1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Browser redirects/slow internet/windows unexpected errors

Discussion in 'Virus & Other Malware Removal' started by nchurik, Dec 16, 2010.

Thread Status:
Not open for further replies.
  1. nchurik

    nchurik Thread Starter

    Joined:
    Apr 11, 2009
    Messages:
    35
    Recently formatted/installed Windows 7 (2 weeks ago). Brother used computer and must have visited a sketchy site. Yesterday I started to notice the internet get very very slow randomly and some redirects in my browser (Firefox). Today when I came home, the computer had restarted and recovered from an unexpected Windows error but I couldn't copy the error code. When I ran GMER, the log that is produced is empty. The rest of the logs are as follows...

    HijackThis Log

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 1:29:37 PM, on 12/16/2010
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16700)
    Boot mode: Normal

    Running processes:
    C:\ProgramData\TVersity\Media Server\web\admin\TVersity.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\My Stuff\Software\RealTemp\RealTemp.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Users\Nick\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: RealTemp.exe
    O4 - Startup: TVersity.lnk = C:\ProgramData\TVersity\Media Server\web\admin\TVersity.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BAA1DFF9-2E05-41F5-8A5E-20FEFFC35071}: NameServer = 192.168.0.1
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 7093 bytes


    DDS Log

    DDS (Ver_10-12-12.02) - NTFS_AMD64
    Run by Nick at 13:30:28.84 on Thu 12/16/2010
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4095.2794 [GMT -6:00]

    AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\ProgramData\TVersity\Media Server\MediaServer.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\ProgramData\TVersity\Media Server\web\admin\TVersity.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\My Stuff\Software\RealTemp\RealTemp.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Users\Nick\Desktop\dds.scr
    C:\Windows\system32\conhost.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/ig?hl=en&source=iglk
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    StartupFolder: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RealTemp.exe
    StartupFolder: C:\Users\Nick\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TVersity.lnk - C:\ProgramData\TVersity\Media Server\web\admin\TVersity.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    TCP: {BAA1DFF9-2E05-41F5-8A5E-20FEFFC35071} = 192.168.0.1

    ================= FIREFOX ===================

    FF - ProfilePath - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\b64d0c1w.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en&source=iglk
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

    ============= SERVICES / DRIVERS ===============

    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-12-5 135336]
    R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-12-5 267944]
    R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2010-12-5 83120]
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2009-6-19 712704]
    R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\My Stuff\Software\RealTemp\WinRing0x64.sys [2010-12-7 14544]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-5 136176]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-5 1255736]

