Jump to content

suspected graphics card driver infection


Recommended Posts

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 9.0.8112.16502  BrowserJavaVersion: 10.25.2

Run by Admin at 19:56:20 on 2013-09-12

Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.44.1033.18.2813.1636 [GMT 1:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}

FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Program Files\Common Files\COMODO\launcher_service.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\Windows\system32\SLsvc.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Comodo\Dragon\dragon_updater.exe

C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe

C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\System32\ico.exe

C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe

C:\Windows\SYSTEM32\CTXFISPI.EXE

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Windows\System32\Pmxmiced.exe

C:\Program Files\Comodo\COMODO Internet Security\cistray.exe

C:\Windows\System32\Ctxfihlp.exe

C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\SmartTechnology\Software\ProfilerU.exe

C:\Program Files\SmartTechnology\Software\SaiMfd.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Comodo\GeekBuddy\unit_manager.exe

C:\Program Files\Comodo\GeekBuddy\unit.exe

C:\Program Files\Comodo\COMODO Internet Security\cis.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.


uWindow Title = Internet Explorer provided by Dell


BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

uRun: [steam] "c:\program files\steam\Steam.exe" -silent

uRun: [saitekInstall] "c:\windows\temp\madcatz\range_rat7_sd7_32_drivers\00000000\setup.exe" -S3 -R -WEB

uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" resetprofile

uRun: [DellSystemDetect] c:\users\admin\appdata\roaming\microsoft\windows\start menu\programs\dell\Dell System Detect.appref-ms

mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide

mRun: [bluetooth HCI Monitor] RunDll32 HCIMNTR.DLL,RunCheckHCIMode

mRun: [PMX Daemon] ICO.EXE

mRun: [NVRaidService] c:\program files\nvidia corporation\raid\nvraidservice.exe

mRun: [VolPanel] "c:\program files\creative\sound blaster x-fi\volume panel\VolPanlu.exe" /r

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [COMODO Internet Security] c:\program files\comodo\comodo internet security\cistray.exe

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 6.0\apdproxy.exe"

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

mRun: [ProfilerU] c:\program files\smarttechnology\software\ProfilerU.exe

mRun: [saiMfd] c:\program files\smarttechnology\software\SaiMfd.exe

mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [Nvtmru] "c:\program files\nvidia corporation\nvidia update core\nvtmru.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [gbrspcontrol] "c:\program files\common files\comodo\GeekBuddyRSP.exe" -controlservice -slave

dRun: [CtxfiReg] CTXFIREG.exe /FAIL2

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\startg~1.lnk - c:\program files\comodo\geekbuddy\launcher.exe

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvLsp.dll

Trusted Zone: dell.com





TCP: NameServer = 192.168.1.254

TCP: Interfaces\{EA4DB235-F01B-4391-B711-CB4FD1938C24} : DHCPNameServer = 192.168.1.254

Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll

AppInit_DLLs= c:\progra~1\google\google~2\GOEC62~1.DLL

LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.66\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-17 49376]

R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-17 177864]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-2-1 770344]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-2-1 369584]

R1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2013-5-7 35064]

R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2012-12-14 20072]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2012-12-14 583448]

R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-12-14 43216]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-2-1 29816]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-2-1 66336]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-2-1 46808]

R2 CLPSLauncher;COMODO LPS Launcher;c:\program files\common files\comodo\launcher_service.exe [2013-7-24 70352]

R2 DragonUpdater;COMODO Dragon Update Service;c:\program files\comodo\dragon\dragon_updater.exe [2013-8-1 2095808]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

R2 GeekBuddyRSP;GeekBuddyRSP Service;c:\program files\common files\comodo\GeekBuddyRSP.exe [2013-5-30 1851088]

R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2009-6-3 171032]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-3 1324056]

R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-3 72728]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 cmdvirth;COMODO Virtual Service Manager;c:\program files\comodo\comodo internet security\cmdvirth.exe [2012-12-14 127192]

S3 Creative ALchemy AL1 Licensing Service;Creative ALchemy AL1 Licensing Service;c:\program files\common files\creative labs shared\service\AL1Licensing.exe [2008-9-10 79360]

S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2009-6-3 171032]

S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-3 1324056]

S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-3 72728]

S3 pmxmouse;PMXMOUSE;c:\windows\system32\drivers\pmxmouse.sys [2008-9-10 18432]

S3 pmxusblf;PMXUSBLF;c:\windows\system32\drivers\pmxusblf.sys [2008-9-10 19008]

S3 SaiK1708;SaiK1708;c:\windows\system32\drivers\SaiK1708.sys [2012-9-20 145216]

S3 SaiU1708;SaiU1708;c:\windows\system32\drivers\SaiU1708.sys [2012-9-20 41280]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

.

=============== Created Last 30 ================

.

2013-09-12 15:29:14 -------- d-----w- c:\users\admin\appdata\local\Deployment

2013-09-12 15:29:14 -------- d-----w- c:\users\admin\appdata\local\Apps

2013-09-11 20:22:11 758784 ----a-w- c:\windows\system32\cohelper.dll

2013-09-11 10:51:49 7166848 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{59f6369c-a4d6-4e03-8a0f-76afa1b81270}\mpengine.dll

2013-09-01 21:41:07 -------- d-----w- c:\users\admin\appdata\local\Dell

2013-08-31 17:10:40 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL

2013-08-19 19:03:11 10084 ----a-w- c:\windows\system32\drivers\nvphy.bin

2013-08-18 10:49:18 6324360 ----a-w- c:\windows\system32\nvopencl.dll

2013-08-18 10:49:18 13411896 ----a-w- c:\windows\system32\nvwgf2um.dll

2013-08-18 10:49:17 9069344 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2013-08-18 10:49:17 21102368 ----a-w- c:\windows\system32\nvoglv32.dll

2013-08-18 10:49:16 7687592 ----a-w- c:\windows\system32\nvcuda.dll

2013-08-18 10:49:16 2777888 ----a-w- c:\windows\system32\nvcuvid.dll

2013-08-18 10:49:16 2002720 ----a-w- c:\windows\system32\nvcuvenc.dll

2013-08-18 10:49:16 17560352 ----a-w- c:\windows\system32\nvcompiler.dll

2013-08-15 17:21:58 -------- d-----w- C:\NvidiaLogging

2013-08-15 17:20:49 -------- d-----w- c:\users\admin\appdata\local\NVIDIA

2013-08-14 15:00:59 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll

2013-08-14 15:00:59 387584 ----a-w- c:\program files\internet explorer\jsdbgui.dll

