1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer Freezes

Discussion in 'Virus & Other Malware Removal' started by Ssssyther, Jun 27, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. Ssssyther

    Ssssyther Thread Starter

    Joined:
    Jul 6, 2008
    Messages:
    21
    Hi, guys. Need a bit of help here if you don't mind.
    Let me give you the rundown...

    So my computer isn't going as fast as it used to. I've had past virus and malware attacks, as I frequently explore various websites, and I have a pretty good chance of having more baddies in my computer than I was able to take out. Anyway, I used to use Auslogics Disk Defrag to defragment my computer's hard drive and I decided to upgrade to Auslogics BoostSpeed due to the slowness even after scanning and repairing with Malwarebytes, Spybot, Auslogics Disk Defrag, Ccleaner, and Avast. I have a program called YouUninstaller 7 that looks a bit sketchy, but gets the job done. So I Uninstall Disk Defrag, including registry entries because that is a feature on YouUninstaller, but while uninstalling, my computer froze! I rebooted and checked to see if Disk Defrag was uninstalled, and it wasn't. Only the text was left with a blank page as its icon was left, so I deleted it. I went into Program Files(x86) and deleted my Auslogics folder as well. Then, I decided to install this bootleg version of Boostspeed I had received from a friend. After selecting what folder I wanted things to be saved to, I clicked next and it started to install. Here's where it gets rocky. The setup never finishes. After The green bar gets to the end, the computer just freezes, no mouse, no keyboard, no flashing battery light or anything. I've tried over 10 times now and it always freezes. So, there you go. I think the copy my friend gave me has a virus or something, I really don't know and would appreciate any help. Thanks in advance, gentlemen.

    Hijack This log:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 1:30:51 PM, on 6/27/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16446)
    Boot mode: Safe mode with network support

    Running processes:
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Users\Owner\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
    O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files (x86)\VIA\VIAudioi\EnvyADeck\EnMixCPL.exe 1
    O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKCU\..\Run: [chromium] C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe --no-startup-window
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Encore\ENUWI-N4 Wireless USB Adapter\WlanCU.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O17 - HKLM\System\CCS\Services\Tcpip\..\{2E2BB111-BFE0-4D6C-A079-F315D2DA7984}: NameServer = 208.67.222.222,208.67.220.220
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Airgo Networks NIC Service (ANISERVICE) - Airgo Networks, Inc. - C:\Windows\SysWOW64\aniServ.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: WlanWpsSvc - Unknown owner - C:\Program Files\Encore\ENUWI-N4 Wireless USB Adapter\WlanWpsSvc.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10620 bytes


    DDS:

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
    Run by Owner at 13:13:10 on 2012-06-27
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4060.3163 [GMT -7:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\Explorer.EXE
    C:\Windows\system32\ctfmon.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    uRun: [chromium] C:\Users\Owner\AppData\Local\Google\Chrome\Application\old_chrome.exe --no-startup-window
    mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
    mRun: [EnvyHFCPL] C:\Program Files (x86)\VIA\VIAudioi\EnvyADeck\EnMixCPL.exe 1
    mRun: [Logitech Utility] LOGI_MWX.EXE
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files\Encore\ENUWI-N4 Wireless USB Adapter\WlanCU.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: DisableStatusMessages = 1 (0x1)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1 68.238.64.12
    TCP: Interfaces\{2E2BB111-BFE0-4D6C-A079-F315D2DA7984} : NameServer = 208.67.222.222,208.67.220.220
    TCP: Interfaces\{2E2BB111-BFE0-4D6C-A079-F315D2DA7984} : DhcpNameServer = 192.168.1.1 68.238.64.12
    TCP: Interfaces\{2E2BB111-BFE0-4D6C-A079-F315D2DA7984}\35563647F62793845616461557162747562737D4F62696C656 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{2E2BB111-BFE0-4D6C-A079-F315D2DA7984}\35563647F62793845616461757162747562737 : DhcpNameServer = 192.168.1.1 68.238.64.12
    TCP: Interfaces\{2E2BB111-BFE0-4D6C-A079-F315D2DA7984}\35563647F62793845616461757162747562737830323E21313E6 : DhcpNameServer = 192.168.0.1 192.168.1.1 68.238.64.12
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
    mRun-x64: [EnvyHFCPL] C:\Program Files (x86)\VIA\VIAudioi\EnvyADeck\EnMixCPL.exe 1
    mRun-x64: [Logitech Utility] LOGI_MWX.EXE
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6960pti6.default\
    FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
    FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?AF=108976&tt=290312_bexdll&babsrc=HP_ss&mntrId=c8e127170000000000000018e7869351
    FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=108976&tt=290312_bexdll&babsrc=adbartrp&mntrId=c8e127170000000000000018e7869351&q=
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.http.max-connections-per-server - 8
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
    R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
    R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?]
    S1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
    S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
    S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
    S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
    S2 ANISERVICE;Airgo Networks NIC Service;C:\Windows\SysWOW64\aniServ.exe [2004-9-30 143360]
    S2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
    S2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
    S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-4-5 44768]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2011-12-30 68136]
    S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-11 654408]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
    S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-4-5 2143552]
    S2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\system32\viakaraokesrv.exe --> C:\Windows\system32\viakaraokesrv.exe [?]
    S2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\system32\DRIVERS\wcmvcam64.sys --> C:\Windows\system32\DRIVERS\wcmvcam64.sys [?]
    S2 WlanWpsSvc;WlanWpsSvc;C:\Program Files\Encore\ENUWI-N4 Wireless USB Adapter\WlanWpsSvc.exe [2012-1-3 167936]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-1 250056]
    S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
    S3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0);C:\Windows\system32\DRIVERS\CamDrL64.sys --> C:\Windows\system32\DRIVERS\CamDrL64.sys [?]
    S3 Envy24HFS;ICE Envy24 Family Audio Controller WDM 64 bit;C:\Windows\system32\drivers\Envy24HF.sys --> C:\Windows\system32\drivers\Envy24HF.sys [?]
    S3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?]
    S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-20 11856]
    S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2100-02-08 23:03:54 53248 ----a-w- C:\Program Files (x86)\ACMonitor_X73.exe
    2012-06-27 14:11:28 -------- d-----w- C:\Program Files (x86)\Auslogics
    2012-06-27 09:01:20 -------- d-----w- C:\Windows\pss
    2012-06-27 08:44:14 -------- d-----w- C:\Windows\W7SBC
    2012-06-27 08:44:13 2871808 ----a-w- C:\Windows\explorer_edit_w7sbc.exe
    2012-06-27 08:44:13 2871808 ----a-w- C:\Windows\explorer_backup_w7sbc.exe
    2012-06-27 08:44:13 2288128 ----a-w- C:\Windows\explorer.exe
    2012-06-27 00:47:03 -------- d-----w- C:\Program Files\CCleaner
    2012-06-26 09:47:03 -------- d-----w- C:\Users\Owner\AppData\Roaming\RotMG.Production
    2012-06-26 08:16:47 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{535AFD9E-D01A-48D4-BA5C-5C3567BD2630}\mpengine.dll
    2012-06-22 07:10:58 -------- d-----w- C:\Program Files\iPod
    2012-06-22 07:10:57 -------- d-----w- C:\Program Files\iTunes
    2012-06-22 07:10:57 -------- d-----w- C:\Program Files (x86)\iTunes
    2012-06-21 13:39:16 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2012-06-21 13:38:48 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2012-06-21 13:38:26 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2012-06-21 13:38:26 186752 ----a-w- C:\Windows\System32\wuwebv.dll