    =============== Created Last 30 ================

    2010-12-16 15:55:12 -------- d-----w- C:\Program Files\iTunes
    2010-12-16 15:55:12 -------- d-----w- C:\Program Files\iPod
    2010-12-16 15:55:12 -------- d-----w- C:\Program Files (x86)\iTunes
    2010-12-14 07:11:39 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{04D97FBF-D97F-4B81-8DEF-A7DD1CA461F1}\mpengine.dll
    2010-12-11 17:09:05 208768 ----a-w- C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RealTemp.exe
    2010-12-11 16:58:24 -------- d-----w- C:\Users\Nick\AppData\Local\JockerSoft
    2010-12-11 16:58:16 -------- d-----w- C:\Program Files (x86)\JockerSoft
    2010-12-10 17:57:20 -------- d-----w- C:\Users\Nick\AppData\Roaming\Malwarebytes
    2010-12-10 17:57:17 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    2010-12-10 17:57:16 -------- d-----w- C:\PROGRA~3\Malwarebytes
    2010-12-10 17:57:13 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2010-12-10 17:57:13 -------- d-----w- C:\Program Files (x86)\MalwareBytes
    2010-12-09 10:47:06 12800 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
    2010-12-07 06:56:05 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll
    2010-12-06 19:39:14 -------- d-----w- C:\Program Files\CCleaner
    2010-12-06 08:24:58 94208 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
    2010-12-06 08:24:58 140864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
    2010-12-06 08:24:57 -------- d-----w- C:\Program Files (x86)\Real Alternative
    2010-12-06 07:44:13 -------- d-----w- C:\Program Files (x86)\TVersity Codec Pack
    2010-12-06 07:44:07 -------- d-----w- C:\PROGRA~3\TVersity
    2010-12-06 07:21:43 -------- d-----w- C:\Windows\PCHEALTH
    2010-12-06 07:20:00 -------- d-----w- C:\Users\Nick\AppData\Local\Microsoft Help
    2010-12-05 23:36:19 -------- d-----w- C:\Users\Nick\AppData\Local\Apple Computer
    2010-12-05 23:36:15 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
    2010-12-05 23:36:15 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
    2010-12-05 23:36:15 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
    2010-12-05 23:35:58 -------- d-----w- C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
    2010-12-05 23:35:23 -------- d-----w- C:\Users\Nick\AppData\Local\Apple
    2010-12-05 23:35:08 -------- d-----w- C:\Program Files\Bonjour
    2010-12-05 23:35:08 -------- d-----w- C:\Program Files (x86)\Bonjour
    2010-12-05 23:31:55 -------- d-----w- C:\Program Files (x86)\uTorrent
    2010-12-05 23:31:31 -------- d-----w- C:\Users\Nick\AppData\Roaming\uTorrent
    2010-12-05 23:29:57 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2010-12-05 23:29:57 472808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    2010-12-05 23:25:44 2414360 ----a-w- C:\Windows\SysWow64\d3dx9_31.dll
    2010-12-05 23:25:44 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
    2010-12-05 23:25:29 -------- d-----w- C:\Program Files (x86)\Winamp Detect
    2010-12-05 23:25:26 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
    2010-12-05 23:19:20 -------- d-----w- C:\Users\Nick\AppData\Local\Google
    2010-12-05 23:18:03 191488 ----a-w- C:\Windows\System32\unrar.dll
    2010-12-05 23:18:03 136704 ----a-w- C:\Windows\System32\ff_vfw.dll
    2010-12-05 23:18:02 -------- d-----w- C:\Program Files\KLCP64
    2010-12-05 23:10:31 -------- d-----w- C:\Windows\SysWow64\Adobe
    2010-12-05 23:05:31 -------- d-----w- C:\Windows\SysWow64\Wat
    2010-12-05 23:05:31 -------- d-----w- C:\Windows\System32\Wat
    2010-12-05 22:57:25 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys
    2010-12-05 22:56:26 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
    2010-12-05 22:56:26 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
    2010-12-05 22:56:26 48960 ----a-w- C:\Windows\System32\netfxperf.dll
    2010-12-05 22:56:26 444752 ----a-w- C:\Windows\System32\mscoree.dll
    2010-12-05 22:56:26 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
    2010-12-05 22:56:26 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
    2010-12-05 22:56:26 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
    2010-12-05 22:56:26 1942856 ----a-w- C:\Windows\System32\dfshim.dll
    2010-12-05 22:56:26 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
    2010-12-05 22:56:26 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
    2010-12-05 22:54:22 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2010-12-05 22:52:55 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation
    2010-12-05 22:52:51 -------- d-----w- C:\Program Files\NVIDIA Corporation
    2010-12-05 22:51:05 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
    2010-12-05 22:49:59 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
    2010-12-05 22:48:04 -------- d-----w- C:\Users\Nick\AppData\Local\Adobe
    2010-12-05 22:22:00 -------- d-----w- C:\Users\Nick\AppData\Local\ElevatedDiagnostics
    2010-12-05 22:15:48 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
    2010-12-05 22:08:36 -------- d-sh--w- C:\Boot
    2010-12-05 22:04:24 -------- d-----w- C:\Users\Nick\AppData\Roaming\Avira
    2010-12-05 22:00:13 220672 ----a-w- C:\Windows\System32\wintrust.dll
    2010-12-05 22:00:13 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2010-12-05 22:00:12 139264 ----a-w- C:\Windows\System32\cabview.dll
    2010-12-05 22:00:12 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
    2010-12-05 21:50:55 83120 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
    2010-12-05 21:50:55 -------- d-----w- C:\Program Files (x86)\Avira
    2010-12-05 21:50:55 -------- d-----w- C:\PROGRA~3\Avira
    2010-12-05 21:47:52 -------- d-sh--w- C:\Windows\Installer
    2010-12-05 21:18:00 -------- d-----w- C:\Users\Nick\AppData\Local\Mozilla
    2010-12-05 21:14:05 -------- d-----w- C:\Users\Nick\AppData\Local\Diagnostics
    2010-12-05 21:07:15 -------- d-----w- C:\My Stuff
    2010-12-05 20:20:04 -------- d-----w- C:\Users\Nick\AppData\Local\VirtualStore
    2010-12-05 20:18:30 -------- d-sh--we C:\Documents and Settings
    2010-12-05 20:18:30 -------- d-sh--w- C:\Recovery
    2010-11-29 23:38:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
    2010-11-29 23:38:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

    ==================== Find3M ====================

    2010-11-24 08:00:00 108032 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
    2010-11-22 18:16:36 2942464 ----a-w- C:\Windows\SysWow64\x264vfw.dll
    2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll
    2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
    2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll
    2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec
    2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec
    2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2010-11-03 19:08:48 237568 ----a-w- C:\Windows\SysWow64\yv12vfw.dll
    2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
    2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
    2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
    2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
    2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
    2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
    2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
    2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
    2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
    2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
    2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
    2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2010-10-22 11:43:18 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2010-10-22 11:43:18 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2010-10-20 05:20:01 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2010-10-20 03:09:15 3124224 ----a-w- C:\Windows\System32\win32k.sys
    2010-10-20 03:05:46 367104 ----a-w- C:\Windows\System32\atmfd.dll
    2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2010-10-19 16:41:44 270720 ------w- C:\Windows\System32\MpSigStub.exe
    2010-10-16 05:23:13 112000 ----a-w- C:\Windows\System32\consent.exe
    2010-10-16 05:19:41 395776 ----a-w- C:\Windows\System32\webio.dll
    2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll
    2010-10-07 18:36:16 96544 ----a-w- C:\Windows\System32\dnssd.dll
    2010-10-07 18:36:16 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
    2010-10-07 18:36:16 237856 ----a-w- C:\Windows\System32\dnssdX.dll
    2010-10-07 18:36:16 119584 ----a-w- C:\Windows\System32\dns-sd.exe
    2010-10-07 18:23:02 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
    2010-10-07 18:23:02 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
    2010-10-07 18:23:02 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
    2010-10-07 18:23:02 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
    2010-09-28 21:44:52 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
    2010-09-28 21:44:52 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll

    ============= FINISH: 13:30:54.61 ===============
     

    Attached Files:

  2. nchurik

    nchurik Thread Starter

    Joined:
    Apr 11, 2009
    Messages:
    35
    TTT...anyone help me out?
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/968879

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice