1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

a few trojans >.<

Discussion in 'Virus & Other Malware Removal' started by 5K0ttY, Nov 5, 2011.

Thread Status:
Not open for further replies.
  1. 5K0ttY

    5K0ttY Thread Starter

    Joined:
    Jun 7, 2007
    Messages:
    30
    I've got Windows logging off randomly by itself, Windows Explorer restarting by itself, major lagging, and occasional URL redirection in Chrome.

    ESET says we've got a Olmarik.AVQ trojan & a Agent.DW

    Here's your Logs.
    64-Bit, so no GMER log.
    Also, No CD as Win 7x64 came installed with the Lappy.

    Thanks in advance~!


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 3:39:47 AM, on 11/5/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Scott Ford\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: HDVid Web Player v.0.91 - {C9C42511-9B41-42c1-9DCD-7282A2D07C65} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [5CA5DC88BDFD0CAF3D75327A481CE8664942B227._service_run] "C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Scott Ford\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - Global Startup: SRS Premium Sound.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted IP range: http://10.0.0.1
    O15 - ESC Trusted IP range: http://10.0.0.1
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - http://support.asus.com/select/asusTek_sys_ctrl3.cab
    O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
    O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/ocx/15114/CTPID.cab
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: I2P Service (i2p) - Unknown owner - C:\Program Files (x86)\i2p\I2Psvc.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 8760 bytes