    2012-06-19 21:22:53 -------- d-----w- C:\Program Files (x86)\ASIO4ALL v2
    2012-06-18 23:24:45 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2012-06-18 23:24:45 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2012-06-18 23:24:45 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    2012-06-18 23:24:36 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2012-06-18 23:24:36 140288 ----a-w- C:\Windows\System32\cryptnet.dll
    2012-06-18 23:24:35 1462272 ----a-w- C:\Windows\System32\crypt32.dll
    2012-06-18 23:05:43 -------- d-----w- C:\Windows\SysWow64\XPSViewer
    2012-06-18 23:05:43 -------- d-----w- C:\Windows\SysWow64\es
    2012-06-18 23:05:43 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\es-ES
    2012-06-18 23:05:43 -------- d-----w- C:\Windows\SysWow64\drivers\es-ES
    2012-06-18 23:05:43 -------- d-----w- C:\Windows\SysWow64\0C0A
    2012-06-18 23:05:42 -------- d-----w- C:\Windows\SysWow64\wbem\es-ES
    2012-06-18 23:05:34 -------- d-----w- C:\Windows\System32\es
    2012-06-18 23:05:34 -------- d-----w- C:\Windows\System32\drivers\UMDF\es-ES
    2012-06-18 23:05:34 -------- d-----w- C:\Windows\System32\0C0A
    2012-06-18 23:05:33 -------- d-----w- C:\Windows\System32\drivers\es-ES
    2012-06-18 23:05:31 -------- d-----w- C:\Windows\System32\wbem\es-ES
    2012-06-18 23:05:17 -------- d-----w- C:\Windows\es-ES
    2012-06-18 22:39:03 6656 ----a-w- C:\Windows\System32\drivers\es-ES\rdvgkmd.sys.mui
    2012-06-18 22:39:03 3584 ----a-w- C:\Windows\System32\drivers\es-ES\portcls.sys.mui
    2012-06-18 22:39:03 2560 ----a-w- C:\Windows\System32\drivers\es-ES\rdpwd.sys.mui
    2012-06-18 22:38:59 8704 ----a-w- C:\Windows\System32\drivers\es-ES\tunnel.sys.mui
    2012-06-18 22:38:58 4608 ----a-w- C:\Windows\System32\drivers\es-ES\tsusbhub.sys.mui
    2012-06-18 22:38:58 3584 ----a-w- C:\Windows\System32\drivers\es-ES\tsusbflt.sys.mui
    2012-06-18 22:38:58 25600 ----a-w- C:\Windows\System32\drivers\es-ES\usbport.sys.mui
    2012-06-18 22:38:58 11776 ----a-w- C:\Windows\System32\drivers\es-ES\usbhub.sys.mui
    2012-06-18 22:38:44 3072 ----a-w- C:\Windows\System32\drivers\es-ES\Dot4usb.sys.mui
    2012-06-18 22:38:40 9728 ----a-w- C:\Windows\System32\drivers\es-ES\battc.sys.mui
    2012-06-18 22:36:57 72192 ----a-w- C:\Windows\System32\drivers\es-ES\ntfs.sys.mui
    2012-06-18 22:34:29 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-06-18 22:06:52 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-06-18 22:06:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-06-18 22:06:49 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-06-18 22:06:20 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-06-18 22:06:20 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
    2012-06-18 22:06:20 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
    2012-06-18 22:06:17 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
    2012-06-18 22:06:17 366592 ----a-w- C:\Windows\System32\qdvd.dll
    2012-06-18 22:06:05 3216384 ----a-w- C:\Windows\System32\msi.dll
    2012-06-18 22:06:04 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
    2012-06-18 22:06:02 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-06-18 22:06:02 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
    2012-06-18 22:05:28 209920 ----a-w- C:\Windows\System32\profsvc.dll
    2012-06-18 22:05:26 3146752 ----a-w- C:\Windows\System32\win32k.sys
    2012-05-29 00:29:14 -------- d-----w- C:\Users\Owner\AppData\Roaming\Unity
    2012-05-29 00:27:54 -------- d-----w- C:\Users\Owner\AppData\Local\Unity
    .
    ==================== Find3M ====================
    .
    2012-06-27 11:50:38 25640 ----a-w- C:\Windows\gdrv.sys
    2012-06-22 10:14:44 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-06-22 10:14:44 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
    2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-05-05 23:50:58 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-04-19 03:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
    2012-04-19 03:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
    2012-04-05 11:08:36 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
    2012-04-05 11:08:24 35648 ----a-w- C:\Windows\System32\uxtuneup.dll
    2012-04-05 11:08:24 28992 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
    2012-04-05 11:08:24 25920 ----a-w- C:\Windows\System32\authuitu.dll
    2012-04-05 11:08:24 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
    2012-04-04 22:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-01-12 15:01:46 691545 ----a-w- C:\Program Files (x86)\unins000.exe
    2001-05-08 23:36:42 114688 ----a-w- C:\Program Files (x86)\lxarscan.dll
    .
    ============= FINISH: 13:14:56.52 ===============
     
  2. Ssssyther

    Ssssyther Thread Starter

    Joined:
    Jul 6, 2008
    Messages:
    21
    bump for help!
     
  3. Ssssyther

    Ssssyther Thread Starter

    Joined:
    Jul 6, 2008
    Messages:
    21
    2nd bump
     
  4. Ssssyther

    Ssssyther Thread Starter

    Joined:
    Jul 6, 2008
    Messages:
    21
    Now my computer won't even boot up... Sigh...
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1058827