Advertisement
Advertisement
 Search | |
27-Jun-2012, 04:33 PM
#1 | ||||||
 Computer Freezes Hi, guys. Need a bit of help here if you don't mind. Let me give you the rundown... So my computer isn't going as fast as it used to. I've had past virus and malware attacks, as I frequently explore various websites, and I have a pretty good chance of having more baddies in my computer than I was able to take out. Anyway, I used to use Auslogics Disk Defrag to defragment my computer's hard drive and I decided to upgrade to Auslogics BoostSpeed due to the slowness even after scanning and repairing with Malwarebytes, Spybot, Auslogics Disk Defrag, Ccleaner, and Avast. I have a program called YouUninstaller 7 that looks a bit sketchy, but gets the job done. So I Uninstall Disk Defrag, including registry entries because that is a feature on YouUninstaller, but while uninstalling, my computer froze! I rebooted and checked to see if Disk Defrag was uninstalled, and it wasn't. Only the text was left with a blank page as its icon was left, so I deleted it. I went into Program Files(x86) and deleted my Auslogics folder as well. Then, I decided to install this bootleg version of Boostspeed I had received from a friend. After selecting what folder I wanted things to be saved to, I clicked next and it started to install. Here's where it gets rocky. The setup never finishes. After The green bar gets to the end, the computer just freezes, no mouse, no keyboard, no flashing battery light or anything. I've tried over 10 times now and it always freezes. So, there you go. I think the copy my friend gave me has a virus or something, I really don't know and would appreciate any help. Thanks in advance, gentlemen. Hijack This log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:30:51 PM, on 6/27/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Safe mode with network support Running processes: C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\Owner\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files (x86)\VIA\VIAudioi\EnvyADeck\EnMixCPL.exe 1 O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKCU\..\Run: [chromium] C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe --no-startup-window O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Encore\ENUWI-N4 Wireless USB Adapter\WlanCU.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{2E2BB111-BFE0-4D6C-A079-F315D2DA7984}: NameServer = 208.67.222.222,208.67.220.220 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Airgo Networks NIC Service (ANISERVICE) - Airgo Networks, Inc. - C:\Windows\SysWOW64\aniServ.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WlanWpsSvc - Unknown owner - C:\Program Files\Encore\ENUWI-N4 Wireless USB Adapter\WlanWpsSvc.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10620 bytes DDS: . DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Owner at 13:13:10 on 2012-06-27 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4060.3163 [GMT -7:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\SysWOW64\rundll32.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [chromium] C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe --no-startup-window mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun: [EnvyHFCPL] C:\Program Files (x86)\VIA\VIAudioi\EnvyADeck\EnMixCPL.exe 1 mRun: [Logitech Utility] LOGI_MWX.EXE mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files\Encore\ENUWI-N4 Wireless USB Adapter\WlanCU.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: DisableStatusMessages = 1 (0x1) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 68.238.64.12 TCP: Interfaces\{2E2BB111-BFE0-4D6C-A079-F315D2DA7984} : NameServer = 208.67.222.222,208.67.220.220 TCP: Interfaces\{2E2BB111-BFE0-4D6C-A079-F315D2DA7984} : DhcpNameServer = 192.168.1.1 68.238.64.12 TCP: Interfaces\{2E2BB111-BFE0-4D6C-A079-F315D2DA7984}\35563647F62793845616461557162747562737D4F62696C656 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{2E2BB111-BFE0-4D6C-A079-F315D2DA7984}\35563647F62793845616461757162747562737 : DhcpNameServer = 192.168.1.1 68.238.64.12 TCP: Interfaces\{2E2BB111-BFE0-4D6C-A079-F315D2DA7984}\35563647F62793845616461757162747562737830323E21313E6 : DhcpNameServer = 192.168.0.1 192.168.1.1 68.238.64.12 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO-X64: Increase performance and video formats for your HTML5 <video> - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun-x64: [EnvyHFCPL] C:\Program Files (x86)\VIA\VIAudioi\EnvyADeck\EnMixCPL.exe 1 mRun-x64: [Logitech Utility] LOGI_MWX.EXE mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6960pti6.default\ FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?AF=108976&tt=290312_bexdll&babsrc=HP_ss&mntrId=c8e127170000000000000018e78 69351 FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=108976&tt=290312_bexdll&babsrc=adbartrp&mntrId=c8e127170000000000000018 e7869351&q= FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dl l FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-connections-per-server - 8 FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . ============= SERVICES / DRIVERS =============== . R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?] R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?] S1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?] S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] S2 ANISERVICE;Airgo Networks NIC Service;C:\Windows\SysWOW64\aniServ.exe [2004-9-30 143360] S2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] S2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-4-5 44768] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2011-12-30 68136] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-11 654408] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-4-5 2143552] S2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\system32\viakaraokesrv.exe --> C:\Windows\system32\viakaraokesrv.exe [?] S2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\system32\DRIVERS\wcmvcam64.sys --> C:\Windows\system32\DRIVERS\wcmvcam64.sys [?] S2 WlanWpsSvc;WlanWpsSvc;C:\Program Files\Encore\ENUWI-N4 Wireless USB Adapter\WlanWpsSvc.exe [2012-1-3 167936] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-1 250056] S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?] S3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0);C:\Windows\system32\DRIVERS\CamDrL64.sys --> C:\Windows\system32\DRIVERS\CamDrL64.sys [?] S3 Envy24HFS;ICE Envy24 Family Audio Controller WDM 64 bit;C:\Windows\system32\drivers\Envy24HF.sys --> C:\Windows\system32\drivers\Envy24HF.sys [?] S3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?] S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-20 11856] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2100-02-08 23:03:54 53248 ----a-w- C:\Program Files (x86)\ACMonitor_X73.exe 2012-06-27 14:11:28 -------- d-----w- C:\Program Files (x86)\Auslogics 2012-06-27 09:01:20 -------- d-----w- C:\Windows\pss 2012-06-27 08:44:14 -------- d-----w- C:\Windows\W7SBC 2012-06-27 08:44:13 2871808 ----a-w- C:\Windows\explorer_edit_w7sbc.exe 2012-06-27 08:44:13 2871808 ----a-w- C:\Windows\explorer_backup_w7sbc.exe 2012-06-27 08:44:13 2288128 ----a-w- C:\Windows\explorer.exe 2012-06-27 00:47:03 -------- d-----w- C:\Program Files\CCleaner 2012-06-26 09:47:03 -------- d-----w- C:\Users\Owner\AppData\Roaming\RotMG.Production 2012-06-26 08:16:47 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{535AFD9E-D01A-48D4-BA5C-5C3567BD2630}\mpengine.dll 2012-06-22 07:10:58 -------- d-----w- C:\Program Files\iPod 2012-06-22 07:10:57 -------- d-----w- C:\Program Files\iTunes 2012-06-22 07:10:57 -------- d-----w- C:\Program Files (x86)\iTunes 2012-06-21 13:39:16 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-21 13:38:48 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-21 13:38:26 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-21 13:38:26 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-19 21:22:53 -------- d-----w- C:\Program Files (x86)\ASIO4ALL v2 2012-06-18 23:24:45 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-06-18 23:24:45 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-06-18 23:24:45 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-06-18 23:24:36 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-06-18 23:24:36 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-06-18 23:24:35 