    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Scott Ford at 3:41:26 on 2011-11-05
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2924.707 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\FBAgent.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\cFosSpeed\spd.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\runservice.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\ping.exe
    C:\Windows\system32\conhost.exe
    C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://google.com/
    mStart Page = hxxp://www.google.com
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    BHO: {c9c42511-9b41-42c1-9dcd-7282a2d07c65} - HDVid Web Player v.0.91
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [5CA5DC88BDFD0CAF3D75327A481CE8664942B227._service_run] "C:\Users\Scott Ford\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
    uRun: [Google Update] "C:\Users\Scott Ford\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    LSP: mswsock.dll
    DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
    DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15114/CTPID.cab
    TCP: DhcpNameServer = 68.87.72.134 68.87.77.134
    TCP: Interfaces\{80F826E1-D3CA-4586-B8CB-344529616616} : DhcpNameServer = 68.87.72.134 68.87.77.134
    TCP: Interfaces\{80F826E1-D3CA-4586-B8CB-344529616616}\2375942554533363 : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{80F826E1-D3CA-4586-B8CB-344529616616}\2375942554834303 : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{80F826E1-D3CA-4586-B8CB-344529616616}\66F62746E6564777F627B6 : DhcpNameServer = 68.87.64.208 68.87.66.208
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: {C9C42511-9B41-42c1-9DCD-7282A2D07C65} - HDVid Web Player v.0.91
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?]
    R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
    R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
    R2 LicCtrlService;LicCtrl Service;C:\Windows\Runservice.exe [2011-9-2 2560]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-5 2314240]
    R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
    R3 JME;JMicron Ethernet Adapter NDIS6.0 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
    R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-3 136176]
    S2 i2p;I2P Service;"C:\Program Files (x86)\i2p\I2Psvc.exe" -s "C:\Program Files (x86)\i2p\wrapper.config" --> C:\Program Files (x86)\i2p\I2Psvc.exe [?]
    S3 BS_DEF;BS_DEF;C:\Windows\BS_DEF.sys [2011-6-18 20288]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-3 136176]
    S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
    S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
    S3 ipshtap;IP-SHIELD TAP Adapter (x64);C:\Windows\system32\DRIVERS\ipshtap.sys --> C:\Windows\system32\DRIVERS\ipshtap.sys [?]
    S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?]
    S3 LeapFrog-USBLAN;LeapFrog-USBLAN;C:\Windows\system32\DRIVERS\btblan.sys --> C:\Windows\system32\DRIVERS\btblan.sys [?]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
    S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
    S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2011-11-05 07:52:48 -------- d-----w- C:\Windows\Downloaded Program Files
    2011-11-05 07:27:40 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4A24927-648B-46AA-9AE4-8CC5A9295045}\offreg.dll
    2011-11-05 07:12:56 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4A24927-648B-46AA-9AE4-8CC5A9295045}\mpengine.dll
    2011-11-05 05:26:47 -------- d-----w- C:\Users\Scott Ford\AppData\Roaming\BatteryBar
    2011-11-05 04:11:00 -------- d-----w- C:\Program Files\AVAST Software
    2011-11-03 08:56:51 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
    2011-11-03 04:27:09 -------- d-----w- C:\Program Files (x86)\ESET
    2011-11-03 02:45:08 -------- d-----w- C:\Users\Scott Ford\AppData\Local\Sports Interactive
    2011-11-03 02:43:46 -------- d-----we C:\Windows\system64
    2011-10-31 05:53:48 -------- d-----w- C:\Program Files\CCleaner
    2011-10-31 00:36:17 -------- d-----w- C:\Users\Scott Ford\AppData\Roaming\DAEMON Tools Lite
    2011-10-31 00:04:06 97552 ----a-w- C:\Windows\System32\drivers\MijXfilt.sys
    2011-10-31 00:04:06 74960 ----a-w- C:\Windows\System32\drivers\xusb21.sys
    2011-10-31 00:04:06 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
    2011-10-28 03:19:39 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-10-28 03:19:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-10-28 03:15:23 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
    2011-10-27 03:00:57 380688 ----a-w- C:\Windows\SysWow64\temp.003
    2011-10-27 02:58:53 380688 ----a-w- C:\Windows\SysWow64\temp.002
    2011-10-27 02:58:46 249856 ------w- C:\Windows\Setup1.exe
    2011-10-25 02:53:30 -------- d-----w- C:\Program Files\SystemRequirementsLab
    2011-10-13 22:28:28 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
    2011-10-13 22:28:28 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
    2011-10-13 22:28:28 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
    2011-10-13 22:28:27 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
    2011-10-13 22:28:27 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
    2011-10-13 22:28:27 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
    2011-10-13 22:28:22 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
    2011-10-13 22:28:22 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
    2011-10-13 13:37:06 3138048 ----a-w- C:\Windows\System32\win32k.sys
    2011-10-13 13:36:58 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
    2011-10-13 13:36:58 613888 ----a-w- C:\Windows\System32\psisdecd.dll
    2011-10-13 13:36:58 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
    2011-10-13 13:36:58 108032 ----a-w- C:\Windows\System32\psisrndr.ax
    2011-10-13 13:36:35 861696 ----a-w- C:\Windows\System32\oleaut32.dll
    2011-10-13 13:36:35 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
    2011-10-13 13:36:35 331776 ----a-w- C:\Windows\System32\oleacc.dll
    2011-10-13 13:36:35 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
    2011-10-13 12:53:20 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
    2011-10-13 12:50:04 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
    2011-10-13 12:48:39 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
    2011-10-11 20:17:46 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F6524648-8201-4C3A-97B7-4836BFC5EC1F}\gapaengine.dll
    2011-10-10 17:19:14 -------- d-sh--w- C:\$RECYCLE.BIN
    2011-10-08 01:43:13 -------- d-----r- C:\Program Files (x86)\Skype
    2011-10-08 01:20:15 -------- d-----w- C:\Users\Scott Ford\AppData\Local\uTorrent
    2011-10-07 00:36:02 -------- d-----w- C:\Users\Scott Ford\AppData\Local\Microsoft Help
    .
    ==================== Find3M ====================
    .
    2011-11-05 07:27:38 833 --sha-w- C:\Windows\SysWow64\mmf.sys
    2011-10-27 03:00:50 73216 ----a-w- C:\Windows\ST6UNST.EXE
    2011-10-13 23:10:06 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-13 13:44:13 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-10-13 13:44:13 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-10-13 13:44:13 2309120 ----a-w- C:\Windows\System32\jscript9.dll
    2011-10-13 13:44:13 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-10-13 13:44:13 1389056 ----a-w- C:\Windows\System32\wininet.dll
    2011-10-13 13:44:13 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-10-04 17:47:23 380688 ----a-w- C:\Windows\SysWow64\temp.001
    2011-10-04 17:46:17 380688 ----a-w- C:\Windows\SysWow64\temp.000
    2011-10-03 14:36:59 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
    2011-10-03 10:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2011-09-27 11:36:22 45056 ----a-w- C:\Windows\System32\acovcnt.exe
    2011-09-04 02:25:14 627600 ----a-w- C:\Windows\System32\deployJava1.dll
    2011-09-02 23:45:17 122880 ----a-w- C:\Windows\lcmmfu.cpl
    2011-09-02 23:45:04 48640 ----a-w- C:\Windows\mmfs.dll
    2011-09-02 23:45:04 2560 ----a-w- C:\Windows\Runservice.exe
    2011-09-01 01:08:50 167704 ----a-w- C:\Windows\System32\igfxtray.exe
    2011-09-01 01:08:48 510232 ----a-w- C:\Windows\System32\igfxsrvc.exe
    2011-09-01 01:08:44 416024 ----a-w- C:\Windows\System32\igfxpers.exe
    2011-09-01 01:08:42 239896 ----a-w- C:\Windows\System32\igfxext.exe
    2011-09-01 01:08:34 392472 ----a-w- C:\Windows\System32\hkcmd.exe
    2011-09-01 01:08:24 4378392 ----a-w- C:\Windows\System32\GfxUI.exe
    2011-09-01 01:08:22 179992 ----a-w- C:\Windows\System32\difx64.exe
    2011-09-01 00:58:50 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2509.dll
    2011-09-01 00:53:22 12306848 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
    2011-09-01 00:53:20 8312320 ----a-w- C:\Windows\System32\igdumd64.dll
    2011-09-01 00:51:16 867020 ----a-w- C:\Windows\SysWow64\igkrng575.bin
    2011-09-01 00:51:16 867020 ----a-w- C:\Windows\System32\igkrng575.bin
    2011-09-01 00:51:16 128204 ----a-w- C:\Windows\SysWow64\igcompkrng575.bin
    2011-09-01 00:51:16 128204 ----a-w- C:\Windows\System32\igcompkrng575.bin
    2011-09-01 00:51:16 105608 ----a-w- C:\Windows\SysWow64\igfcg575m.bin
    2011-09-01 00:51:16 105608 ----a-w- C:\Windows\System32\igfcg575m.bin
    2011-09-01 00:47:42 6322688 ----a-w- C:\Windows\SysWow64\igdumd32.dll
    2011-09-01 00:45:02 581120 ----a-w- C:\Windows\SysWow64\igdumdx32.dll
    2011-09-01 00:42:42 14598656 ----a-w- C:\Windows\System32\igd10umd64.dll
    2011-09-01 00:37:18 12340224 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
    2011-09-01 00:31:14 18641408 ----a-w- C:\Windows\System32\ig4icd64.dll
    2011-09-01 00:26:20 13903872 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
    2011-09-01 00:21:50 375808 ----a-w- C:\Windows\System32\igfxpph.dll
    2011-09-01 00:21:46 378368 ----a-w- C:\Windows\System32\igfxTMM.dll
    2011-09-01 00:21:40 28672 ----a-w- C:\Windows\System32\igfxexps.dll
    2011-09-01 00:21:26 62464 ----a-w- C:\Windows\System32\igfxsrvc.dll
    2011-09-01 00:20:58 110080 ----a-w- C:\Windows\System32\hccutils.dll
    2011-09-01 00:20:50 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
    2011-09-01 00:20:50 146432 ----a-w- C:\Windows\System32\gfxSrvc.dll
    2011-09-01 00:20:48 390144 ----a-w- C:\Windows\System32\igfxdev.dll
    2011-09-01 00:20:14 285696 ----a-w- C:\Windows\System32\igfxrenu.lrc
    2011-09-01 00:20:08 9014784 ----a-w- C:\Windows\System32\igfxress.dll
    2011-09-01 00:20:08 142336 ----a-w- C:\Windows\System32\igfxdo.dll
    2011-09-01 00:16:32 24576 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
    2011-09-01 00:15:46 294400 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
    2011-09-01 00:13:52 98304 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
    2011-09-01 00:13:52 98304 ----a-w- C:\Windows\System32\iglhcp64.dll
    2011-09-01 00:13:52 376832 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
    2011-09-01 00:13:52 376832 ----a-w- C:\Windows\System32\iglhsip64.dll
    2011-09-01 00:13:52 162816 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll
    2011-09-01 00:13:52 140288 ----a-w- C:\Windows\System32\igfxcmrt64.dll
    2011-08-31 22:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-08-11 17:47:46 76288 ----a-w- C:\Windows\SysWow64\moveex.exe
    .
    ============= FINISH: 3:42:33.85 ===============
     

    Attached Files:

  2. 5K0ttY

    5K0ttY Thread Starter

    Joined:
    Jun 7, 2007
    Messages:
    30
    Also, my Windows Firewall has been turned off and I am not able to turn it back on at all.

    And I'm not sure if it's related or not, but my AC Adapter says it's plugged in and charging, but it's stays at 75 percent and the computer shuts off immediately when I take the AC out.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1025533

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice