1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Not Sure If its A Virus

Discussion in 'Virus & Other Malware Removal' started by Kade2008, Jan 3, 2011.

Thread Status:
Not open for further replies.
  1. Kade2008

    Kade2008 Thread Starter

    Joined:
    Jan 30, 2009
    Messages:
    4
    Hi I dont know to much about all this so I appreciate it if I could get some help. I have run a spyware scan and can not get rid of a few items and is wondering if it could be something else. Im running Windows 7 Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz 2.00GHZ Installed memory 3.00GB System type 32-bit Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:01:14 PM, on 03/01/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\KeyScrambler\KeyScrambler.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Windows\system32\taskhost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\NOTEPAD.EXE C:\Users\Black Hat\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=; R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe /a O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 4229 bytes DDS (Ver_10-12-12.02) - NTFSx86 Run by Black Hat at 20:46:39.62 on 03/01/2011 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.2.1033.18.3062.1858 [GMT -6:00] AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\KeyScrambler\KeyScrambler.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\alg.exe C:\Windows\system32\WUDFHost.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Users\Black Hat\Downloads\HijackThis.exe C:\Windows\system32\NOTEPAD.EXE C:\Users\Black Hat\Downloads\wvi8bfju.exe c:\program files\windows defender\MpCmdRun.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Black Hat\Downloads\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uInternet Settings,ProxyServer = http=;ftp=;https=; BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui mRun: [KeyScrambler] c:\program files\keyscrambler\keyscrambler.exe /a mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - c:\program files\keyscrambler\KeyScramblerIE.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: igfxcui - igfxdev.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\blackh~1\appdata\roaming\mozilla\firefox\profiles\rg5vtzot.default\ FF - prefs.js: browser.startup.homepage - hxxp://speed.cd/browse.php FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\black hat\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\users\black hat\appdata\roaming\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\black hat\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} FF - Ext: Compact Menu 2: {57068FBE-1506-42ee-AB02-BD183E7999E4} - %profile%\extensions\{57068FBE-1506-42ee-AB02-BD183E7999E4} FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} FF - Ext: Element Hiding Helper for Adblock Plus: [email protected] - %profile%\extensions\[email protected] ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true ============= SERVICES / DRIVERS =============== R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-12-29 293968] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-12-29 17744] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-12-29 51280] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-1 40384] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-1-2 363344] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2010-12-31 114952] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-1-2 20952] R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-12-14 1343400] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] =============== Created Last 30 ================ 2011-01-03 19:38:42 -------- d-----w- c:\users\blackh~1\appdata\local\{5129F7EE-5550-4F21-A39B-E924F60EAF08} 