2013-08-14 15:00:59 104448 ----a-w- c:\program files\internet explorer\jsdebuggeride.dll

2013-08-14 15:00:57 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-08-14 14:58:34 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-08-14 14:58:34 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys

2013-08-14 14:58:34 15872 ----a-w- c:\windows\system32\icaapi.dll

2013-08-14 14:58:25 2048 ----a-w- c:\windows\system32\tzres.dll

2013-08-14 14:58:21 783360 ----a-w- c:\windows\system32\rpcrt4.dll

2013-08-14 14:58:20 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-08-14 14:58:19 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-08-14 14:58:19 1205168 ----a-w- c:\windows\system32\ntdll.dll

2013-08-14 14:58:13 992768 ----a-w- c:\windows\system32\crypt32.dll

2013-08-14 14:58:13 98304 ----a-w- c:\windows\system32\cryptnet.dll

2013-08-14 14:58:13 172544 ----a-w- c:\windows\system32\wintrust.dll

2013-08-14 14:58:13 133120 ----a-w- c:\windows\system32\cryptsvc.dll

.

==================== Find3M  ====================

.

2013-09-11 11:21:37 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-09-11 11:21:37 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-08-30 07:48:13 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-08-30 07:48:12 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-08-30 07:48:12 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-08-30 07:48:11 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-08-30 07:47:40 41664 ----a-w- c:\windows\avastSS.scr

2013-08-07 03:22:04 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-07-25 02:32:35 1800704 ----a-w- c:\windows\system32\jscript9.dll

2013-07-25 02:26:10 1129472 ----a-w- c:\windows\system32\wininet.dll

2013-07-25 02:23:59 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2013-07-25 02:23:58 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-07-25 02:22:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2013-07-16 21:20:37 47368 ----a-w- c:\windows\system32\certsentry.dll

2013-07-15 18:08:15 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-07-15 18:08:13 867240 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-07-15 18:08:13 789416 ----a-w- c:\windows\system32\deployJava1.dll

2013-07-08 20:59:45 583448 ----a-w- c:\windows\system32\drivers\cmdguard.sys

2013-06-21 12:02:43 893728 ----a-w- c:\windows\system32\nvdispgenco3232049.dll

2013-06-21 12:02:43 53024 ----a-w- c:\windows\system32\OpenCL.dll

2013-06-21 12:02:43 2597856 ----a-w- c:\windows\system32\nvapi.dll

2013-06-21 12:02:43 12427240 ----a-w- c:\windows\system32\nvd3dum.dll

2013-06-21 12:02:43 1024288 ----a-w- c:\windows\system32\nvdispco3232049.dll

2013-06-21 09:52:51 4192544 ----a-w- c:\windows\system32\nvcpl.dll

2013-06-21 09:52:51 3045664 ----a-w- c:\windows\system32\nvsvc.dll

2013-06-21 09:52:48 640288 ----a-w- c:\windows\system32\nvvsvc.exe

2013-06-21 09:52:48 62752 ----a-w- c:\windows\system32\nvshext.dll

2013-06-21 09:52:47 223008 ----a-w- c:\windows\system32\nvmctray.dll

2013-06-18 15:15:57 43216 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2013-06-18 15:15:55 20072 ----a-w- c:\windows\system32\drivers\cmderd.sys

2013-06-18 15:15:48 35488 ----a-w- c:\windows\system32\cmdcsr.dll

2013-06-18 15:15:47 348584 ----a-w- c:\windows\system32\guard32.dll

2013-06-18 15:15:35 278232 ----a-w- c:\windows\system32\cmdvrt32.dll

2013-06-18 15:15:34 40664 ----a-w- c:\windows\system32\cmdkbd32.dll

.

============= FINISH: 19:56:57.45 ===============

 

attach.txt

Link to post
Share on other sites

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted (if necessary):
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.



Laet me see those logs...

Kevin...

Link to post
Share on other sites

Firstly thank you so much for helping me :D

 

I want to keep chrome and personal data on it ie bookmarks (if possible) and want you to check this before I continue as I cannot find an option to uncheck these...

AdwCleaner:

# AdwCleaner v3.003 - Report created 12/09/2013 at 20:52:12
# Updated 07/09/2013 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)
# Username : Admin - ADMIN-PC
# Running from : C:\Users\Admin\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found C:\Users\Admin\AppData\LocalLow\boost_interprocess
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16502
 
 
-\\ Google Chrome v29.0.1547.66
 
[ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [871 octets] - [12/09/2013 20:52:12]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [930 octets] ##########
Link to post
Share on other sites

Struggling to find the attach option on the forum >< but here is the .txt
 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2013
Ran by Admin (administrator) on ADMIN-PC on 12-09-2013 21:14:18
Running from C:\Users\Admin\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) ===================
 
(Comodo Security Solutions Inc.) C:\Program Files\Common Files\COMODO\launcher_service.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
() C:\Program Files\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Primax Electronics Ltd.) C:\Windows\System32\ico.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
(Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
(Creative Technology Ltd) C:\Windows\System32\Ctxfihlp.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Creative Technology Ltd) C:\Windows\SYSTEM32\CTXFISPI.EXE
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit.exe
(Primax Electronics Ltd.) C:\Windows\System32\Pmxmiced.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [bluetooth HCI Monitor] - RunDll32 HCIMNTR.DLL,RunCheckHCIMode
HKLM\...\Run: [PMX Daemon] - C:\Windows\system32\ICO.EXE [49152 2006-11-08] (Primax Electronics Ltd.)
HKLM\...\Run: [NVRaidService] - C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [163944 2010-04-09] (NVIDIA Corporation)
HKLM\...\Run: [VolPanel] - C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM\...\Run: [updReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [29744 2008-09-10] (Google)
HKLM\...\Run: [dscactivate] - C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2008-03-11] ( )
HKLM\...\Run: [Adobe Reader Speed Launcher] - c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1464536 2013-07-08] (COMODO)
HKLM\...\Run: [CTxfiHlp] - C:\Windows\system32\CTXFIHLP.EXE [25600 2009-06-03] (Creative Technology Ltd)
HKLM\...\Run: [Adobe Photo Downloader] - C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Run: [ProfilerU] - C:\Program Files\SmartTechnology\Software\ProfilerU.exe [327680 2012-10-15] (Saitek)
HKLM\...\Run: [saiMfd] - C:\Program Files\SmartTechnology\Software\SaiMfd.exe [122880 2012-10-15] (Saitek)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-30] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [gbrspcontrol] - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [1851088 2013-05-30] (Comodo Security Solutions, Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [X]
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-09-10] (Google Inc.)
HKCU\...\Run: [DellSupportCenter] - "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
HKCU\...\Run: [steam] - C:\Program Files\Steam\Steam.exe [1811368 2013-09-06] (Valve Corporation)
HKCU\...\Run: [saitekInstall] - C:\Windows\temp\MadCatz\Range_RAT7_SD7_32_Drivers\00000000\setup.exe [1116160 2012-09-20] (Saitek) <===== ATTENTION
HKCU\...\Run: [NVIDIA nTune] - "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
HKCU\...\Run: [DellSystemDetect] - C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [370 2013-09-12] ()
HKU\Work\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2008-09-10] (Google Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=5080911
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=5080911
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 36 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Winsock: Catalog9 37 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [258664] (NVIDIA)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - c:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 6 U38) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.380.5) - C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Monster Energy Theme 2) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgpabepffcnnfokhecgophgabpmdecml\1_0
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
 
