMiner.R potentially unsafe application deleted - quarantined D:\bfgmine\bfgminer-3.5.7-win64\bfgminer.exe a variant of Win64/BitCoinMiner.AC potentially unsafe application deleted - quarantined D:\dloads\DTLite4481-0347.exe Win32/DownWare.L potentially unwanted application deleted - quarantined D:\dloads\KeyFinderInstaller.exe Win32/OpenCandy potentially unsafe application deleted - quarantined D:\dloads\litecoin-0.8.6.2-win32-setup.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application deleted - quarantined D:\dloads\SetupImgBurn_2.5.8.0.exe Win32/OpenCandy potentially unsafe application deleted - quarantined D:\dloads\SWATH_v1_9_8.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined D:\dloads\lite\bfgminer-3.5.7-win64.zip a variant of Win64/BitCoinMiner.AC potentially unsafe application deleted - quarantined D:\dloads\New folder\GPUMeterVersion24.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined D:\dloads\New folder\NetworkMeterVersion96.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined D:\DriveKey\ubcd529.iso Win32/PSWTool.KonBoot.A potentially unsafe application deleted - quarantined D:\guiminer\cgminer\cgminer-nogpu.exe a variant of Win32/BitCoinMiner.AF potentially unsafe application deleted - quarantined
  2. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 5/6/2014 Scan Time: 7:54:43 AM Logfile: Administrator: Yes Version: 2.00.2.1007 Malware Database: v2014.05.06.04 Rootkit Database: v2014.03.27.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Slagathor Scan Type: Threat Scan Result: Completed Objects Scanned: 259945 Time Elapsed: 3 min, 56 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  3. It's been running better, MB updates now, and havent gotten one of them redirects for a while now too.... Sorry about that: # AdwCleaner v3.207 - Report created 05/05/2014 at 13:04:19# Updated 05/05/2014 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : Slagathor - ZIGGY# Running from : C:\Users\Slagathor\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\weEbbsavveeFolder Deleted : C:\Program Files (x86)\WinToFlash SuggestorFolder Deleted : C:\Program Files (x86)\weEbbsavveeFolder Deleted : C:\Users\Administrator\AppData\Local\torchFolder Deleted : C:\Users\Guest\AppData\Local\torchFolder Deleted : C:\Users\Slagathor\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecfFolder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghdhejnoljchilckeeagfdjkdhikbieeFolder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghdhejnoljchilckeeagfdjkdhikbieeFolder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilknjknofbdhdghblchhoaikclbeckpFolder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilknjknofbdhdghblchhoaikclbeckpFolder Deleted : C:\Users\Slagathor\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilknjknofbdhdghblchhoaikclbeckp ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\acaoakiamfeidcmgooclgeleejkbaecfKey Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}Key Deleted : HKCU\Software\RegisteredApplicationsExKey Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7601.17514 -\\ Google Chrome v34.0.1847.131 [ File : C:\Users\Slagathor\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [Extension] : acaoakiamfeidcmgooclgeleejkbaecfDeleted [Extension] : iilknjknofbdhdghblchhoaikclbeckp ************************* AdwCleaner[R0].txt - [2493 octets] - [08/03/2014 14:29:26]AdwCleaner[R1].txt - [2553 octets] - [10/03/2014 11:03:09]AdwCleaner[R2].txt - [3433 octets] - [05/05/2014 13:00:30]AdwCleaner[s0].txt - [2641 octets] - [10/03/2014 11:03:48]AdwCleaner[s1].txt - [3872 octets] - [05/05/2014 13:04:19] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [3932 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Windows 7 Professional x64Ran by Slagathor on Mon 05/05/2014 at 12:54:38.32~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Mon 05/05/2014 at 12:58:38.13End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  4. Sorry I didnt reply till now.... AdwCleanerS1.txt JRT.txt
  5. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 4/29/2014 Scan Time: 9:52:44 PM Logfile: Administrator: Yes Version: 2.00.2.1007 Malware Database: v2014.04.30.02 Rootkit Database: v2014.03.27.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Slagathor Scan Type: Threat Scan Result: Completed Objects Scanned: 257235 Time Elapsed: 3 min, 40 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 7 PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{24ECBDF8-D05B-E028-2806-EF16C6F9EA57}, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{24ECBDF8-D05B-E028-2806-EF16C6F9EA57}, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\SNT.SNT, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\SNT.SNT.2.1, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SNT.SNT, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SNT.SNT.2.1, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{24ECBDF8-D05B-E028-2806-EF16C6F9EA57}, Quarantined, [97e3af81d7a47eb877ba7ebb5ca87789], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  6. Along with a few other problems that nothing has been able to touch so far, r.searchfun.in, no clue what it is, but mbam does block the site from loading...... I work swing shift, I can check this thread on my phone, but tomorrow I'll be on second shift till Friday.. (utorrent has been uninstalled...) Addition.txt FRST.txt
  7. I am logged as Admin, I am starting a thread from the directions in you link.. Thank you
  8. I ran the removal tool twice, I assumed to do it twice with the 2x , anyway when I installed the beta, it had the reg info already, so I am assuming I did something wrong......
  9. I get the little red triangle on the system try icon, in the dashboard the UPDATE NOW is grayed out. There is something in here, every so often it stops a redirect thing, it says r.searchfun something else. I have scanned with mbam, and spybot and have come up with nothing... Any help would be greatly appreciated.... FRST.txt Addition.txt CheckResults.txt
  10. Could use a hand clearing this up, it only seems to effect google though. If I do a search, right click to open in new window it goes to like hapili.com, but only from google, Bing works fine. But, I scanned with MB in safemode, it found the svchost in C:\windows\ it doesnt seem to be able to delete it or clean it or what ever it has to do. I did see other thread about svchost and wasnt sure if it's a one fix for all issue... _____________________________________________________________________________________________________ DDS.TXT: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24 Run by Slagathor at 12:50:39 on 2012-03-14 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8183.5913 [GMT -5:00] . SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe C:\Windows\system32\hasplms.exe C:\Program Files\OO Software\Defrag\oodag.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\DAODx.exe C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Fraps\fraps.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\OO Software\Defrag\oodtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\svchost.exe -k WindowsMobile C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Windows\SysWOW64\Ctxfihlp.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\SysWOW64\CTXFISPI.EXE C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Fraps\fraps64.dat -netsvcs C:\Windows\system32\conhost.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://battlelog.battlefield.com/bf3/#!/bf3/ uInternet Settings,ProxyServer = 210.107.100.251:8080 uURLSearchHooks: H - No File uURLSearchHooks: vshare.tv Toolbar: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsh2.dll uURLSearchHooks: H - No File mURLSearchHooks: vshare.tv Toolbar: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsh2.dll mWinlogon: Userinit=userinit.exe, BHO: Open FVD Suite Toolbar: {2b171655-a69c-5c18-b693-6cb5dc269d44} - C:\PROGRA~2\FVDTOO~1\FVDToolbar_1.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll BHO: vshare.tv Toolbar: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsh2.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: vshare.tv Toolbar: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsh2.dll TB: FVD Suite Toolbar: {2b171655-a69c-5c18-b693-6cb5dc269d41} - C:\PROGRA~2\FVDTOO~1\FVDToolbar_1.dll TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [EPSON WorkForce 1100 Series (Copy 1)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFEA.EXE /FU "C:\Users\SLAGAT~1\AppData\Local\Temp\E_SC89D.tmp" /EF "HKCU" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [CTxfiHlp] CTXFIHLP.EXE mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun StartupFolder: C:\Users\SLAGAT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ATITRA~1.LNK - C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab TCP: Interfaces\{B0D6A16B-1B46-41ED-9229-091C6DCC602E} : NameServer = 68.115.71.53 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Open FVD Suite Toolbar: {2B171655-A69C-5c18-B693-6CB5DC269D44} - C:\PROGRA~2\FVDTOO~1\FVDToolbar_1.dll BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll BHO-X64: Increase performance and video formats for your HTML5 <video> - No File BHO-X64: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll BHO-X64: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - No File BHO-X64: vshare.tv Toolbar: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsh2.dll BHO-X64: vshare.tv - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: vshare.tv Toolbar: {7aeb3efd-e564-43f1-b658-5058a7c5743b} - C:\Program Files (x86)\vshare.tv_Bar\prxtbvsh2.dll TB-X64: FVD Suite Toolbar: {2B171655-A69C-5c18-B693-6CB5DC269D41} - C:\PROGRA~2\FVDTOO~1\FVDToolbar_1.dll TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun-x64: [CTxfiHlp] CTXFIHLP.EXE mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Slagathor\AppData\Roaming\Mozilla\Firefox\Profiles\1ihlnoyy.default\ FF - prefs.js: browser.search.selectedEngine - Google Custom Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll FF - plugin: C:\Users\Slagathor\AppData\Roaming\Mozilla\Firefox\Profiles\1ihlnoyy.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll FF - plugin: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll . ============= SERVICES / DRIVERS =============== . R0 ahcix64s;ahcix64s;C:\Windows\system32\DRIVERS\ahcix64s.sys --> C:\Windows\system32\DRIVERS\ahcix64s.sys [?] R1 HWiNFO32;HWiNFO32 Kernel Driver;C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-2-20 28032] R2 aksdf;aksdf;\??\C:\Windows\system32\drivers\aksdf.sys --> C:\Windows\system32\drivers\aksdf.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-5 361984] R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424] R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-2-28 2343816] R2 hasplms;HASP License Manager;C:\Windows\system32\hasplms.exe -run --> C:\Windows\system32\hasplms.exe -run [?] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-4 652360] R2 OODefragAgent;O&O Defrag;C:\Program Files\OO Software\Defrag\oodag.exe [2011-6-6 3246920] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-3-31 80896] R2 RadeonPro Support Service;RadeonPro Support Service;C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2011-4-27 12800] R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-5-7 27808] R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?] R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?] R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?] R3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\system32\drivers\ha20x22k.sys --> C:\Windows\system32\drivers\ha20x22k.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2012-2-20 13368] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-4 136176] S3 AmdTools64;AMD Special Tools Driver;C:\Windows\system32\DRIVERS\AmdTools64.sys --> C:\Windows\system32\DRIVERS\AmdTools64.sys [?] S3 AODDriver4.0;AODDriver4.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424] S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\system32\DRIVERS\motfilt.sys --> C:\Windows\system32\DRIVERS\motfilt.sys [?] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-5-30 79360] S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?] S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?] S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?] S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-4-4 130976] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-4 136176] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?] S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\system32\Drivers\motoandroid.sys --> C:\Windows\system32\Drivers\motoandroid.sys [?] S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\system32\DRIVERS\motccgp.sys --> C:\Windows\system32\DRIVERS\motccgp.sys [?] S3 motccgpfl;MotCcgpFlService;C:\Windows\system32\DRIVERS\motccgpfl.sys --> C:\Windows\system32\DRIVERS\motccgpfl.sys [?] S3 MotDev;Motorola Inc. USB Device;C:\Windows\system32\DRIVERS\motodrv.sys --> C:\Windows\system32\DRIVERS\motodrv.sys [?] S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\system32\DRIVERS\Motousbnet.sys --> C:\Windows\system32\DRIVERS\Motousbnet.sys [?] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] . =============== Created Last 30 ================ . 2012-03-14 17:41:39 20480 ------w- C:\Windows\svchost.exe 2012-03-14 15:41:10 -------- d-----w- C:\Users\Slagathor\AppData\Local\{67B6643C-C1D4-414E-A55D-64CAB03F17B4} 2012-03-14 15:40:59 -------- d-----w- C:\Users\Slagathor\AppData\Local\{83F72C79-2E0B-450F-98BD-F11A0786CAA3} 2012-03-14 15:40:12 -------- d-----w- C:\Users\Slagathor\AppData\Local\{4C01332A-D577-4ABB-A3B0-8E2357A10027} 2012-03-14 03:30:24 -------- d-----w- C:\Users\Slagathor\AppData\Local\{CCC2CE64-22BD-43AD-AA59-9A6D65A058C7} 2012-03-13 15:29:50 -------- d-----w- C:\Users\Slagathor\AppData\Local\{A5934DA7-7580-4AA8-B0F3-CAF402038F67} 2012-03-13 15:29:28 -------- d-----w- C:\Users\Slagathor\AppData\Local\{AAF87FA9-4CA8-4BD9-96D2-05807B553CDB} 2012-03-13 03:29:01 -------- d-----w- C:\Users\Slagathor\AppData\Local\{F4C0D4FE-2C7E-4346-8D59-C74874A2F893} 2012-03-13 03:28:50 -------- d-----w- C:\Users\Slagathor\AppData\Local\{9D1C9167-E7A4-4DE0-B628-1751B1ABFA1A} 2012-03-12 15:25:10 -------- d-----w- C:\Users\Slagathor\AppData\Local\{DE87F99A-22E1-4CC4-B446-C9BDC6A1AA92} 2012-03-12 15:24:59 -------- d-----w- C:\Users\Slagathor\AppData\Local\{580EC1F1-E3EA-470C-8983-38A06DBE590E} 2012-03-12 03:24:35 -------- d-----w- C:\Users\Slagathor\AppData\Local\{DF4CD826-F322-4110-9867-C99030AD10E7} 2012-03-11 15:24:01 -------- d-----w- C:\Users\Slagathor\AppData\Local\{F4AD926C-4963-4B61-A2BE-353E1D43473F} 2012-03-11 15:23:50 -------- d-----w- C:\Users\Slagathor\AppData\Local\{A2A4609F-B354-4C5C-9466-D6CD70CF1E43} 2012-03-10 18:04:21 -------- d-----w- C:\Users\Slagathor\AppData\Local\{C7A241C0-EA34-4B86-9B36-8A54737240E5} 2012-03-10 18:04:10 -------- d-----w- C:\Users\Slagathor\AppData\Local\{EC33DC0B-6A86-4942-B9D0-03400E68F5B5} 2012-03-10 04:30:50 -------- d-----w- C:\Users\Slagathor\AppData\Local\{054C86AE-5DAF-42E5-8880-C53E44F35D59} 2012-03-09 16:30:17 -------- d-----w- C:\Users\Slagathor\AppData\Local\{74A498C2-3EB3-4D9B-B430-9E0963DFC301} 2012-03-09 16:30:06 -------- d-----w- C:\Users\Slagathor\AppData\Local\{55365F18-0174-43D7-B25A-04CBA2328CA0} 2012-03-09 14:48:48 -------- d-----w- C:\Windows\SysWow64\Wat 2012-03-09 14:48:48 -------- d-----w- C:\Windows\System32\Wat 2012-03-09 04:29:42 -------- d-----w- C:\Users\Slagathor\AppData\Local\{D240931E-D73E-4017-A32D-FAB89EB9F8BF} 2012-03-09 04:29:20 -------- d-----w- C:\Users\Slagathor\AppData\Local\{4783E691-058F-469D-9CF2-592CB98EBE9E} 2012-03-08 16:28:53 -------- d-----w- C:\Users\Slagathor\AppData\Local\{F315282F-10DC-4B2E-9E9F-0374CB2DC1FC} 2012-03-08 16:28:43 -------- d-----w- C:\Users\Slagathor\AppData\Local\{AAF6F320-7D17-433A-B6E2-18F9B172D0A7} 2012-03-07 16:41:03 -------- d-----w- C:\Users\Slagathor\AppData\Local\{6218F693-CF5A-47B6-924E-15524073D3B8} 2012-03-07 16:40:48 -------- d-----w- C:\Users\Slagathor\AppData\Local\{DD4478A5-4509-409B-A0E4-22B9AFB5FD0F} 2012-03-06 20:10:12 -------- d-----w- C:\Users\Slagathor\AppData\Local\{F24C7CCB-4DAE-4429-B5E7-93ABDFD50958} 2012-03-06 20:09:50 -------- d-----w- C:\Users\Slagathor\AppData\Local\{FE02C4F4-4C84-4DA1-800A-3D3106E075FA} 2012-03-05 22:54:07 -------- d-----w- C:\Users\Slagathor\AppData\Local\{198B8F25-3273-47DF-8879-CDFF7C069755} 2012-03-05 10:53:32 -------- d-----w- C:\Users\Slagathor\AppData\Local\{AAA271C1-315D-4F91-B90E-68A9277BC411} 2012-03-04 22:52:45 -------- d-----w- C:\Users\Slagathor\AppData\Local\{91F4D0CB-BB8D-4916-88AC-7A998D053D45} 2012-03-04 22:52:35 -------- d-----w- C:\Users\Slagathor\AppData\Local\{562D88EE-AC30-48BB-A1D3-7C253812E59B} 2012-03-03 14:42:21 -------- d-----w- C:\Users\Slagathor\AppData\Local\{E5F5A4F7-F950-47B7-A77F-DB2F6FA60D3D} 2012-03-03 14:42:10 -------- d-----w- C:\Users\Slagathor\AppData\Local\{750908BD-07E9-439A-9A77-660849FFE48B} 2012-03-02 19:27:18 -------- d-----w- C:\Users\Slagathor\AppData\Local\{BA3E4729-BE65-4CB8-BE11-D8B3DC724517} 2012-03-02 19:27:07 -------- d-----w- C:\Users\Slagathor\AppData\Local\{223EE8FB-51BB-4C9D-ABA3-5E0E307F621B} 2012-03-01 20:13:16 -------- d-----w- C:\Users\Slagathor\AppData\Local\{75B7D145-5A1D-4EC7-B79E-35E408F3B718} 2012-03-01 20:13:05 -------- d-----w- C:\Users\Slagathor\AppData\Local\{E1A7B1D4-4ABF-44F3-9460-21BF308D4EA6} 2012-02-29 16:53:17 -------- d-----w- C:\Users\Slagathor\AppData\Local\{E8F1F464-4C94-41DC-906D-BB35CD76F29B} 2012-02-29 16:52:56 -------- d-----w- C:\Users\Slagathor\AppData\Local\{B6913DE3-8A67-4576-A748-457AC5327B25} 2012-02-29 15:58:01 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi 2012-02-29 04:52:31 -------- d-----w- C:\Users\Slagathor\AppData\Local\{CAD0E93B-5C60-44E3-9FA0-25CD5399AE6D} 2012-02-29 04:52:09 -------- d-----w- C:\Users\Slagathor\AppData\Local\{A75BB5DE-D50B-40B9-9C87-89DCD20C0FA5} 2012-02-28 16:51:44 -------- d-----w- C:\Users\Slagathor\AppData\Local\{ED7DB708-B97D-49D3-B4C5-73ABDC95CF48} 2012-02-28 16:51:33 -------- d-----w- C:\Users\Slagathor\AppData\Local\{25F7C1BF-EE95-4868-AE12-6B8CD089BF38} 2012-02-28 04:29:16 -------- d-----w- C:\Users\Slagathor\AppData\Local\{F1C47DD4-6F3A-4954-86CE-610265B50BA7} 2012-02-27 19:15:52 -------- d-----w- C:\Users\Slagathor\AppData\Local\Black_Tree_Gaming 2012-02-27 16:28:41 -------- d-----w- C:\Users\Slagathor\AppData\Local\{1436A791-0501-4768-9638-CA4067873292} 2012-02-27 16:28:28 -------- d-----w- C:\Users\Slagathor\AppData\Local\{7EA9F410-3699-414A-86AD-2C0310E3BA68} 2012-02-27 02:52:52 -------- d-----w- C:\Users\Slagathor\AppData\Local\{C64168F3-2A7D-4AF3-BBE3-1B4B7E42D3CB} 2012-02-27 02:52:30 -------- d-----w- C:\Users\Slagathor\AppData\Local\{CDC1924B-FCA3-49B5-BDFB-F8DD1B8CF1B5} 2012-02-26 15:53:47 -------- d-----w- C:\Users\Slagathor\jagexcache1 2012-02-26 15:36:13 -------- d-----w- C:\Program Files (x86)\AMD APP 2012-02-26 15:36:11 -------- d-----w- C:\Program Files\Common Files\ATI Technologies 2012-02-26 15:36:11 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies 2012-02-26 15:35:28 -------- d-----w- C:\Program Files (x86)\ATI Technologies 2012-02-26 15:35:26 -------- d-----w- C:\Program Files\ATI 2012-02-26 15:35:10 -------- d-----w- C:\Program Files\ATI Technologies 2012-02-26 14:52:05 -------- d-----w- C:\Users\Slagathor\AppData\Local\{1A923E62-9910-4CEE-B2DF-1703C2C494E2} 2012-02-26 14:51:42 -------- d-----w- C:\Users\Slagathor\AppData\Local\{6DBD282F-EF69-4825-B736-9D72323E2EE4} 2012-02-25 22:54:49 -------- d-----w- C:\Users\Slagathor\AppData\Local\{22E22A47-AD76-47C3-A99B-8F7CBBA966DE} 2012-02-25 10:54:26 -------- d-----w- C:\Users\Slagathor\AppData\Local\{53965954-D75B-424C-8431-EB2BC19D10B7} 2012-02-24 22:53:52 -------- d-----w- C:\Users\Slagathor\AppData\Local\{D8CCF631-7B93-4B2E-A1F4-46906771324E} 2012-02-24 22:53:30 -------- d-----w- C:\Users\Slagathor\AppData\Local\{D09E378F-4841-4577-887A-B5094206208C} 2012-02-24 10:53:05 -------- d-----w- C:\Users\Slagathor\AppData\Local\{D29B7947-69A5-4B9E-9C07-425DD665D12B} 2012-02-24 10:52:48 -------- d-----w- C:\Users\Slagathor\AppData\Local\{CF36AD75-1911-4F6B-8AD8-468F0529BF9E} 2012-02-23 22:52:23 -------- d-----w- C:\Users\Slagathor\AppData\Local\{E0059828-9B22-4B33-AC58-7A3650D6E0AD} 2012-02-23 22:52:01 -------- d-----w- C:\Users\Slagathor\AppData\Local\{FAB93EA6-D019-4DF3-B8AE-824B66B985A1} 2012-02-23 10:51:37 -------- d-----w- C:\Users\Slagathor\AppData\Local\{F53A326E-2551-4D03-81E6-9D53AB9CCBD8} 2012-02-22 22:51:04 -------- d-----w- C:\Users\Slagathor\AppData\Local\{6A788C05-4656-4B6F-A978-0219FD8F5B6E} 2012-02-22 22:50:42 -------- d-----w- C:\Users\Slagathor\AppData\Local\{9FC29093-DFBE-4223-AD1F-E8F307DA6430} 2012-02-22 10:50:17 -------- d-----w- C:\Users\Slagathor\AppData\Local\{BC391567-4BCD-4BB2-8E08-14EA5AB495CE} 2012-02-22 10:50:06 -------- d-----w- C:\Users\Slagathor\AppData\Local\{F2E9C688-DE09-4BC2-BD78-BACC9B8FA8E2} 2012-02-21 22:49:13 -------- d-----w- C:\Users\Slagathor\AppData\Local\{FF71F3FE-1671-4C50-A2A1-26DE34842D3F} 2012-02-21 22:48:51 -------- d-----w- C:\Users\Slagathor\AppData\Local\{46037AA4-D582-45A8-89C1-CF8A5351734B} 2012-02-21 10:48:15 -------- d-----w- C:\Users\Slagathor\AppData\Local\{9A1BECD4-0F50-48F4-B03B-6CE4E19CE17D} 2012-02-21 10:48:05 -------- d-----w- C:\Users\Slagathor\AppData\Local\{67D5FD64-D7B4-48AC-8375-BA195EC7DEE0} 2012-02-21 01:14:41 -------- d-----w- C:\ProgramData\EA Logs 2012-02-20 22:47:40 -------- d-----w- C:\Users\Slagathor\AppData\Local\{BB80F2C1-C487-40C7-A988-18C4BFA367D5} 2012-02-20 22:47:18 -------- d-----w- C:\Users\Slagathor\AppData\Local\{D226BDF2-6757-47D6-81C1-A3333E183F8D} 2012-02-20 10:46:53 -------- d-----w- C:\Users\Slagathor\AppData\Local\{AD974DD4-D647-45EB-8DD2-C7CC64CAACD0} 2012-02-20 10:46:42 -------- d-----w- C:\Users\Slagathor\AppData\Local\{2FA189CB-B2B6-43CE-A9FF-5584C0B1DB3A} 2012-02-19 21:53:05 -------- d-----w- C:\Users\Slagathor\AppData\Local\{C95C1069-3882-41D3-9618-B18A1DE248C0} 2012-02-19 21:52:54 -------- d-----w- C:\Users\Slagathor\AppData\Local\{EDBC7693-CF4C-48CD-BF45-9E19DAA46D99} 2012-02-19 09:52:42 -------- d-----w- C:\Users\Slagathor\AppData\Local\{BD8707D0-3978-48E5-A68A-78C6000F52A0} 2012-02-19 09:52:20 -------- d-----w- C:\Users\Slagathor\AppData\Local\{CFC3D429-5779-4CFC-A31E-5BC8E1F94BBD} 2012-02-18 21:52:08 -------- d-----w- C:\Users\Slagathor\AppData\Local\{465F966B-4EC3-4F56-AAC1-FF151CA558AD} 2012-02-18 21:51:46 -------- d-----w- C:\Users\Slagathor\AppData\Local\{8869DBEC-3078-4E1A-9A86-17BF2517AE90} 2012-02-18 09:51:23 -------- d-----w- C:\Users\Slagathor\AppData\Local\{73460B0A-BC60-41D3-A49F-A88913192098} 2012-02-17 21:50:59 -------- d-----w- C:\Users\Slagathor\AppData\Local\{7F6E26BB-4393-48CE-8E09-A61AAA4B3C85} 2012-02-17 21:50:43 -------- d-----w- C:\Users\Slagathor\AppData\Local\{076ACE41-DB17-4A3D-8AC2-16A3D0992375} 2012-02-17 09:27:33 -------- d-----w- C:\Users\Slagathor\AppData\Local\{FB18031B-5A94-4F96-BA24-073644F88238} 2012-02-17 02:00:48 -------- d-----w- C:\Users\Slagathor\AppData\Local\Motorola 2012-02-17 01:59:49 -------- d-----w- C:\Users\Slagathor\AppData\Local\Motosftemp 2012-02-17 01:55:53 -------- d-----w- C:\Program Files (x86)\Motorola 2012-02-17 01:50:45 -------- d-----w- C:\Program Files\Motorola Inc 2012-02-17 00:03:34 -------- d-----w- C:\Users\Slagathor\.android 2012-02-17 00:01:52 -------- d-----w- C:\android 2012-02-16 22:55:03 -------- d-----w- C:\Program Files\Common Files\Motorola Shared 2012-02-16 21:26:57 -------- d-----w- C:\Users\Slagathor\AppData\Local\{6BD79A29-5234-4180-98F6-D2402E2BA2F8} 2012-02-16 21:26:39 -------- d-----w- C:\Users\Slagathor\AppData\Local\{C6F11E93-074A-405D-B42D-6A6EA0008A2A} 2012-02-16 10:05:32 -------- d-----w- C:\Users\Slagathor\AppData\Local\{AA1C27F0-52D3-4614-B103-A325237770A3} 2012-02-15 22:01:28 -------- d-----w- C:\Users\Slagathor\AppData\Local\{8E7E5D80-36FE-4F5C-BF61-7CC996877876} 2012-02-15 22:01:06 -------- d-----w- C:\Users\Slagathor\AppData\Local\{9D0B6F1E-39B5-4155-9EBE-1841083A7338} 2012-02-15 10:00:41 -------- d-----w- C:\Users\Slagathor\AppData\Local\{0A31EE2E-E7AB-4961-B659-CE02CD307A67} 2012-02-15 10:00:17 -------- d-----w- C:\Users\Slagathor\AppData\Local\{26C4A401-72D6-4302-B860-D02178004389} 2012-02-14 21:59:52 -------- d-----w- C:\Users\Slagathor\AppData\Local\{401E8653-F247-4640-A9E4-FD29BCC16BE4} 2012-02-14 21:59:31 -------- d-----w- C:\Users\Slagathor\AppData\Local\{4EFCF3A4-0D93-45BB-B9C9-3E9CCF5122CF} 2012-02-14 09:59:02 -------- d-----w- C:\Users\Slagathor\AppData\Local\{5DAEF56D-623D-40E6-AB38-C3E71EC8C9B3} 2012-02-14 09:58:51 -------- d-----w- C:\Users\Slagathor\AppData\Local\{C5412BCA-7B4E-4860-8E0D-5598D06ABFA5} 2012-02-13 21:49:57 -------- d-----w- C:\Users\Slagathor\AppData\Local\{22344A07-8332-40F1-A1A5-BEAA02F4000A} 2012-02-13 21:49:35 -------- d-----w- C:\Users\Slagathor\AppData\Local\{9EC80191-F6A4-4B00-A382-D6C95681F07F} . ==================== Find3M ==================== . 