Jump to content

Dxdiag no longer works.


Recommended Posts

  • Root Admin

Please run the following so that we can get a look at what might be going on.

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool.

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.


    When done, DDS will open two (2) logs:
  1. DDS.txt
  2. Attach.txt

  • Save both reports to your desktop
  • Please include the following logs in your next reply: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file in most cases.

Thanks

Link to post
Share on other sites

  • Root Admin

What is dwm.exe? By name alone that is potentially Trojan-Dropper but one can't always go on file name alone.

Let me have you run the following and let's see what else we can find here.

After downloading these tools as needed please temporarily disable your antivirus so that it does not prevent these tools from running.

STEP 01

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from here
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • Use the default install settings but say NO to the portion that asks you to add ERUNT to the Start-Up folder. You can enable this option later if you wish.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected.

    [*]Click on OK

    [*]Then click on YES to create the folder.

Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe

STEP 02

Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus

STEP 03

Please download AdwCleaner by Xplode to your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • If prompted by the User Account Control click Yes to allow it to run.
  • Under Actions click on the Delete button.
  • Click OK on all prompts.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the entire contents of that logfile to your next reply.
  • You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.

STEP 04

Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.

Link to post
Share on other sites

I searched around and isnt dwm.exe Desktop windows manager? i believethat refers to the Aero theme in Windows 7.

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Windows 7 Home Premium x64

Ran by Robert P Baron Jr on Mon 06/17/2013 at 12:02:44.10

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Robert P Baron Jr\AppData\Roaming\red kawa"

Successfully deleted: [Folder] "C:\Program Files (x86)\red kawa"

~~~ FireFox

Emptied folder: C:\Users\Robert P Baron Jr\AppData\Roaming\mozilla\firefox\profiles\ch6nws2v.default-1363480560905\minidumps [55 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 06/17/2013 at 12:05:12.66

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ADWcleaner:

# AdwCleaner v2.303 - Logfile created 06/17/2013 at 12:09:11

# Updated 08/06/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Robert P Baron Jr - ROBERTPBARONJR

# Boot Mode : Normal

# Running from : C:\Users\Robert P Baron Jr\Desktop\AdwCleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\Robert P Baron Jr\AppData\Roaming\Mozilla\Firefox\Profiles\ch6nws2v.default-1363480560905\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.110

File : C:\Users\Robert P Baron Jr\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[s1].txt - [877 octets] - [17/06/2013 12:09:11]

########## EOF - C:\AdwCleaner[s1].txt - [936 octets] ##########

RESULT:

MiniToolBox by Farbar Version: 16-06-2013

Ran by Robert P Baron Jr (administrator) on 17-06-2013 at 12:14:20

Running from "C:\Users\Robert P Baron Jr\Desktop"

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection 4 (Connected)

Realtek PCIe GBE Family Controller = Local Area Connection 3 (Media disconnected)

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

reset

set global icmpredirects=enabled

popd

# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : RobertPBaronJr

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : nyc.rr.com

Ethernet adapter Local Area Connection 4:

Connection-specific DNS Suffix . : nyc.rr.com

Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller #4

Physical Address. . . . . . . . . : 8C-89-A5-34-AA-B6

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::7991:8a86:db24:c620%17(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.0.12(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Lease Obtained. . . . . . . . . . : Monday, June 17, 2013 12:10:39 PM

Lease Expires . . . . . . . . . . : Monday, June 17, 2013 2:58:39 PM

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DHCPv6 IAID . . . . . . . . . . . : 395086245

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-44-C2-96-8C-89-A5-34-AA-B5

DNS Servers . . . . . . . . . . . : 209.18.47.61

209.18.47.62

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller #3

Physical Address. . . . . . . . . : 8C-89-A5-34-AA-B5

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{77521AAE-9C1F-491F-A191-86F20A485CC6}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.nyc.rr.com:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . : nyc.rr.com

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3467:28f0:b5be:1b10(Preferred)

Link-local IPv6 Address . . . . . : fe80::3467:28f0:b5be:1b10%13(Preferred)

Default Gateway . . . . . . . . . : ::

NetBIOS over Tcpip. . . . . . . . : Disabled

Server: dns-cac-lb-01.rr.com

Address: 209.18.47.61

Name: google.com

Addresses: 2607:f8b0:4006:801::1008

74.125.226.225

74.125.226.226

74.125.226.227

74.125.226.228

74.125.226.229

74.125.226.230

74.125.226.231

74.125.226.232

74.125.226.233

74.125.226.238

74.125.226.224

Pinging google.com [74.125.226.197] with 32 bytes of data:

Reply from 74.125.226.197: bytes=32 time=13ms TTL=54

Reply from 74.125.226.197: bytes=32 time=13ms TTL=54

Ping statistics for 74.125.226.197:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 13ms, Maximum = 13ms, Average = 13ms

Server: dns-cac-lb-01.rr.com

Address: 209.18.47.61

Name: yahoo.com

Addresses: 98.138.253.109

98.139.183.24

206.190.36.45

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=560ms TTL=47

Request timed out.

Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Approximate round trip times in milli-seconds:

Minimum = 560ms, Maximum = 560ms, Average = 560ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

17...8c 89 a5 34 aa b6 ......Realtek PCIe GBE Family Controller #4

16...8c 89 a5 34 aa b5 ......Realtek PCIe GBE Family Controller #3

1...........................Software Loopback Interface 1

15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2

13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.12 10

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

192.168.0.0 255.255.255.0 On-link 192.168.0.12 266

192.168.0.12 255.255.255.255 On-link 192.168.0.12 266

192.168.0.255 255.255.255.255 On-link 192.168.0.12 266

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 192.168.0.12 266

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 192.168.0.12 266

===========================================================================

Persistent Routes:

None

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

13 58 ::/0 On-link

1 306 ::1/128 On-link

13 58 2001::/32 On-link

13 306 2001:0:9d38:953c:3467:28f0:b5be:1b10/128

On-link

17 266 fe80::/64 On-link

13 306 fe80::/64 On-link

13 306 fe80::3467:28f0:b5be:1b10/128

On-link

17 266 fe80::7991:8a86:db24:c620/128

On-link

1 306 ff00::/8 On-link

13 306 ff00::/8 On-link

17 266 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)

Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)

x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)

x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:

==================

Error: (06/17/2013 00:12:28 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:

=============

Error: (06/17/2013 00:10:29 PM) (Source: Application Popup) (User: )

Description: Driver PCI returned invalid ID for a child device (FFFFFFFFFFFFFFFF00).

Microsoft Office Sessions:

=========================

CodeIntegrity Errors:

===================================

Date: 2013-03-08 19:55:00.493

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-08 19:54:01.283

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-08 19:53:49.853

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-08 19:51:46.219

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-08 19:51:46.188

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-08 19:51:42.785

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-08 19:51:42.754

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-08 19:47:46.107

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-08 19:47:46.075

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-08 19:44:28.932

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================

3DMark 11 (Version: 1.0.3)

Adobe AIR (Version: 3.7.0.1530)

Adobe Community Help (Version: 3.5.23)

Adobe Creative Suite 5 Web Premium (Version: 5.0)

Adobe Flash Player 11 ActiveX (Version: 11.7.700.169)

Adobe Flash Player 11 Plugin (Version: 11.7.700.202)

Adobe Media Player (Version: 1.8)

Adobe Reader XI (11.0.02) (Version: 11.0.02)

Apple Application Support (Version: 2.3.3)

Apple Mobile Device Support (Version: 6.1.0.13)

Apple Software Update (Version: 2.1.3.127)

Audacity 1.3.13 (Unicode)

avast! Free Antivirus (Version: 8.0.1489.0)

AviSynth 2.5

Battlelog Web Plugins (Version: 1.118.0)

Bonjour (Version: 3.0.0.10)

CanoScan LiDE 600F

CCleaner (Version: 4.01)

CDisplay 1.8

Cheat Engine 6.1

Cheat Engine 6.2

CLICKBIOSII (Version: 1.0.107)

ControlCenter (Version: 2.2.016)

CPUID CPU-Z 1.58

Creative Audio Control Panel (Version: 3.00)

Creative Software AutoUpdate (Version: 1.41)

Creative Sound Blaster Properties x64 Edition (Version: 1.03)

Creative System Information (Version: 1.10)

CrystalDiskInfo 4.1.3 (Version: 4.1.3)

CyberLink BD_3D Advisor 2.0 (Version: 2.0.4606)

CyberLink PowerDVD 11 (Version: 11.0.3318.57)

D3DX10 (Version: 15.4.2368.0902)

Dead Space™ 3 (Version: 1.0.0.0)

Defense Grid: The Awakening

Diablo II

Diablo III (Version: 1.0.8.16603)

Dishonored (Version: 1.0)

DisplayLink Core Software (Version: 5.6.31854.0)

Dolby Digital Live Pack (Version: 3.00)

DTS Connect Pack (Version: 1.00)

Empire: Total War

ERUNT 1.1j

ESN Sonar (Version: 0.70.4)

Far Cry 3 (Version: 1.04)

FLV Player (Version: 2.0.25)

Foxit Reader 5.1 (Version: 5.1.0.1021)

Fraps

Futuremark SystemInfo (Version: 4.12.0)

GIF Viewer 3.3 (Version: 3.3)

Google Chrome (Version: 27.0.1453.110)

Google Update Helper (Version: 1.3.21.145)

HiJackThis (Version: 1.0.0)

ImgBurn (Version: 2.5.7.0)

Intel® Management Engine Components (Version: 7.1.50.1172)

iTunes (Version: 11.0.2.26)

Java 7 Update 21 (Version: 7.0.210)

Java™ 6 Update 31 (Version: 6.0.310)

JavaFX 2.1.1 (Version: 2.1.1)

Lenovo Display Adapter (Version: 5.6.32931.0)

Live Update 5 (Version: 5.0.101)

Logitech Gaming Software (Version: 8.30.86)

Logitech Gaming Software 8.40 (Version: 8.40.83)

Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)

Max Payne 3 (Version: 1.0.0.0)

Media Go (Version: 2.4.256)

Media Go Video Playback Engine 1.116.110.02030 (Version: 1.116.110.02030)

MediaCoder FLV VP8 Edition (Version: 2011-R10)

MediaCoder x64 2011 (Version: 2011)

Medieval II Total War (Version: 1.03.000)

Microsoft .NET Framework 1.1 (Version: 1.1.4322)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)

Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Small Business 2007 (Version: 12.0.6612.1000)

Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual J# .NET Redistributable Package 1.1 (Version: 1.1.4322)

Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)

Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)

Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)

Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)

Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)

Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)

Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)

Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)

Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)

Microsoft_VC90_ATL_x86 (Version: 1.00.0000)

Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)

Microsoft_VC90_CRT_x86 (Version: 1.00.0000)

Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)

Microsoft_VC90_MFC_x86 (Version: 1.00.0000)

Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)

Movie Maker (Version: 16.4.3505.0912)

Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)

Mozilla Maintenance Service (Version: 21.0)

MSI Afterburner 2.3.0 (Version: 2.3.0)

MSVCRT (Version: 15.4.2862.0708)

MSVCRT110 (Version: 16.4.1108.0727)

MSVCRT110_amd64 (Version: 16.4.1109.0912)

NVIDIA 3D Vision Controller Driver 320.18 (Version: 320.18)

NVIDIA 3D Vision Driver 320.18 (Version: 320.18)

NVIDIA Control Panel 320.18 (Version: 320.18)

NVIDIA GeForce Experience 1.5 (Version: 1.5)

NVIDIA Graphics Driver 320.18 (Version: 320.18)

NVIDIA HD Audio Driver 1.3.24.2 (Version: 1.3.24.2)

NVIDIA Install Application (Version: 2.1002.124.810)

NVIDIA PhysX (Version: 9.12.1031)

NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)

NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2018)

NVIDIA Update 4.11.9 (Version: 4.11.9)

NVIDIA Update Components (Version: 4.11.9)

Offline Don Juan Bible 2.0

OpenAL

Orcs Must Die! 2

Organ Trail: Director's Cut

Origin (Version: 9.1.10.2716)

PDF Settings CS5 (Version: 10.0)

Photo Gallery (Version: 16.4.3505.0912)

PlayStation®Network Downloader (Version: 2.07.00849)

PlayStation®Store (Version: 4.14.6.15183)

Poker Night at the Inventory

Prison Architect

PunkBuster Services (Version: 0.993)

QuickTime (Version: 7.73.80.64)

Razer Synapse 2.0 (Version: 1.6.1)

Realtek Ethernet Controller Driver (Version: 7.53.216.2012)

Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.0)

Rockstar Games Social Club (Version: 1.1.0.1)

Rome: Total War

Skype™ 5.10 (Version: 5.10.116)

Sony Sound Forge 7.0 (Version: 7.0.214)

Sound Blaster X-Fi (Version: 1.0)

Speccy (Version: 1.13)

Steam (Version: 1.0.0.0)

System Requirements Lab

System Requirements Lab CYRI (Version: 4.4.26.0)

The Book of Shuma Gora

The Matrix Trilogy 3D Code Screen Saver v3.4

The Walking Dead

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Uplay (Version: 3.0)

USB PnP Sound Device

VideoGenie (Version: 1.0.0.12)

Videora iPod classic Converter 6 (Version: 6)

VLC media player 1.1.11 (Version: 1.1.11)

Wacom Tablet (Version: 6.3.1w3)

WebTablet FB Plugin (Version: 2.0.0.6)

WebTablet IE Plugin (Version: 1.1.0.12)

WebTablet Netscape Plugin (Version: 1.1.0.10)

Windows Live Communications Platform (Version: 16.4.3505.0912)

Windows Live Essentials (Version: 16.4.3505.0912)

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)

Windows Live Installer (Version: 16.4.3505.0912)

Windows Live Photo Common (Version: 16.4.3505.0912)

Windows Live PIMT Platform (Version: 16.4.3505.0912)

Windows Live SOXE (Version: 16.4.3505.0912)

Windows Live SOXE Definitions (Version: 16.4.3505.0912)

Windows Live UX Platform (Version: 16.4.3505.0912)

Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)

WinRAR 4.10 beta 3 (64-bit) (Version: 4.10.3)

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 13%

Total physical RAM: 16355.01 MB

Available physical RAM: 14099.83 MB

Total Pagefile: 24353.19 MB

Available Pagefile: 22013.61 MB

Total Virtual: 4095.88 MB

Available Virtual: 3966.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:476.84 GB) (Free:290.65 GB) NTFS

4 Drive y: (Media) (Fixed) (Total:1863.01 GB) (Free:1679.48 GB) NTFS

5 Drive z: (SLAVE) (Fixed) (Total:931.51 GB) (Free:711.65 GB) NTFS

========================= Users: ========================================

User accounts for \\ROBERTPBARONJR

Administrator ASPNET Guest

Robert P Baron Jr UpdatusUser

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

Link to post
Share on other sites

  • Root Admin

I've moved your post into the Malware Removal Help forum so that we can run some other tools.

I don't think you're infected but did want to run some other tools and checks out some stuff.

Please download the Trend Micro™ RootkitBuster and save it to your system.

Then temporarily disable your antivirus and double click on the Trend RootkitBuster file and run it.

Read and agree to the End User License Agreement

TrendRootkitBuster_zpsa362298c.jpg

Place a check mark on all items

  • Files or Master Boot Records (MBR)
  • Services
  • Kernel Code Patches

Then click on the Scan Now button

TrendRootkitBuster_Scan_zpsd51728a5.jpg

A log file with numbers and ending in .TXT will be saved in a new folder called: TMRBLog from the location where you ran it from.

Please post back that log once completed.

Link to post
Share on other sites

+----------------------------------------------------

| Trend Micro RootkitBuster

| Module version: 5.0.0.1129

| Computer Name: ROBERTPBARONJR

| OS version: 6.1-7601

| User Name: Robert P Baron Jr

+----------------------------------------------------

--== Dump Hidden MBR, Hidden Files and Alternate Data Streams on C:\ ==--

No hidden files found.

--== Dump Kernel Code Patching ==--

No kernel code patching detected.

--== Dump Hidden Services ==--

No hidden services found.

Just curious, is this all just a precaution in case something is infectnig my DXDIAG? why wouldnt i be able to use dxdiag?

Thanks!

Link to post
Share on other sites

  • Root Admin

Yes, just double checking to ensure that it's a Windows issue and not related to some infection.

Please follow the directions here and run the Malwarebytes Anti-Rootkit program.

www.malwarebytes.org/products/mbar

If you have any questions please let me know.

When done please post back the log.

Thanks

Link to post
Share on other sites

Sorry, didnt see the log:

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.06.0.1003

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Non-administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_31

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, Y:\ DRIVE_FIXED, Z:\ DRIVE_FIXED

CPU speed: 3.392000 GHz

Memory total: 17149468672, free: 14452596736

Downloaded database version: v2013.06.17.05

Downloaded database version: v2013.05.22.01

Initializing...

------------ Kernel report ------------

06/17/2013 13:29:10

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\system32\drivers\pciide.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\msahci.sys

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\drivers\dlkmdldr.sys

\SystemRoot\system32\drivers\disk.sys

\SystemRoot\system32\drivers\CLASSPNP.SYS

\SystemRoot\System32\Drivers\aswVmm.sys

\SystemRoot\System32\Drivers\aswRvrt.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\aswSnx.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\Drivers\aswTdi.SYS

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\Drivers\aswrdr2.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\ws2ifsl.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vwififlt.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\System32\Drivers\aswSP.SYS

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\nvlddmkm.sys

\SystemRoot\System32\Drivers\nvBridge.kmd

\SystemRoot\system32\drivers\dlkmd.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\DRIVERS\HDAudBus.sys

\SystemRoot\system32\DRIVERS\HECIx64.sys

\SystemRoot\system32\drivers\usbehci.sys

\SystemRoot\system32\drivers\USBPORT.SYS

\SystemRoot\system32\DRIVERS\Rt64win7.sys

\SystemRoot\system32\DRIVERS\nusb3xhc.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\drivers\ctaud2k.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\drivers\ctoss2k.sys

\SystemRoot\system32\drivers\ctprxy2k.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\DRIVERS\1394ohci.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\wmiacpi.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\drivers\LGBusEnum.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\nusb3hub.sys

\SystemRoot\system32\drivers\ha20x22k.sys

\SystemRoot\system32\drivers\emupia2k.sys

\SystemRoot\system32\drivers\ctsfm2k.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\System32\drivers\CTHWIUT.SYS

\SystemRoot\System32\drivers\CT20XUT.SYS

\SystemRoot\System32\drivers\CTEXFIFX.SYS

\SystemRoot\system32\drivers\nvhda64v.sys

\SystemRoot\system32\drivers\HdAudio.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_dumpata.sys

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\drivers\luafv.sys

\??\C:\Windows\system32\drivers\aswMonFlt.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\System32\Drivers\aswFsBlk.SYS

\SystemRoot\system32\drivers\CM10864.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\rzendpt.sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\rzudd.sys

\SystemRoot\system32\DRIVERS\kbdhid.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\System32\Drivers\LGPBTDD.sys

\SystemRoot\system32\DRIVERS\cdfs.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\drivers\LGVirHid.sys

\SystemRoot\system32\DRIVERS\ssudbus.sys

\SystemRoot\system32\DRIVERS\ssudmdm.sys

\SystemRoot\system32\drivers\modem.sys

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\DRIVERS\WinUsb.sys

\SystemRoot\system32\DRIVERS\WUDFRd.sys

\SystemRoot\system32\DRIVERS\asyncmac.sys

\SystemRoot\system32\DRIVERS\SCSIPORT.SYS

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\mbamswissarmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\normaliz.dll

\Windows\System32\Wldap32.dll

\Windows\System32\nsi.dll

\Windows\System32\kernel32.dll

\Windows\System32\clbcatq.dll

\Windows\System32\rpcrt4.dll

\Windows\System32\lpk.dll

\Windows\System32\shlwapi.dll

\Windows\System32\msvcrt.dll

\Windows\System32\difxapi.dll

\Windows\System32\sechost.dll

\Windows\System32\ole32.dll

\Windows\System32\gdi32.dll

\Windows\System32\user32.dll

\Windows\System32\msctf.dll

\Windows\System32\shell32.dll

\Windows\System32\imm32.dll

\Windows\System32\urlmon.dll

\Windows\System32\setupapi.dll

\Windows\System32\psapi.dll

\Windows\System32\wininet.dll

\Windows\System32\comdlg32.dll

\Windows\System32\imagehlp.dll

\Windows\System32\usp10.dll

\Windows\System32\advapi32.dll

\Windows\System32\iertutil.dll

\Windows\System32\oleaut32.dll

\Windows\System32\ws2_32.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\crypt32.dll

\Windows\System32\wintrust.dll

\Windows\System32\KernelBase.dll

\Windows\System32\devobj.dll

\Windows\System32\comctl32.dll

\Windows\System32\msasn1.dll

\Windows\SysWOW64\normaliz.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk2\DR2

Upper Device Object: 0xfffffa800d5fb060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP3T0L0-4\

Lower Device Object: 0xfffffa800d3d3680

Lower Device Driver Name: \Driver\atapi\

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xfffffa800d5fa060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP2T1L0-3\

Lower Device Object: 0xfffffa800d3d0060

Lower Device Driver Name: \Driver\atapi\

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa800d5d8790

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-2\

Lower Device Object: 0xfffffa800d3ca680

Lower Device Driver Name: \Driver\atapi\

<<<2>>>

Device number: 0, partition: 2

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa800d5d8790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800d5d82c0, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800d5d8790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800d3ce520, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xfffffa800d3ca680, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

Device number: 0, partition: 2

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\Windows\system32\drivers...

<<<2>>>

Device number: 0, partition: 2

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 86EB60FE

Partition information:

Partition 0 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 2048 Numsec = 204800

Partition file system is NTFS

Partition is bootable

Partition 1 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 206848 Numsec = 1000005632

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 512110190592 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1000195216-1000215216)...

Done!

Physical Sector Size: 512

Drive: 1, DevicePointer: 0xfffffa800d5fa060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800d5fab90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800d5fa060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800d3aa9b0, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xfffffa800d3d0060, DeviceName: \Device\Ide\IdeDeviceP2T1L0-3\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 1

Scanning MBR on drive 1...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: E44C1F89

Partition information:

Partition 0 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 2048 Numsec = 3907024896

Partition 1 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 2000398934016 bytes

Sector size: 512 bytes

Done!

Physical Sector Size: 512

Drive: 2, DevicePointer: 0xfffffa800d5fb060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800d5fbb90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800d5fb060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800d3c9580, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xfffffa800d3d3680, DeviceName: \Device\Ide\IdeDeviceP3T0L0-4\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 2

Scanning MBR on drive 2...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 384FD51E

Partition information:

Partition 0 type is Dynamic (0x42)

Partition is NOT ACTIVE.

Partition starts at LBA: 63 Numsec = 1953525105

Partition 1 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 1000204886016 bytes

Sector size: 512 bytes

Done!

Scan finished

=======================================

Removal queue found; removal started

Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...

Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_0_2048_i.mbam...

Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...

Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_1_i.mbam...

Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_1_r.mbam...

Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_2_i.mbam...

Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_2_r.mbam...

Removal finished

Link to post
Share on other sites

  • Root Admin

In the location where you ran MBAR please open the folder mbar\Plugins and inside you should see a file named fixdamage.exe

Please run that file and reboot the computer.

Next, please open the normal Malwarebytes program and go to the Protection tab and uncheck "Start protection module with Windows"

Then download the following program and save it to your computer. Do not run it yet.

TFC by OldTimer to clear temporary files

http://oldtimer.geekstogo.com/TFC.exe

Next, reboot your computer and then find the TFC.EXE program and right click over it and choose "Run as administrator"

Make sure you close all other open programs and web browsers when running the tool.

Once done it should reboot the computer.

After the reboot start Malwarebytes Anti-Malware again and re-enable the "Start protection module with Windows" option.

Then reset Internet Explorer back to the default settings using this link: How to reset Internet Explorer settings

After that then restart Internet Explorer and visit this link and try to install the latest DirectX drivers

DirectX End-User Runtime Web Installer

Then let me know if you ran into any issues and/or what errors you encountered.

Link to post
Share on other sites

Did everything as you said. I couldnt find the protection module on the malware bytes program so i didnt do that.

 

when i tried to ise the TFC file, it blue screened and i couldnt check the message in time.

 

i ran it again and it worked.

 

i reset internet explorer.

 

when i tried to use the DX drivers, it said that i have a newer or equivalent version installed so it didnt do anything

Link to post
Share on other sites

So are you having troubles with your system and playing games or watching videos, or continued crashing, etc.

?

basically, the problem is this.

 

i cannot seem to play far cry 3. it seems that FC3updater.exe doesnt run at all and its tied to a nvidia dll which is related to DX. also, medieval total war 2, while it was installing, i exited out while it was installed direct x so i think i screwed it up.

 

i havent been able to play either since the screw up and its when i noticed the images i posted.

 

:(

 

i think its a busted dx dll or something.

Link to post
Share on other sites

  • Root Admin

Okay well at this point I don't think there is any infection at this time. Your current issues would appear to be Windows related in general so unless there is something else of a malare nature I'll go ahead and close your post here. You can open a new post in the General PC Help forum and see if someone there can help you out further.

http://forums.malwarebytes.org/index.php?showforum=6

Thanks

Link to post
Share on other sites

Okay well at this point I don't think there is any infection at this time. Your current issues would appear to be Windows related in general so unless there is something else of a malare nature I'll go ahead and close your post here. You can open a new post in the General PC Help forum and see if someone there can help you out further.

http://forums.malwarebytes.org/index.php?showforum=6

Thanks

 

Thanks for your help. I will open one in the General Help Forum.

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.