========================== Services (Whitelisted) =================
 
R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70352 2013-07-24] (Comodo Security Solutions Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4801304 2013-07-08] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [127192 2013-06-18] (COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2095808 2013-08-01] ()
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] ()
R2 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [1851088 2013-05-30] (Comodo Security Solutions, Inc.)
S3 GoogleDesktopManager-010708-104812; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [29744 2008-09-10] (Google)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] ()
R2 nTuneService; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [155648 2008-01-15] (NVIDIA)
R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [202544 2008-03-11] (SupportSoft, Inc.)
R2 UpdateCenterService; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [114688 2008-08-01] (NVIDIA)
 
==================== Drivers (Whitelisted) ====================
 
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [35064 2013-05-07] (Windows ® Win 7 DDK provider)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2013-06-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [583448 2013-07-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43216 2013-06-18] (COMODO)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [85464 2013-06-18] (COMODO)
R3 NVR0Dev; C:\Windows\nvoclock.sys [36640 2008-08-18] (NVidia Corp.)
R2 NVR0FLASHDev; C:\Windows\nvflash.sys [36640 2008-08-01] (NVidia Corp.)
S3 SaiK1708; C:\Windows\System32\DRIVERS\SaiK1708.sys [145216 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [22760 2012-10-15] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [46184 2012-10-15] (Saitek)
S3 SaiU1708; C:\Windows\System32\DRIVERS\SaiU1708.sys [41280 2012-09-20] (Saitek)
S3 CT20XUT.DLL; system32\CT20XUT.DLL [x]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [x]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-09-12 21:11 - 2013-09-12 21:14 - 00008255 _____ C:\Users\Admin\Downloads\Addition.txt
2013-09-12 21:10 - 2013-09-12 21:10 - 00000000 ____D C:\FRST
2013-09-12 21:09 - 2013-09-12 21:09 - 01082625 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe
2013-09-12 20:52 - 2013-09-12 20:52 - 00000000 ____D C:\AdwCleaner
2013-09-12 20:51 - 2013-09-12 20:51 - 01037278 _____ C:\Users\Admin\Desktop\AdwCleaner.exe
2013-09-12 20:50 - 2013-09-12 20:51 - 01037278 _____ C:\Users\Admin\Downloads\AdwCleaner.exe
2013-09-12 19:59 - 2013-09-12 19:59 - 00008704 _____ C:\Users\Admin\Desktop\attach.txt
2013-09-12 19:59 - 2013-09-12 19:56 - 00019686 _____ C:\Users\Admin\Desktop\dds.txt
2013-09-12 19:54 - 2013-09-12 19:54 - 00688992 ____R (Swearware) C:\Users\Admin\Desktop\dds.com
2013-09-12 19:54 - 2013-09-12 19:54 - 00688992 _____ (Swearware) C:\Users\Admin\Downloads\dds.com
2013-09-12 19:45 - 2013-09-12 19:45 - 00254888 _____ C:\Windows\Minidump\Mini091213-01.dmp
2013-09-12 16:32 - 2013-09-12 16:34 - 71506984 _____ C:\Users\Admin\Downloads\R187264.EXE
2013-09-12 16:29 - 2013-09-12 16:30 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2013-09-12 16:29 - 2013-09-12 16:30 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2013-09-12 16:29 - 2013-09-12 16:29 - 00010699 _____ C:\Users\Admin\Downloads\dellsystemdetect.bootstrapper.application
2013-09-12 16:29 - 2013-09-12 16:29 - 00000000 ____D C:\Users\Admin\AppData\Local\Apps\2.0
2013-09-11 23:57 - 2013-09-11 23:57 - 00219560 _____ C:\Windows\Minidump\Mini091113-06.dmp
2013-09-11 22:41 - 2013-09-11 22:44 - 135162712 _____ (NVIDIA Corporation) C:\Users\Admin\Downloads\320.49-desktop-win8-win7-winvista-32bit-english-whql.exe
2013-09-11 22:09 - 2013-09-11 22:09 - 00281960 _____ C:\Windows\Minidump\Mini091113-05.dmp
2013-09-11 21:53 - 2013-09-11 21:53 - 00222936 _____ C:\Windows\Minidump\Mini091113-04.dmp
2013-09-11 21:22 - 2010-03-04 18:04 - 00758784 _____ (NVIDIA Corporation) C:\Windows\system32\cohelper.dll
2013-09-11 21:14 - 2013-09-11 21:15 - 63843688 _____ (NVIDIA Corporation                                          ) C:\Users\Admin\Downloads\15.57-nforce-winvista-win7-32bit-international-whql.exe
2013-09-11 21:08 - 2013-09-11 21:08 - 22321072 _____ (NVIDIA Corporation) C:\Users\Admin\Downloads\GeForce_Experience_v1.6.1.0.exe
2013-09-11 20:37 - 2013-09-11 20:37 - 00227368 _____ C:\Windows\Minidump\Mini091113-03.dmp
2013-09-11 12:46 - 2013-09-11 12:46 - 00225296 _____ C:\Windows\Minidump\Mini091113-02.dmp
2013-09-11 12:41 - 2013-09-11 12:41 - 00226584 _____ C:\Windows\Minidump\Mini091113-01.dmp
2013-09-01 22:41 - 2013-09-01 22:41 - 00000000 ____D C:\Users\Admin\AppData\Local\Dell
2013-09-01 22:35 - 2013-09-01 22:35 - 00244312 _____ C:\Windows\Minidump\Mini090113-01.dmp
2013-08-31 18:10 - 2013-08-02 05:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-19 20:03 - 2010-02-22 07:45 - 00010084 _____ C:\Windows\system32\Drivers\nvphy.bin
2013-08-18 11:49 - 2013-06-21 13:02 - 21102368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-08-18 11:49 - 2013-06-21 13:02 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-18 11:49 - 2013-06-21 13:02 - 13411896 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2013-08-18 11:49 - 2013-06-21 13:02 - 09069344 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-18 11:49 - 2013-06-21 13:02 - 07687592 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-18 11:49 - 2013-06-21 13:02 - 06324360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-18 11:49 - 2013-06-21 13:02 - 02777888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-18 11:49 - 2013-06-21 13:02 - 02002720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-18 11:35 - 2013-08-18 11:35 - 00903080 _____ (Oracle Corporation) C:\Users\Admin\Downloads\chromeinstall-7u25.exe
2013-08-16 15:49 - 2013-08-16 15:49 - 00000908 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-16 15:26 - 2013-08-16 15:26 - 00222928 _____ C:\Windows\Minidump\Mini081613-02.dmp
2013-08-16 15:08 - 2013-08-16 15:08 - 00232648 _____ C:\Windows\Minidump\Mini081613-01.dmp
2013-08-15 18:21 - 2013-08-15 18:21 - 00000000 ____D C:\NvidiaLogging
2013-08-15 18:20 - 2013-08-15 18:20 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA
2013-08-14 16:01 - 2013-07-25 03:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 16:01 - 2013-07-25 03:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 16:01 - 2013-07-25 03:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 16:01 - 2013-07-25 03:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 16:01 - 2013-07-25 03:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 16:01 - 2013-07-25 03:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 16:01 - 2013-07-25 03:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 16:01 - 2013-07-25 03:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 16:01 - 2013-07-25 03:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 16:01 - 2013-07-25 03:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 16:01 - 2013-07-25 03:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 16:00 - 2013-07-25 03:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 16:00 - 2013-07-25 03:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 16:00 - 2013-07-25 03:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 16:00 - 2013-07-25 03:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 16:00 - 2013-07-25 03:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 15:58 - 2013-07-17 20:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 15:58 - 2013-07-10 10:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 15:58 - 2013-07-09 13:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 15:58 - 2013-07-08 05:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 15:58 - 2013-07-08 05:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 15:58 - 2013-07-08 05:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 15:58 - 2013-07-08 05:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 15:58 - 2013-07-08 05:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 15:58 - 2013-07-08 05:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 15:58 - 2013-07-05 05:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 15:58 - 2013-06-15 14:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 15:58 - 2013-06-15 12:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
 