2011-01-03 10:51:47 -------- d-----w- c:\users\blackh~1\appdata\roaming\FDRLab 2011-01-03 04:48:20 -------- d-----w- c:\program files\Disktrix 2011-01-03 02:28:10 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-01-03 01:12:07 -------- d-----w- c:\users\blackh~1\appdata\roaming\SUPERAntiSpyware.com 2011-01-03 01:12:07 -------- d-----w- c:\progra~2\SUPERAntiSpyware.com 2011-01-02 23:35:29 -------- d-----w- c:\users\blackh~1\appdata\local\{0755A06C-481A-47FB-8998-59E8904FEECA} 2011-01-02 12:59:52 -------- d-----w- c:\users\blackh~1\appdata\roaming\Malwarebytes 2011-01-02 12:59:31 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-02 12:59:30 -------- d-----w- c:\progra~2\Malwarebytes 2011-01-02 12:59:27 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-02 12:59:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-02 05:03:47 -------- d-----w- c:\users\blackh~1\appdata\roaming\OpenCandy 2011-01-01 19:15:28 -------- d-----w- c:\users\blackh~1\appdata\local\{AD86696C-F39A-456B-B61C-CFF0F8FC8EDD} 2011-01-01 18:30:06 -------- d-----w- c:\users\blackh~1\appdata\local\{49EBE376-E866-4E9C-B4C6-B50CF6D1CD61} 2011-01-01 07:42:57 -------- d-----w- c:\users\blackh~1\appdata\local\Diagnostics 2010-12-31 20:03:50 -------- d-----w- c:\program files\Vistumbler 2010-12-31 18:26:43 -------- d-----w- c:\users\blackh~1\appdata\local\MetaGeek,_LLC 2010-12-31 17:44:17 -------- d-----w- c:\program files\Driver Checker 2010-12-31 15:47:34 -------- d-----w- c:\users\blackh~1\appdata\local\{F53AB1BF-182E-453E-A22A-47ACF899EA8C} 2010-12-31 15:47:34 -------- d-----w- c:\users\blackh~1\appdata\local\{1104AC8E-D9FE-429A-91DB-D1E9834CBAD3} 2010-12-31 14:22:48 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{d6197b04-70c9-42ed-97c9-1f036acea005}\mpengine.dll 2010-12-31 09:20:06 114952 ----a-w- c:\windows\system32\drivers\keyscrambler.sys 2010-12-31 09:20:06 -------- d-----w- c:\program files\KeyScrambler 2010-12-31 07:26:25 -------- d-----w- c:\users\blackh~1\appdata\roaming\SuperHideIP 2010-12-31 07:26:25 -------- d-----w- c:\progra~2\SuperHideIP 2010-12-31 07:25:00 -------- d-----w- c:\program files\SuperHideIP 2010-12-31 02:34:40 -------- d-----w- c:\program files\PeerBlock 2010-12-30 23:28:43 -------- d-----w- c:\users\blackh~1\appdata\local\{A8F6F939-E11A-47B7-BB6A-7BC3F3B1ABB2} 2010-12-30 19:49:47 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll 2010-12-30 11:52:02 -------- d-----w- c:\users\blackh~1\appdata\roaming\Thinstall 2010-12-30 11:52:02 -------- d-----w- c:\users\blackh~1\appdata\local\Thinstall 2010-12-30 11:49:37 -------- d-----w- c:\users\blackh~1\appdata\roaming\RealHideIP 2010-12-30 11:49:37 -------- d-----w- c:\progra~2\RealHideIP 2010-12-30 11:27:04 -------- d-----w- c:\users\blackh~1\appdata\local\{58FF0EE6-010B-413E-BAE3-E5E0EF1A4582} 2010-12-29 18:55:21 -------- d-----w- c:\program files\CCleaner 2010-12-29 10:21:29 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2010-12-29 10:21:18 38848 ----a-w- c:\windows\avastSS.scr 2010-12-29 10:21:16 -------- d-----w- c:\progra~2\Alwil Software 2010-12-29 07:57:48 -------- d-----w- c:\users\blackh~1\appdata\local\Microsoft Help 2010-12-29 04:40:53 -------- d-----w- c:\users\blackh~1\appdata\local\{8B530531-D9F4-45F9-B610-83340A169757} 2010-12-29 01:12:43 -------- d-----w- c:\users\blackh~1\appdata\local\Google 2010-12-28 21:33:46 -------- d-----w- c:\users\blackh~1\appdata\local\PokerStars 2010-12-28 21:33:34 -------- d-----w- c:\program files\PokerStars 2010-12-28 21:14:33 -------- d-----w- c:\users\blackh~1\appdata\roaming\Foxit Software 2010-12-28 21:04:40 -------- d-----w- c:\windows\system32\appmgmt 2010-12-28 21:01:44 -------- d-----w- c:\program files\Foxit Software 2010-12-28 20:11:55 -------- d-----w- c:\windows\pss 2010-12-28 20:04:05 -------- d-----w- c:\users\blackh~1\appdata\local\Yahoo 2010-12-28 19:32:49 -------- d-----w- c:\program files\Yahoo! 2010-12-28 18:48:53 -------- d-----w- c:\users\blackh~1\appdata\local\Microsoft Games 2010-12-28 12:06:44 -------- d-----w- c:\users\blackh~1\appdata\local\{402B652B-7819-40D8-954B-2F424ACE5BD5} 2010-12-28 12:06:31 -------- d-----w- c:\users\black hat\Tracing 2010-12-28 12:02:07 -------- d-----w- c:\windows\en 2010-12-28 11:58:42 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-12-28 11:57:16 -------- d-----w- c:\windows\PCHEALTH 2010-12-28 11:55:01 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2010-12-28 11:55:01 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2010-12-28 11:55:01 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2010-12-28 11:54:37 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2010-12-28 11:53:59 -------- d-----w- c:\windows\Panther 2010-12-28 11:53:34 2983424 ----a-w- c:\windows\system32\UIRibbon.dll 2010-12-28 11:53:34 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2010-12-28 11:52:46 15712 ----a-w- c:\program files\common files\windows live\.cache\bd46c9671cba68509\MeshBetaRemover.exe 2010-12-28 11:52:36 196608 ----a-w- c:\windows\system32\mfreadwrite.dll 2010-12-28 11:52:35 3181568 ----a-w- c:\windows\system32\mf.dll 2010-12-28 11:52:34 94040 ----a-w- c:\program files\common files\windows live\.cache\b611fef21cba68508\DSETUP.dll 2010-12-28 11:52:34 525656 ----a-w- c:\program files\common files\windows live\.cache\b611fef21cba68508\DXSETUP.exe 2010-12-28 11:52:34 1691480 ----a-w- c:\program files\common files\windows live\.cache\b611fef21cba68508\dsetup32.dll 2010-12-28 11:52:34 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL 2010-12-28 11:52:29 94040 ----a-w- c:\program files\common files\windows live\.cache\b1e535171cba68507\DSETUP.dll 2010-12-28 11:52:29 525656 ----a-w- c:\program files\common files\windows live\.cache\b1e535171cba68507\DXSETUP.exe 2010-12-28 11:52:29 1691480 ----a-w- c:\program files\common files\windows live\.cache\b1e535171cba68507\dsetup32.dll 2010-12-28 11:50:50 -------- d-----w- c:\users\blackh~1\appdata\local\Windows Live 2010-12-28 11:50:48 -------- d-----w- c:\program files\common files\Windows Live 2010-12-28 11:35:34 -------- d-----w- c:\program files\uTorrent 2010-12-28 11:33:58 -------- d-----w- c:\users\blackh~1\appdata\roaming\uTorrent 2010-12-28 11:20:15 -------- d-----w- c:\users\blackh~1\appdata\roaming\AVG10 2010-12-28 11:18:50 -------- d--h--w- c:\progra~2\Common Files 2010-12-28 11:17:31 -------- d-----w- c:\progra~2\AVG10 2010-12-28 11:10:43 -------- d-----w- c:\progra~2\MFAData 2010-12-28 10:54:28 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-12-28 10:31:30 398336 ----a-w- c:\windows\system32\TVWizudlg.exe 2010-12-28 10:31:30 140288 ----a-w- c:\windows\system32\igfxtvcx.dll 2010-12-28 10:31:29 -------- d-----w- c:\windows\system32\Lang 2010-12-28 10:28:40 -------- d-----w- c:\windows\system32\x64 2010-12-28 10:28:39 1002008 ----a-w- c:\windows\system32\igxpun.exe 2010-12-28 10:26:28 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-12-28 09:18:04 -------- d-----w- c:\windows\system32\URTTEMP 2010-12-28 09:17:53 -------- d-sh--w- c:\windows\Installer 2010-12-28 09:16:51 -------- d-----w- c:\windows\system32\wbem\Performance 2010-12-15 03:18:54 7680 ----a-w- c:\program files\internet explorer\iecompat.dll 2010-12-15 03:18:40 2048 ----a-w- c:\windows\system32\tzres.dll 2010-12-15 03:18:26 101760 ----a-w- c:\windows\system32\consent.exe 2010-12-15 03:18:12 2327552 ----a-w- c:\windows\system32\win32k.sys 2010-12-15 03:18:00 516096 ----a-w- c:\program files\windows mail\wab.exe 2010-12-15 03:16:43 954752 ----a-w- c:\windows\system32\mfc40.dll 2010-12-15 03:16:43 954288 ----a-w- c:\windows\system32\mfc40u.dll 2010-12-15 03:16:30 314368 ----a-w- c:\windows\system32\webio.dll 2010-12-15 03:16:17 164864 ----a-w- c:\program files\windows media player\wmplayer.exe 2010-12-15 03:16:17 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2010-12-15 03:16:01 316928 ----a-w- c:\windows\system32\spoolsv.exe 2010-12-15 03:14:34 641536 ----a-w- c:\windows\system32\CPFilters.dll 2010-12-15 03:14:34 465408 ----a-w- c:\windows\system32\psisdecd.dll 2010-12-15 03:14:34 417792 ----a-w- c:\windows\system32\msdri.dll 2010-12-15 03:14:34 204288 ----a-w- c:\windows\system32\MSNP.ax 2010-12-15 03:14:34 199680 ----a-w- c:\windows\system32\mpg2splt.ax 2010-12-15 03:14:16 738816 ----a-w- c:\windows\system32\wmpmde.dll 2010-12-15 03:14:04 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2010-12-15 03:13:51 224256 ----a-w- c:\windows\system32\schannel.dll 2010-12-15 03:13:39 1233920 ----a-w- c:\windows\system32\msxml3.dll 2010-12-15 03:13:07 37376 ----a-w- c:\windows\system32\rtutils.dll 2010-12-15 03:12:55 82944 ----a-w- c:\windows\system32\iccvid.dll 2010-12-15 03:12:55 197632 ----a-w- c:\windows\system32\ir32_32.dll 2010-12-15 03:12:20 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-12-15 03:12:20 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-12-15 03:12:20 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-12-15 03:12:20 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-12-15 03:12:20 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-12-15 03:11:55 109056 ----a-w- c:\windows\system32\t2embed.dll 2010-12-15 03:11:43 571904 ----a-w- c:\windows\system32\oleaut32.dll 2010-12-15 03:11:31 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-12-15 03:11:31 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-12-15 03:11:18 427520 ----a-w- c:\windows\system32\vbscript.dll 2010-12-15 03:11:06 1286456 ----a-w- c:\windows\system32\ntdll.dll 2010-12-15 03:10:49 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2010-12-15 03:10:49 1037312 ----a-w- c:\windows\system32\lsasrv.dll 2010-12-15 03:10:34 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2010-12-15 03:10:34 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2010-12-15 03:10:34 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-12-15 03:09:57 363520 ----a-w- c:\windows\system32\StructuredQuery.dll 2010-12-15 03:09:44 4247040 ----a-w- c:\program files\windows nt\accessories\wordpad.exe 2010-12-15 03:09:44 1413632 ----a-w- c:\windows\system32\ole32.dll 2010-12-15 03:09:30 190976 ----a-w- c:\windows\system32\drivers\ks.sys 2010-12-15 03:09:30 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys 2010-12-15 03:09:18 67584 ----a-w- c:\windows\system32\asycfilt.dll 2010-12-15 03:09:06 132608 ----a-w- c:\windows\system32\cabview.dll 2010-12-15 03:08:52 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-12-15 03:08:52 85504 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-12-15 03:08:52 369152 ----a-w- c:\windows\system32\secproc.dll 2010-12-15 03:08:52 320512 ----a-w- c:\windows\system32\RMActivate.exe 2010-12-15 03:08:52 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-12-15 03:08:52 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-12-15 03:08:51 365568 ----a-w- c:\windows\system32\secproc_isv.dll 2010-12-15 03:08:51 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-12-15 03:08:38 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys 2010-12-15 03:08:26 172032 ----a-w- c:\windows\system32\wintrust.dll 2010-12-15 03:08:12 740864 ----a-w- c:\windows\system32\inetcomm.dll 