a few trojans >.<

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

5K0ttY

Thread Starter
Joined
Jun 7, 2007
Messages
30
I've got Windows logging off randomly by itself, Windows Explorer restarting by itself, major lagging, and occasional URL redirection in Chrome.

ESET says we've got a Olmarik.AVQ trojan & a Agent.DW

Here's your Logs.
64-Bit, so no GMER log.
Also, No CD as Win 7x64 came installed with the Lappy.

Thanks in advance~!


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:39:47 AM, on 11/5/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Scott Ford\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: HDVid Web Player v.0.91 - {C9C42511-9B41-42c1-9DCD-7282A2D07C65} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [5CA5DC88BDFD0CAF3D75327A481CE8664942B227._service_run] "C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [Google Update] "C:\Users\Scott Ford\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted IP range: http://10.0.0.1
O15 - ESC Trusted IP range: http://10.0.0.1
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/ocx/15114/CTPID.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: I2P Service (i2p) - Unknown owner - C:\Program Files (x86)\i2p\I2Psvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8760 bytes



.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Scott Ford at 3:41:26 on 2011-11-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2924.707 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\runservice.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mStart Page = hxxp://www.google.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: {c9c42511-9b41-42c1-9dcd-7282a2d07c65} - HDVid Web Player v.0.91
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [5CA5DC88BDFD0CAF3D75327A481CE8664942B227._service_run] "C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
uRun: [Google Update] "C:\Users\Scott Ford\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: mswsock.dll
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15114/CTPID.cab
TCP: DhcpNameServer = 68.87.72.134 68.87.77.134
TCP: Interfaces\{80F826E1-D3CA-4586-B8CB-344529616616} : DhcpNameServer = 68.87.72.134 68.87.77.134
TCP: Interfaces\{80F826E1-D3CA-4586-B8CB-344529616616}\2375942554533363 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{80F826E1-D3CA-4586-B8CB-344529616616}\2375942554834303 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{80F826E1-D3CA-4586-B8CB-344529616616}\66F62746E6564777F627B6 : DhcpNameServer = 68.87.64.208 68.87.66.208
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: {C9C42511-9B41-42c1-9DCD-7282A2D07C65} - HDVid Web Player v.0.91
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 LicCtrlService;LicCtrl Service;C:\Windows\Runservice.exe [2011-9-2 2560]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-5 2314240]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 JME;JMicron Ethernet Adapter NDIS6.0 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-3 136176]
S2 i2p;I2P Service;"C:\Program Files (x86)\i2p\I2Psvc.exe" -s "C:\Program Files (x86)\i2p\wrapper.config" --> C:\Program Files (x86)\i2p\I2Psvc.exe [?]
S3 BS_DEF;BS_DEF;C:\Windows\BS_DEF.sys [2011-6-18 20288]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-3 136176]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
S3 ipshtap;IP-SHIELD TAP Adapter (x64);C:\Windows\system32\DRIVERS\ipshtap.sys --> C:\Windows\system32\DRIVERS\ipshtap.sys [?]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?]
S3 LeapFrog-USBLAN;LeapFrog-USBLAN;C:\Windows\system32\DRIVERS\btblan.sys --> C:\Windows\system32\DRIVERS\btblan.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-11-05 07:52:48 -------- d-----w- C:\Windows\Downloaded Program Files
2011-11-05 07:27:40 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4A24927-648B-46AA-9AE4-8CC5A9295045}\offreg.dll
2011-11-05 07:12:56 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4A24927-648B-46AA-9AE4-8CC5A9295045}\mpengine.dll