2012-02-29 06:41:15 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-02-29 06:41:15 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-02-29 06:08:33 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2012-02-21 01:27:05 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2012-01-14 04:06:27 3145728 ----a-w- C:\Windows\System32\win32k.sys 2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2011-12-16 08:47:38 1188864 ----a-w- C:\Windows\System32\wininet.dll 2011-12-16 08:46:06 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2011-12-16 07:54:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-16 07:52:58 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2011-12-16 06:44:38 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-16 06:09:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 12:51:01.17 =============== _______________________________________________________________________________________________________________ ATTACH.TXT: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2/18/2011 6:10:32 AM System Uptime: 3/14/2012 12:40:13 PM (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | Crosshair IV Formula Processor: AMD Phenom™ II X6 1090T Processor | AM3 | 4013/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 464 GiB total, 386.004 GiB free. D: is FIXED (NTFS) - 932 GiB total, 438.325 GiB free. G: is CDROM () H: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller Device ID: PCI\VEN_11AB&DEV_4381&SUBSYS_84391043&REV_11\E4CC2CFFFFC5AEBC00 Manufacturer: Marvell Name: Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller PNP Device ID: PCI\VEN_11AB&DEV_4381&SUBSYS_84391043&REV_11\E4CC2CFFFFC5AEBC00 Service: yukonw7 . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Hamachi Network Interface Device ID: ROOT\NET\0000 Manufacturer: LogMeIn, Inc. Name: Hamachi Network Interface PNP Device ID: ROOT\NET\0000 Service: hamachi . ==== System Restore Points =================== . RP135: 1/30/2012 11:26:17 AM - Scheduled Checkpoint RP136: 2/6/2012 4:28:01 PM - Scheduled Checkpoint RP137: 2/11/2012 4:36:53 PM - Installed HTC Driver Installer. RP138: 2/16/2012 4:54:54 PM - Installed Motorola Mobile Drivers Installation 5.2.0 RP139: 2/16/2012 7:55:47 PM - Installed RSDLite RP140: 2/20/2012 7:12:14 PM - Installed DirectX RP141: 2/28/2012 12:52:22 PM - Scheduled Checkpoint RP142: 3/6/2012 3:13:58 PM - Scheduled Checkpoint RP143: 3/9/2012 8:38:56 AM - Windows Update . ==== Installed Programs ====================== . µTorrent 2007 Microsoft Office Suite Service Pack 1 (SP1) 3DMark 11 3DMark Vantage AIDA64 Extreme Edition v1.70 Alien Breed 2: Assault ALLDATA Repair AMD VISION Engine Control Center AnyDVD ASUSUpdate Auto Gordian Knot 2.55 AviSynth 2.5 Battlefield 3™ Battlefield: Bad Company™ 2 Battlelog Web Plugins BOINC Call of Duty: Black Ops Call of Duty: Black Ops - Multiplayer Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CDBurnerXP ConvertXtoDVD 3.8.0.193c Creative Audio Control Panel Creative Software AutoUpdate Creative Sound Blaster Properties x64 Edition D3DX10 Dead Island DisplayFusion 3.2.0 DivX Setup DVD Decrypter (Remove Only) DVD Shrink 3.2 DVDx 2 eReg ESN Sonar Fable III Fallout 3 FNC 11 Installer Foldit Fraps (remove only) Futuremark SystemInfo FVD Suite 2.6.9 FVDToolbar Geeks3D.com FurMark 1.9.0 Google Chrome Google Earth Google Update Helper GPU Caps Viewer 1.11.1 Half-Life 2 HP USB Disk Storage Format Tool HTC Driver Installer HWiNFO32 Version 3.70 IrfanView (remove only) Java Auto Updater Java™ 6 Update 24 Killing Floor Left 4 Dead 2 LogMeIn Hamachi MadOnion.com/3DMark2001 SE MakeTorrent v2.1 Malwarebytes Anti-Malware version 1.60.1.1000 Marvell Miniport Driver Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 7.0.1 (x86 en-GB) Mp3 Audio Editor MSI Afterburner 2.2.0 Beta 14 MSI Kombustor 2.2.0 BETA MSVCRT NEC Electronics USB 3.0 Host Controller Driver NVIDIA PhysX Oblivion Oblivion - Vile Lair OCCT Perestroika 3.1.0 OpenAL Origin Paladium's Quake II Server Complete Map Pack PC Probe II Pidgin PunkBuster Services QT Lite 4.1.0 RadeonPro 1.0 (Build 1.1.0.6) Ray Adams ATI Tray Tools RSDLite Sapphire TRIXX Security Update for 2007 Microsoft Office System (KB951550) Security Update for 2007 Microsoft Office System (KB951944) Security Update for 2007 Microsoft Office System (KB978380) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office Excel 2007 (KB978382) Security Update for Microsoft Office OneNote 2007 (KB950130) Security Update for Microsoft Office Outlook 2007 (KB972363) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office Publisher 2007 (KB980470) Security Update for Microsoft Office system 2007 (KB954326) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office Word 2007 (KB982135) Source SDK Base 2006 SSC Service Utility v4.30 Team Fortress 2 Theorica Divx ;-) Codecs (remove only) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition Update for Microsoft Office InfoPath 2007 (KB976416) Update for Office 2007 (KB946691) VC80CRTRedist - 8.0.50727.4053 Veetle TV vLite VobSub v2.23 (Remove Only) vshare.tv Bar Toolbar vShare.tv plugin 1.3 War Inc. Battlezone WICreset version 2.07 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Media Player Firefox Plugin WinPcap 4.1.2 WinX Blu-ray Decrypter 3.4.0 WinX Free AVI to WMV Converter 4.0.15 Xilisoft Video Converter Ultimate 6 XviD MPEG4 Video Codec (remove only) . ==== Event Viewer Messages From Past Week ======== . 3/9/2012 8:45:44 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430). 3/14/2012 12:50:02 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 3/14/2012 12:50:02 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 3/14/2012 12:50:02 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801. 3/14/2012 11:27:59 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 3/14/2012 11:27:57 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 3/14/2012 11:27:57 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 3/14/2012 11:27:57 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 3/14/2012 11:27:57 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 3/14/2012 11:27:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 3/14/2012 11:27:49 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 3/14/2012 11:27:39 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO AsUpIO cdrom CSC DfsC discache ElbyCDIO HWiNFO32 NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf 3/14/2012 11:27:39 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/14/2012 11:27:39 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 3/14/2012 11:27:39 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 3/14/2012 11:27:39 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 3/14/2012 11:27:39 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 3/14/2012 11:27:39 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 3/14/2012 11:27:39 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/14/2012 11:27:39 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/14/2012 11:27:39 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 3/14/2012 11:27:39 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 3/14/2012 11:27:37 AM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start. 3/14/2012 11:27:08 AM, Error: sptd [4] - Driver detected an internal error in its data structures for . 3/14/2012 10:40:19 AM, Error: Service Control Manager [7034] - The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File ===========================
  11. Could use a hand clearing this up, it only seems to effect google though. If I do a search, right click to open in new window it goes to like hapili.com, but only from google, Bing works fine. But, I scanned with MB in safemode, it found the svchost in C:\windows\ it doesnt seem to be able to delete it or clean it or what ever it has to do. I did see other thread about svchost and wasnt sure if it's a one fix for all issue... Thanks for your time....
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.