==================== One Month Modified Files and Folders =======
 
2013-09-12 21:14 - 2013-09-12 21:11 - 00008255 _____ C:\Users\Admin\Downloads\Addition.txt
2013-09-12 21:10 - 2013-09-12 21:10 - 00000000 ____D C:\FRST
2013-09-12 21:10 - 2008-09-10 19:35 - 01489369 _____ C:\Windows\WindowsUpdate.log
2013-09-12 21:09 - 2013-09-12 21:09 - 01082625 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe
2013-09-12 20:54 - 2013-01-27 08:39 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-12 20:52 - 2013-09-12 20:52 - 00000000 ____D C:\AdwCleaner
2013-09-12 20:51 - 2013-09-12 20:51 - 01037278 _____ C:\Users\Admin\Desktop\AdwCleaner.exe
2013-09-12 20:51 - 2013-09-12 20:50 - 01037278 _____ C:\Users\Admin\Downloads\AdwCleaner.exe
2013-09-12 20:21 - 2013-01-27 10:58 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-12 20:13 - 2006-11-02 11:33 - 00755906 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-12 20:10 - 2013-01-27 10:42 - 00000000 ____D C:\Program Files\Steam
2013-09-12 20:09 - 2013-01-27 08:39 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-12 20:06 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-12 20:06 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-12 20:06 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-12 20:02 - 2008-09-10 19:37 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-09-12 20:02 - 2006-11-02 14:01 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-12 19:59 - 2013-09-12 19:59 - 00008704 _____ C:\Users\Admin\Desktop\attach.txt
2013-09-12 19:56 - 2013-09-12 19:59 - 00019686 _____ C:\Users\Admin\Desktop\dds.txt
2013-09-12 19:54 - 2013-09-12 19:54 - 00688992 ____R (Swearware) C:\Users\Admin\Desktop\dds.com
2013-09-12 19:54 - 2013-09-12 19:54 - 00688992 _____ (Swearware) C:\Users\Admin\Downloads\dds.com
2013-09-12 19:45 - 2013-09-12 19:45 - 00254888 _____ C:\Windows\Minidump\Mini091213-01.dmp
2013-09-12 19:45 - 2013-01-29 11:54 - 304821145 _____ C:\Windows\MEMORY.DMP
2013-09-12 19:45 - 2013-01-29 11:54 - 00000000 ____D C:\Windows\Minidump
2013-09-12 16:39 - 2008-09-11 03:19 - 00000000 ____D C:\DELL
2013-09-12 16:34 - 2013-09-12 16:32 - 71506984 _____ C:\Users\Admin\Downloads\R187264.EXE
2013-09-12 16:34 - 2013-01-27 08:44 - 00001973 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-12 16:30 - 2013-09-12 16:29 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2013-09-12 16:30 - 2013-09-12 16:29 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2013-09-12 16:29 - 2013-09-12 16:29 - 00010699 _____ C:\Users\Admin\Downloads\dellsystemdetect.bootstrapper.application
2013-09-12 16:29 - 2013-09-12 16:29 - 00000000 ____D C:\Users\Admin\AppData\Local\Apps\2.0
2013-09-11 23:57 - 2013-09-11 23:57 - 00219560 _____ C:\Windows\Minidump\Mini091113-06.dmp
2013-09-11 22:49 - 2013-01-27 07:18 - 00000000 ____D C:\Users\Admin
2013-09-11 22:48 - 2008-09-10 19:16 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-11 22:44 - 2013-09-11 22:41 - 135162712 _____ (NVIDIA Corporation) C:\Users\Admin\Downloads\320.49-desktop-win8-win7-winvista-32bit-english-whql.exe
2013-09-11 22:09 - 2013-09-11 22:09 - 00281960 _____ C:\Windows\Minidump\Mini091113-05.dmp
2013-09-11 21:53 - 2013-09-11 21:53 - 00222936 _____ C:\Windows\Minidump\Mini091113-04.dmp
2013-09-11 21:34 - 2008-01-21 03:47 - 00065756 _____ C:\Windows\PFRO.log
2013-09-11 21:30 - 2008-09-10 18:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-11 21:29 - 2008-09-10 18:46 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-11 21:17 - 2013-02-04 17:58 - 00000000 ____D C:\NVIDIA
2013-09-11 21:15 - 2013-09-11 21:14 - 63843688 _____ (NVIDIA Corporation                                          ) C:\Users\Admin\Downloads\15.57-nforce-winvista-win7-32bit-international-whql.exe
2013-09-11 21:08 - 2013-09-11 21:08 - 22321072 _____ (NVIDIA Corporation) C:\Users\Admin\Downloads\GeForce_Experience_v1.6.1.0.exe
2013-09-11 20:37 - 2013-09-11 20:37 - 00227368 _____ C:\Windows\Minidump\Mini091113-03.dmp
2013-09-11 12:46 - 2013-09-11 12:46 - 00225296 _____ C:\Windows\Minidump\Mini091113-02.dmp
2013-09-11 12:42 - 2013-01-27 10:42 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-09-11 12:41 - 2013-09-11 12:41 - 00226584 _____ C:\Windows\Minidump\Mini091113-01.dmp
2013-09-11 12:21 - 2013-01-27 10:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-11 12:21 - 2013-01-27 10:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-11 11:28 - 2006-11-02 11:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-09-01 22:41 - 2013-09-01 22:41 - 00000000 ____D C:\Users\Admin\AppData\Local\Dell
2013-09-01 22:35 - 2013-09-01 22:35 - 00244312 _____ C:\Windows\Minidump\Mini090113-01.dmp
2013-08-30 08:48 - 2013-03-17 12:16 - 00177864 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 08:48 - 2013-03-17 12:16 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 08:48 - 2013-02-01 14:58 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 08:48 - 2013-02-01 14:58 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 08:48 - 2013-02-01 14:58 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 08:48 - 2013-02-01 14:58 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 08:48 - 2013-02-01 14:58 - 00049760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-08-30 08:48 - 2013-02-01 14:58 - 00029816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 08:47 - 2013-02-01 14:57 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-30 08:47 - 2013-01-27 08:42 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-18 11:50 - 2013-03-03 00:09 - 00001356 _____ C:\Users\Admin\AppData\Local\d3d9caps.dat
2013-08-18 11:35 - 2013-08-18 11:35 - 00903080 _____ (Oracle Corporation) C:\Users\Admin\Downloads\chromeinstall-7u25.exe
2013-08-16 16:40 - 2008-09-10 18:47 - 00007632 _____ C:\Windows\DPINST.LOG
2013-08-16 15:49 - 2013-08-16 15:49 - 00000908 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-16 15:49 - 2013-01-27 09:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-16 15:26 - 2013-08-16 15:26 - 00222928 _____ C:\Windows\Minidump\Mini081613-02.dmp
2013-08-16 15:08 - 2013-08-16 15:08 - 00232648 _____ C:\Windows\Minidump\Mini081613-01.dmp
2013-08-16 12:56 - 2008-09-10 19:10 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-08-15 18:21 - 2013-08-15 18:21 - 00000000 ____D C:\NvidiaLogging
2013-08-15 18:20 - 2013-08-15 18:20 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA
2013-08-15 13:33 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-14 16:31 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-08-14 16:08 - 2013-07-11 08:42 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 16:06 - 2006-11-02 11:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-14 16:05 - 2008-09-10 18:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-14 15:45 - 2013-07-14 12:15 - 00000000 ____D C:\Users\Work\Desktop\Admin
2013-08-14 15:42 - 2013-01-27 09:03 - 00000000 ____D C:\Program Files\Comodo
 
Files to move or delete:
====================
C:\Windows\temp\MadCatz\Range_RAT7_SD7_32_Drivers\00000000\setup.exe
C:\Users\Admin\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Admin\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
C:\Users\Admin\AppData\Local\Temp\symlcsv1.exe
C:\Users\Work\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-09-12 20:15
 
==================== End Of Log ============================
Link to post
Share on other sites

As you might know from the scans I have 2 graphics cards ... and when viewing something simple like a vid on youtube the graphics driver crashes, sometimes it manages to fix itself after the screen blacks out a few times, other times the computer reboots sometimes after giving a blue screen. It could be a hardware issue I guess but I suspect not as when trying to access the graphics card control panel windows stopped me (forgotten what it said but basically) it said that it couldn't open it and had to force close it to prevent malicious software... after fiddling around with re installing graphics drivers I can now access that control panel but the crashing problem with the driver failing persists with simple tasks...

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-09-2013
Ran by Admin at 2013-09-12 21:14:57
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 3.7.0.2090)
Adobe Common File Installer (Version: 1.00.002)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Flash Player ActiveX (Version: 9.0.124.0)
Adobe Photoshop Elements 6.0 (Version: 6.0)
Adobe Premiere Elements 4.0 (Version: 4.0)
Adobe Premiere Elements 4.0 Templates (Version: 4.0.0)
Adobe Reader 9 (Version: 9.0.0)
Amaya (Version: 11.4.7)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 8.0.1497.0)
Bonjour (Version: 3.0.0.10)
Browser Address Error Redirector (Version: 1.00.0000)
Comodo Dragon (Version: 28.1.0.0)
COMODO Internet Security (Version: 6.0.64131.2674)
Creative ALchemy (X-Fi Edition)
Creative MediaSource 5 (Version: 5.00)
D3DX10 (Version: 15.4.2368.0902)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 2.1.08060)
Dell System Detect (HKCU Version: 5.1.0.41)
Dell System Detect Bootstrapper (HKCU Version: 5.1.0.41)
DivX Setup (Version: 2.6.1.24)
EDocs
GeekBuddy (Version: 4.8.66)
Google Chrome (Version: 29.0.1547.66)
Google Desktop (Version: -)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4413.1752)
Google Update Helper (Version: 1.3.21.153)
GoToAssist 8.0.0.514
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java 6 Update 39 (Version: 6.0.390)
Java 6 Update 5 (Version: 1.6.0.50)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mouse Suite for Desktop Computers (Version: 2.50.025)
MSVCRT (Version: 15.4.2862.0708)
NVIDIA 3D Vision Controller Driver 320.49 (Version: 320.49)
NVIDIA Control Panel 320.49 (Version: 320.49)
NVIDIA Drivers (Version: 1.10.57.35)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7325.0)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Graphics Driver 320.49 (Version: 320.49)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA MediaShield (Version: 11.1.0.43)
NVIDIA Performance (Version: 1.00.0000)
NVIDIA PhysX (Version: 9.13.0604)
NVIDIA PhysX System Software 9.13.0604 (Version: 9.13.0604)
NVIDIA System Monitor (Version: 1.00.0000)
NVIDIA System Update (Version: 1.00.0000)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
OpenAL
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
SeaMonkey 2.19 (x86 en-US) (Version: 2.19)
Segoe UI (Version: 15.4.2271.0615)
Smart Technology Programming Software 7.0.23.0 (Version: 7.0.23.0)
Sound Blaster X-Fi (Version: 1.0)
Steam (Version: 1.0.0.0)
Tiscali Internet (Version: 1.0.0.38)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
War Inc. Battlezone
WIDCOMM Bluetooth Software 6.0.1.4300 (Version: 6.0.1.4300)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
 
==================== Restore Points  =========================
 
15-07-2013 10:50:47 Scheduled Checkpoint
15-07-2013 18:02:55 Installed Java 7 Update 25
15-07-2013 18:07:08 Removed Java 7 Update 25
15-07-2013 18:07:49 Installed Java 7 Update 25
15-07-2013 21:17:46 Installed Microsoft Software Update for Web Folders  (English) 12
15-07-2013 21:44:53 Windows Update
16-07-2013 09:49:48 Scheduled Checkpoint
17-07-2013 10:06:53 Scheduled Checkpoint
18-07-2013 11:12:31 Scheduled Checkpoint
19-07-2013 07:59:48 Windows Update
21-07-2013 16:57:25 Scheduled Checkpoint
22-07-2013 10:29:43 Scheduled Checkpoint
23-07-2013 16:45:32 Windows Update
24-07-2013 18:08:33 Scheduled Checkpoint
25-07-2013 17:47:54 Scheduled Checkpoint
25-07-2013 20:19:19 Windows Update
27-07-2013 16:16:44 Scheduled Checkpoint
30-07-2013 09:14:20 Windows Update
14-08-2013 14:44:30 Windows Update
14-08-2013 14:59:47 Windows Update
15-08-2013 20:14:04 Scheduled Checkpoint
16-08-2013 16:30:55 Scheduled Checkpoint
18-08-2013 10:49:42 Device Driver Package Install: NVIDIA Display adapters
18-08-2013 10:52:58 Device Driver Package Install: NVIDIA Universal Serial Bus controllers
19-08-2013 19:02:17 Windows Update
31-08-2013 17:10:38 Windows Update
31-08-2013 17:24:37 Windows Update
11-09-2013 10:51:14 Windows Update
11-09-2013 20:18:08 Device Driver Package Install: NVIDIA System devices
11-09-2013 20:20:48 Device Driver Package Install: NVIDIA Network adapters
11-09-2013 20:22:48 Device Driver Package Install: NVIDIA Corporation Storage controllers
11-09-2013 20:27:07 Installed NVIDIA Storage Management Software
11-09-2013 20:29:34 Installed NVIDIA ForceWare Network Access Manager
11-09-2013 21:46:13 Device Driver Package Install: NVIDIA Display adapters
11-09-2013 21:49:19 Device Driver Package Install: NVIDIA Universal Serial Bus controllers
 
==================== Hosts content: ==========================
 
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0784BEF1-6DAC-49BE-9A2D-013BA3FCC3D5} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {1A45D0E1-5F45-46A3-8AF4-1F4E3584CAC7} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1ECCBA59-8BCF-4B95-8DC3-EA04635C54B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-27] (Google Inc.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {6B8A21EE-32F0-4BC9-B72E-B57E6ECA55F6} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2013-07-08] (COMODO)
Task: {700043C2-0C23-4964-A16A-F7505211684C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-27] (Google Inc.)
Task: {7F4CD9DB-196B-4F94-BDD6-C4D4BC46A06C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated)
Task: {8F1DF5EA-07AC-461D-8C5E-2DCBAB67CD57} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-07-08] (COMODO)
Task: {99DDDECC-55AA-4C7A-8C4C-C06140389686} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {9DFCE4FF-DBF3-4925-AC43-F0806FF65CA9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\pla.dll [2008-01-21] (Microsoft Corporation)
Task: {A95D235D-6536-4A57-8759-E6CBBB0A276E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {CB302413-56C3-4660-84CA-E0561AD940B2} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {E15DEE5C-4D7D-4DA5-8406-CCB487C16F35} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-12-14 21:45 - 2013-06-18 16:15 - 00348584 _____ (COMODO) C:\Windows\system32\guard32.dll
2008-09-11 03:24 - 2013-06-21 13:02 - 12427240 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2007-02-13 11:43 - 2007-02-13 11:43 - 00208896 _____ (Broadcom Corporation.) C:\Windows\system32\btmmhook.dll
2007-02-13 10:40 - 2007-02-13 10:40 - 00184320 _____ (Broadcom Corporation.) C:\Windows\system32\btncopy.dll
2008-09-10 18:46 - 2007-06-23 11:57 - 00131072 _____ (Primax Electronics Ltd.) C:\Windows\System32\pmxscrll.dll
2008-09-10 18:46 - 2006-06-15 18:40 - 00049152 _____ (Primax Electronics Ltd.) C:\Windows\System32\PMXCOMM.dll
2008-09-10 18:46 - 2006-06-15 18:40 - 00065536 _____ (Primax Electronics Ltd.) C:\Windows\System32\PMXHOOKS.dll
2013-02-04 18:08 - 2013-06-21 10:52 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2008-09-10 18:51 - 2004-11-16 17:06 - 00065536 _____ (Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\CTAudSeu.dll
2008-09-10 18:51 - 2007-01-24 17:18 - 00323584 _____ (Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\CTAudEp.dll
2008-09-10 18:51 - 2006-09-29 17:35 - 00065536 _____ (Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.crl
2008-09-10 18:51 - 2007-02-08 10:33 - 00151552 _____ (Creative Technology Ltd) C:\Program Files\Creative\ShareDLL\CADI\CTCadiEP.dll
2008-09-10 18:38 - 2008-02-04 03:27 - 00102400 _____ (Creative Technology Ltd) C:\Windows\system32\cttele32.dll
2008-09-10 18:52 - 2009-02-06 19:52 - 00073728 _____ () C:\Windows\SYSTEM32\CmdRtr.DLL
2008-09-10 18:52 - 2009-03-26 15:46 - 00148480 _____ () C:\Windows\SYSTEM32\APOMngr.DLL
2008-09-10 18:51 - 2007-03-07 14:07 - 00176128 _____ (Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\CTThemeU.dll
2008-09-10 18:51 - 2005-11-23 10:28 - 00040960 _____ (Creative Technology Ltd.) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\CtrlSrcU.dll
2008-09-10 18:51 - 2005-01-06 17:26 - 00053248 _____ (Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\CTIniFu.dll
2008-09-10 18:51 - 2006-03-31 17:26 - 00335872 _____ (Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\GDICtrl.sku
2008-09-10 18:51 - 2007-03-07 14:56 - 00151552 _____ (Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\GDICtrl2.sku
2008-09-10 18:51 - 2006-05-04 17:11 - 00110592 _____ (Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\GDICtrl3.sku
2008-09-10 18:51 - 2006-03-28 16:21 - 00114757 _____ (Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\RtxCtrl.sku
2008-09-11 03:31 - 2009-06-03 13:19 - 00039424 _____ (Creative Technology Ltd) C:\Windows\System32\ctxfispk.dll
2008-09-11 03:31 - 2009-06-03 13:19 - 00041472 _____ (Creative Technology Ltd) C:\Windows\System32\ctxfibtn.dll
2009-06-03 13:19 - 2009-06-03 13:19 - 00002560 _____ () C:\Windows\CTXFIRES.DLL
2012-10-15 10:56 - 2012-10-15 10:56 - 00084480 _____ (Saitek) C:\Program Files\SmartTechnology\Software\ManuExtensionDLLs\AppLaunchEventDll.dll
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2008-09-11 03:24 - 2013-06-21 13:02 - 02597856 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2008-09-11 03:31 - 2009-06-03 13:00 - 00074752 _____ (Creative Technology Ltd) C:\Windows\SYSTEM32\ctosuser.dll
2008-09-11 03:31 - 2009-06-03 13:01 - 00053248 _____ (Creative Technology Ltd) C:\Windows\SYSTEM32\CTDPROXY.DLL
2008-09-11 03:31 - 2009-06-03 13:00 - 00068608 _____ (Creative Technology Ltd) C:\Windows\SYSTEM32\PIAPROXY.DLL
2009-05-12 05:24 - 2009-05-12 05:24 - 00511488 _____ (Creative Technology Ltd.) C:\Windows\system32\UDAAPO32.dll
2008-09-11 03:31 - 2008-06-30 09:48 - 00524288 _____ (Creative Technology Ltd.) C:\Windows\system32\CTAPO32.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00053648 _____ (Open Source Software community project) C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00073064 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2008-03-11 12:44 - 2008-03-11 12:44 - 00073728 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtmessage.dll
2008-03-11 12:44 - 2008-03-11 12:44 - 00873760 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsched.dll
2008-03-11 12:44 - 2008-03-11 12:44 - 00378408 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtevent.dll
2008-03-11 12:44 - 2008-03-11 12:44 - 00398624 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtfod.dll
2008-03-11 12:44 - 2008-03-11 12:44 - 00857376 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsync.dll
2008-03-11 12:44 - 2008-03-11 12:44 - 00374048 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtui.dll
2008-03-11 12:44 - 2008-03-11 12:44 - 00024576 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll
2008-03-11 12:44 - 2008-03-11 12:44 - 00020480 _____ (SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll
2013-03-12 18:10 - 2013-08-21 23:18 - 00687104 _____ () C:\Program Files\Steam\SDL2.dll
2013-01-27 10:44 - 2013-09-06 21:55 - 01120680 _____ () C:\Program Files\Steam\bin\chromehtml.dll
2013-01-27 10:44 - 2013-08-07 20:31 - 20625832 _____ () C:\Program Files\Steam\bin\libcef.dll
2013-01-27 10:44 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files\Steam\bin\avcodec-53.dll
2013-01-27 10:44 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files\Steam\bin\avutil-51.dll
2013-01-27 10:44 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files\Steam\bin\avformat-53.dll
2007-02-13 10:32 - 2007-02-13 10:32 - 00585728 _____ (Broadcom Corporation.) C:\Windows\system32\btwapi.dll
2007-02-13 10:57 - 2007-02-13 10:57 - 00233472 _____ (Broadcom Corporation.) C:\Windows\system32\btosif.dll
2007-02-13 11:14 - 2007-02-13 11:14 - 00389120 _____ () C:\Windows\system32\btwhidcs.DLL
2007-02-13 10:26 - 2007-02-13 10:26 - 05271552 _____ (Broadcom Corporation.) C:\Windows\system32\btrez.dll
2007-02-13 11:33 - 2007-02-13 11:33 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-09-10 18:46 - 2007-04-26 18:31 - 00274432 _____ (Primax Electronics Ltd.) C:\Windows\System32\PMXUTIL.dll
2008-09-10 18:46 - 2006-06-15 18:40 - 00065536 _____ (Primax Electronics Ltd.) C:\Windows\System32\pmxhooks.dll
2007-02-13 15:20 - 2007-02-13 15:20 - 01048576 _____ (Broadcom Corporation.) C:\Windows\system32\btins.dll
2007-02-13 10:55 - 2007-02-13 10:55 - 00172032 _____ (Broadcom Corporation.) C:\Windows\system32\BtAudioHelper.dll
2007-02-13 11:01 - 2007-02-13 11:01 - 00442368 _____ (Broadcom Corporation.) C:\Windows\system32\btosif_ol.dll
2007-02-13 11:02 - 2007-02-13 11:02 - 00270336 _____ (Broadcom Corporation.) C:\Windows\system32\btosif_olx.dll
2007-02-13 11:01 - 2007-02-13 11:01 - 00331776 _____ (Broadcom Corporation.) C:\Windows\system32\btosif_notes.dll
2012-12-14 21:45 - 2013-06-18 16:15 - 03360984 _____ (Terra Informatica Software, Inc.) C:\Program Files\Comodo\COMODO Internet Security\cmdhtml.dll
2013-09-12 16:34 - 2013-09-02 21:35 - 04053456 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-12 16:34 - 2013-09-02 21:35 - 00410576 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-12 16:34 - 2013-09-02 21:35 - 01604560 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-08-15 20:08 - 2013-08-15 20:08 - 04591616 _____ () C:\Users\Admin\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll
2013-08-15 20:08 - 2013-08-15 20:08 - 00112128 _____ () C:\Users\Admin\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll
 