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-06-18 23:05:43 -------- d-----w- C:\Windows\SysWow64\XPSViewer 2012-06-18 23:05:43 -------- d-----w- C:\Windows\SysWow64\es 2012-06-18 23:05:43 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\es-ES 2012-06-18 23:05:43 -------- d-----w- C:\Windows\SysWow64\drivers\es-ES 2012-06-18 23:05:43 -------- d-----w- C:\Windows\SysWow64\0C0A 2012-06-18 23:05:42 -------- d-----w- C:\Windows\SysWow64\wbem\es-ES 2012-06-18 23:05:34 -------- d-----w- C:\Windows\System32\es 2012-06-18 23:05:34 -------- d-----w- C:\Windows\System32\drivers\UMDF\es-ES 2012-06-18 23:05:34 -------- d-----w- C:\Windows\System32\0C0A 2012-06-18 23:05:33 -------- d-----w- C:\Windows\System32\drivers\es-ES 2012-06-18 23:05:31 -------- d-----w- C:\Windows\System32\wbem\es-ES 2012-06-18 23:05:17 -------- d-----w- C:\Windows\es-ES 2012-06-18 22:39:03 6656 ----a-w- C:\Windows\System32\drivers\es-ES\rdvgkmd.sys.mui 2012-06-18 22:39:03 3584 ----a-w- C:\Windows\System32\drivers\es-ES\portcls.sys.mui 2012-06-18 22:39:03 2560 ----a-w- C:\Windows\System32\drivers\es-ES\rdpwd.sys.mui 2012-06-18 22:38:59 8704 ----a-w- C:\Windows\System32\drivers\es-ES\tunnel.sys.mui 2012-06-18 22:38:58 4608 ----a-w- C:\Windows\System32\drivers\es-ES\tsusbhub.sys.mui 2012-06-18 22:38:58 3584 ----a-w- C:\Windows\System32\drivers\es-ES\tsusbflt.sys.mui 2012-06-18 22:38:58 25600 ----a-w- C:\Windows\System32\drivers\es-ES\usbport.sys.mui 2012-06-18 22:38:58 11776 ----a-w- C:\Windows\System32\drivers\es-ES\usbhub.sys.mui 2012-06-18 22:38:44 3072 ----a-w- C:\Windows\System32\drivers\es-ES\Dot4usb.sys.mui 2012-06-18 22:38:40 9728 ----a-w- C:\Windows\System32\drivers\es-ES\battc.sys.mui 2012-06-18 22:36:57 72192 ----a-w- C:\Windows\System32\drivers\es-ES\ntfs.sys.mui 2012-06-18 22:34:29 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-18 22:06:52 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-06-18 22:06:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-06-18 22:06:49 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-06-18 22:06:20 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-06-18 22:06:20 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-06-18 22:06:20 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-06-18 22:06:17 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-06-18 22:06:17 366592 ----a-w- C:\Windows\System32\qdvd.dll 2012-06-18 22:06:05 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-06-18 22:06:04 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-06-18 22:06:02 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-06-18 22:06:02 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll 2012-06-18 22:05:28 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-06-18 22:05:26 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-29 00:29:14 -------- d-----w- C:\Users\Owner\AppData\Roaming\Unity 2012-05-29 00:27:54 -------- d-----w- C:\Users\Owner\AppData\Local\Unity . ==================== Find3M ==================== . 2012-06-27 11:50:38 25640 ----a-w- C:\Windows\gdrv.sys 2012-06-22 10:14:44 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-22 10:14:44 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-05 23:50:58 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-04-19 03:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx 2012-04-19 03:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts 2012-04-05 11:08:36 34624 ----a-w- C:\Windows\System32\TURegOpt.exe 2012-04-05 11:08:24 35648 ----a-w- C:\Windows\System32\uxtuneup.dll 2012-04-05 11:08:24 28992 ----a-w- C:\Windows\SysWow64\uxtuneup.dll 2012-04-05 11:08:24 25920 ----a-w- C:\Windows\System32\authuitu.dll 2012-04-05 11:08:24 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll 2012-04-04 22:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-01-12 15:01:46 691545 ----a-w- C:\Program Files (x86)\unins000.exe 2001-05-08 23:36:42 114688 ----a-w- C:\Program Files (x86)\lxarscan.dll . ============= FINISH: 13:14:56.52 =============== |
Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.
If you're not already familiar with forums, watch our Welcome Guide to get started.
| |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| |