2011-11-05 05:26:47 -------- d-----w- C:\Users\Scott Ford\AppData\Roaming\BatteryBar
2011-11-05 04:11:00 -------- d-----w- C:\Program Files\AVAST Software
2011-11-03 08:56:51 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2011-11-03 04:27:09 -------- d-----w- C:\Program Files (x86)\ESET
2011-11-03 02:45:08 -------- d-----w- C:\Users\Scott Ford\AppData\Local\Sports Interactive
2011-11-03 02:43:46 -------- d-----we C:\Windows\system64
2011-10-31 05:53:48 -------- d-----w- C:\Program Files\CCleaner
2011-10-31 00:36:17 -------- d-----w- C:\Users\Scott Ford\AppData\Roaming\DAEMON Tools Lite
2011-10-31 00:04:06 97552 ----a-w- C:\Windows\System32\drivers\MijXfilt.sys
2011-10-31 00:04:06 74960 ----a-w- C:\Windows\System32\drivers\xusb21.sys
2011-10-31 00:04:06 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2011-10-28 03:19:39 -------- d-----w- C:\ProgramData\Malwarebytes
2011-10-28 03:19:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-28 03:15:23 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2011-10-27 03:00:57 380688 ----a-w- C:\Windows\SysWow64\temp.003
2011-10-27 02:58:53 380688 ----a-w- C:\Windows\SysWow64\temp.002
2011-10-27 02:58:46 249856 ------w- C:\Windows\Setup1.exe
2011-10-25 02:53:30 -------- d-----w- C:\Program Files\SystemRequirementsLab
2011-10-13 22:28:28 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-10-13 22:28:28 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-10-13 22:28:28 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-10-13 22:28:27 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2011-10-13 22:28:27 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2011-10-13 22:28:27 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2011-10-13 22:28:22 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2011-10-13 22:28:22 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2011-10-13 13:37:06 3138048 ----a-w- C:\Windows\System32\win32k.sys
2011-10-13 13:36:58 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-10-13 13:36:58 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2011-10-13 13:36:58 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-10-13 13:36:58 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2011-10-13 13:36:35 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-10-13 13:36:35 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-10-13 13:36:35 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-10-13 13:36:35 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-10-13 12:53:20 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2011-10-13 12:50:04 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-10-13 12:48:39 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2011-10-11 20:17:46 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F6524648-8201-4C3A-97B7-4836BFC5EC1F}\gapaengine.dll
2011-10-10 17:19:14 -------- d-sh--w- C:\$RECYCLE.BIN
2011-10-08 01:43:13 -------- d-----r- C:\Program Files (x86)\Skype
2011-10-08 01:20:15 -------- d-----w- C:\Users\Scott Ford\AppData\Local\uTorrent
2011-10-07 00:36:02 -------- d-----w- C:\Users\Scott Ford\AppData\Local\Microsoft Help
.
==================== Find3M ====================
.
2011-11-05 07:27:38 833 --sha-w- C:\Windows\SysWow64\mmf.sys
2011-10-27 03:00:50 73216 ----a-w- C:\Windows\ST6UNST.EXE
2011-10-13 23:10:06 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-13 13:44:13 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-13 13:44:13 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-13 13:44:13 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-10-13 13:44:13 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-10-13 13:44:13 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-10-13 13:44:13 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-10-04 17:47:23 380688 ----a-w- C:\Windows\SysWow64\temp.001
2011-10-04 17:46:17 380688 ----a-w- C:\Windows\SysWow64\temp.000
2011-10-03 14:36:59 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
2011-10-03 10:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-09-27 11:36:22 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2011-09-04 02:25:14 627600 ----a-w- C:\Windows\System32\deployJava1.dll
2011-09-02 23:45:17 122880 ----a-w- C:\Windows\lcmmfu.cpl
2011-09-02 23:45:04 48640 ----a-w- C:\Windows\mmfs.dll
2011-09-02 23:45:04 2560 ----a-w- C:\Windows\Runservice.exe
2011-09-01 01:08:50 167704 ----a-w- C:\Windows\System32\igfxtray.exe
2011-09-01 01:08:48 510232 ----a-w- C:\Windows\System32\igfxsrvc.exe
2011-09-01 01:08:44 416024 ----a-w- C:\Windows\System32\igfxpers.exe
2011-09-01 01:08:42 239896 ----a-w- C:\Windows\System32\igfxext.exe
2011-09-01 01:08:34 392472 ----a-w- C:\Windows\System32\hkcmd.exe
2011-09-01 01:08:24 4378392 ----a-w- C:\Windows\System32\GfxUI.exe
2011-09-01 01:08:22 179992 ----a-w- C:\Windows\System32\difx64.exe
2011-09-01 00:58:50 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2509.dll
2011-09-01 00:53:22 12306848 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
2011-09-01 00:53:20 8312320 ----a-w- C:\Windows\System32\igdumd64.dll
2011-09-01 00:51:16 867020 ----a-w- C:\Windows\SysWow64\igkrng575.bin
2011-09-01 00:51:16 867020 ----a-w- C:\Windows\System32\igkrng575.bin
2011-09-01 00:51:16 128204 ----a-w- C:\Windows\SysWow64\igcompkrng575.bin
2011-09-01 00:51:16 128204 ----a-w- C:\Windows\System32\igcompkrng575.bin
2011-09-01 00:51:16 105608 ----a-w- C:\Windows\SysWow64\igfcg575m.bin
2011-09-01 00:51:16 105608 ----a-w- C:\Windows\System32\igfcg575m.bin
2011-09-01 00:47:42 6322688 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2011-09-01 00:45:02 581120 ----a-w- C:\Windows\SysWow64\igdumdx32.dll
2011-09-01 00:42:42 14598656 ----a-w- C:\Windows\System32\igd10umd64.dll
2011-09-01 00:37:18 12340224 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2011-09-01 00:31:14 18641408 ----a-w- C:\Windows\System32\ig4icd64.dll
2011-09-01 00:26:20 13903872 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2011-09-01 00:21:50 375808 ----a-w- C:\Windows\System32\igfxpph.dll
2011-09-01 00:21:46 378368 ----a-w- C:\Windows\System32\igfxTMM.dll
2011-09-01 00:21:40 28672 ----a-w- C:\Windows\System32\igfxexps.dll
2011-09-01 00:21:26 62464 ----a-w- C:\Windows\System32\igfxsrvc.dll
2011-09-01 00:20:58 110080 ----a-w- C:\Windows\System32\hccutils.dll
2011-09-01 00:20:50 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2011-09-01 00:20:50 146432 ----a-w- C:\Windows\System32\gfxSrvc.dll
2011-09-01 00:20:48 390144 ----a-w- C:\Windows\System32\igfxdev.dll
2011-09-01 00:20:14 285696 ----a-w- C:\Windows\System32\igfxrenu.lrc
2011-09-01 00:20:08 9014784 ----a-w- C:\Windows\System32\igfxress.dll
2011-09-01 00:20:08 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2011-09-01 00:16:32 24576 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2011-09-01 00:15:46 294400 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2011-09-01 00:13:52 98304 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
2011-09-01 00:13:52 98304 ----a-w- C:\Windows\System32\iglhcp64.dll
2011-09-01 00:13:52 376832 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
2011-09-01 00:13:52 376832 ----a-w- C:\Windows\System32\iglhsip64.dll
2011-09-01 00:13:52 162816 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll
2011-09-01 00:13:52 140288 ----a-w- C:\Windows\System32\igfxcmrt64.dll
2011-08-31 22:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-08-11 17:47:46 76288 ----a-w- C:\Windows\SysWow64\moveex.exe
.
============= FINISH: 3:42:33.85 ===============
 

Attachments

5K0ttY

Thread Starter
Joined
Jun 7, 2007
Messages
30
Also, my Windows Firewall has been turned off and I am not able to turn it back on at all.

And I'm not sure if it's related or not, but my AC Adapter says it's plugged in and charging, but it's stays at 75 percent and the computer shuts off immediately when I take the AC out.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top