==================== Alternate Data Streams (whitelisted) ==========
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/12/2013 09:14:01 PM) (Source: Application Hang) (User: )
Description: The program FRST.exe version 3.3.8.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1974
Start Time: 01ceaff40125e951
Termination Time: 9
 
Error: (09/12/2013 08:08:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/12/2013 07:47:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/11/2013 11:58:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/11/2013 10:24:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/11/2013 10:09:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/11/2013 09:53:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/11/2013 09:35:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/11/2013 09:29:28 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {de4f0cad-844d-414a-8b18-3c2f440be208}
 
Error: (09/11/2013 09:27:07 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {de4f0cad-844d-414a-8b18-3c2f440be208}
 
 
System errors:
=============
Error: (09/12/2013 07:45:41 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 19:43:34 on 12/09/2013 was unexpected.
 
Error: (09/11/2013 11:57:18 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 23:56:01 on 11/09/2013 was unexpected.
 
Error: (09/11/2013 10:09:09 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 22:07:01 on 11/09/2013 was unexpected.
 
Error: (09/11/2013 09:53:08 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 21:51:51 on 11/09/2013 was unexpected.
 
Error: (09/11/2013 09:31:18 PM) (Source: Service Control Manager) (User: )
Description: ForceWare Intelligent Application Manager (IAM)
 
Error: (09/11/2013 09:31:07 PM) (Source: Service Control Manager) (User: )
Description: ForceWare IP service
 
Error: (09/11/2013 08:37:55 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 20:36:04 on 11/09/2013 was unexpected.
 
Error: (09/11/2013 00:46:11 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:43:55 on 11/09/2013 was unexpected.
 
Error: (09/11/2013 00:41:06 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:38:54 on 11/09/2013 was unexpected.
 
Error: (09/11/2013 11:32:28 AM) (Source: Service Control Manager) (User: )
Description: Steam Client Service%%1053
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-09-11 16:00:13.527
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 16:00:13.356
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 16:00:13.184
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 16:00:13.028
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 16:00:12.857
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 16:00:12.685
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 16:00:07.771
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 16:00:07.599
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 16:00:07.443
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 16:00:07.272
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6001.18000_none_34daa5e8f21ef8d2\fveapi.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 56%
Total physical RAM: 2812.57 MB
Available physical RAM: 1237.03 MB
Total Pagefile: 5836.13 MB
Available Pagefile: 3896.78 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.25 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:586.1 GB) (Free:452.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:4.98 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: D0000000)
Partition 1: (Not Active) - (Size=71 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=586 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

I do not see anything obviously malicious, can you run the following see what shows up to effect a crash:

 

Download this program Blue Screen Viewer  and unzip "Bluescreen View.exe" to your desktop.
Next, Select Start > Right click on "Computer" and select "Properties" select "Advanced System Settings" then "Advanced" tab. From the "Start up and Recovery" section select "settings" make sure the default folder is "%SystemRoot%\Minidump".
Go back to your desktop and double click on Bluescreen Viewer to run it, if there is any info available the program will grab the most recent. Choose save from the Toolbar and copy paste to your next reply. If there is no information available try and re-create the BSOD and try again with the tool to collect the information.
 

Also if possible can you attach the last two files from the mini dump folder, will be here C:\Windows\Minidump. The file will have 6 digits, they are the date of the dump.

To attach hit the "More Reply Options" tab under the normal reply box, you will then see the "Attach Files" option under the new reply box, fairly straightforward, use the browse button to find the file, then the "Attach This File" button, repeat for second file etc etc...

Link to post
Share on other sites

erm just crashed again >< I got the below if that helps... I have had this problem for a few days and have checked for windows updates but there are 11 important ones that my comp has just downloaded can I install them before I proceed or should I wait?


Problem signature:

  Problem Event Name: BlueScreen
  OS Version: 6.0.6002.2.2.0.768.3
  Locale ID: 2057
 
Additional information about the problem:
  BCCode: 116
  BCP1: 87BBC510
  BCP2: 8F0FCAF2
  BCP3: 00000000
  BCP4: 00000002
  OS Version: 6_0_6002
  Service Pack: 2_0
  Product: 768_1
 
Files that help describe the problem:
  C:\Windows\Minidump\Mini091213-02.dmp
  C:\Users\Admin\AppData\Local\Temp\WER-87750-0.sysdata.xml
  C:\Users\Admin\AppData\Local\Temp\WER6595.tmp.version.txt
 
Read our privacy statement:
Link to post
Share on other sites

The minidump file you upload indicates crash is caused by the following driver nvlddmkm.sys have a read of the information at the following link, see if that will help you.. https://forums.geforce.com/default/topic/546712/bsod-nvlddmkm-sys-problem/

 

Regarding Blue Screen Viewer, no need to take that any further. The file you upload already confirms what BSV will tell us. You have a graphic card or driver issue, is not malware related.....

 

Regarding "When the computer rebooted I got = "apdproxy.exe - this aplication has failed to start because ConnAPI.DLL was not found..." best way to stop that error is to remove "Adobe Photo Downloader" from your startup list (msconfig), no need for that to run at boot

 

HKLM\...\Run: [Adobe Photo Downloader] - C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated)

 

Kevin..

Link to post
Share on other sites

You have not wasted my time, you will need to remove the tools we`ve used;

 

Delete BSV and any logs

Delete FRST and any logs, also delete C:\FRST folder

 

Uninstall adwcleaner.exe

  •   Please close all open programs and internet browsers.
  •   Double click on adwcleaner.exe to run the tool.
  •   Click on Uninstall
  • Click Yes at Would you like to Uninstall Adwcleaner

 

Have you sorted out the issue with grapgics card/driver?

Link to post
Share on other sites

I am looking into fixing it now from here:

https://forums.geforce.com/default/topic/389688/geforce-drivers/nvidia-statement-on-tdr-errors-display-driver-nvlddmkm-stopped-/

 

If after that still no fix then I will post here:

http://www.nvidia.com/object/vistaqualityassurance.html.

 

Seems vista is trying to help yet making things worse haha but I have a bit to read on the trouble shooting before I know for sure.

 

Wish me luck!

Thanks again :)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.