2010-12-15 03:08:12 1619968 ----a-w- c:\program files\windows mail\msoe.dll 2010-12-15 03:06:50 194488 ----a-w- c:\windows\system32\drivers\fvevol.sys 2010-12-15 03:06:38 257024 ----a-w- c:\windows\system32\msv1_0.dll 2010-12-15 03:06:26 34816 ----a-w- c:\windows\system32\msasn1.dll 2010-12-15 03:06:05 507568 ----a-w- c:\windows\system32\winload.exe 2010-12-15 03:06:05 442920 ----a-w- c:\windows\system32\winresume.exe 2010-12-15 03:06:04 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2010-12-15 03:06:04 1320960 ----a-w- c:\windows\system32\CertEnroll.dll 2010-12-15 03:05:28 70656 ----a-w- c:\windows\system32\fontsub.dll 2010-12-15 03:05:15 -------- d-----w- c:\windows\system32\Wat ==================== Find3M ==================== 2010-12-15 03:17:22 44544 ----a-w- c:\windows\system32\licmgr10.dll 2010-12-15 03:17:22 386048 ----a-w- c:\windows\system32\html.iec 2010-12-15 03:17:22 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-12-15 03:17:21 978944 ----a-w- c:\windows\system32\wininet.dll 2010-12-15 03:15:48 168448 ----a-w- c:\windows\system32\srvsvc.dll 2010-12-15 03:15:35 749056 ----a-w- c:\windows\system32\schedsvc.dll 2010-12-15 03:15:35 496128 ----a-w- c:\windows\system32\taskschd.dll 2010-12-15 03:15:35 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-12-15 03:15:35 305152 ----a-w- c:\windows\system32\taskcomp.dll 2010-12-15 03:15:35 192000 ----a-w- c:\windows\system32\taskeng.exe 2010-12-15 03:15:35 179712 ----a-w- c:\windows\system32\schtasks.exe 2010-12-15 03:15:20 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-12-15 03:15:20 294400 ----a-w- c:\windows\system32\atmfd.dll 2010-12-15 03:15:08 530432 ----a-w- c:\windows\system32\comctl32.dll 2010-12-15 03:07:57 292864 ----a-w- c:\windows\system32\apphelp.dll 2010-12-15 03:07:44 285696 ----a-w- c:\windows\system32\winlogon.exe 2010-12-15 03:07:44 2614272 ----a-w- c:\windows\explorer.exe 2010-12-15 03:07:03 84480 ----a-w- c:\windows\system32\mciavi32.dll 2010-12-15 03:07:03 50176 ----a-w- c:\windows\system32\iyuv_32.dll 2010-12-15 03:07:03 22016 ----a-w- c:\windows\system32\msyuv.dll 2010-12-15 03:07:03 1328640 ----a-w- c:\windows\system32\quartz.dll 2010-12-15 03:07:03 12288 ----a-w- c:\windows\system32\tsbyuv.dll 2010-12-15 03:07:02 91648 ----a-w- c:\windows\system32\avifil32.dll 2010-12-15 03:07:02 31744 ----a-w- c:\windows\system32\msvidc32.dll 2010-12-15 03:07:02 13312 ----a-w- c:\windows\system32\msrle32.dll 2010-11-23 17:02:48 113184 ----a-w- c:\windows\system32\KeyScramblerLogon.dll 2010-11-10 07:54:18 49016 ----a-w- c:\windows\system32\sirenacm.dll 2010-11-10 07:28:46 301936 ----a-w- c:\windows\WLXPGSS.SCR 2010-11-05 17:15:40 94024 ----a-w- c:\windows\system32\UDBDef.exe ============= FINISH: 20:47:03.73 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 28/12/2010 4:26:45 AM System Uptime: 03/01/2011 6:05:12 PM (2 hours ago) Motherboard: Acer | | Poyang Processor: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz | uPGA-478 | 2000/166mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 233 GiB total, 220.145 GiB free. D: is CDROM () F: is Removable ==== Disabled Device Manager Items ============= Class GUID: Description: Base System Device Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_011E1025&REV_12\4&2E7F5171&0&02F0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_011E1025&REV_12\4&2E7F5171&0&02F0 Service: Class GUID: Description: Device ID: ACPI\ENE0100\3&33FD14CA&0 Manufacturer: Name: PNP Device ID: ACPI\ENE0100\3&33FD14CA&0 Service: Class GUID: Description: Base System Device Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_011E1025&REV_12\4&2E7F5171&0&03F0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_011E1025&REV_12\4&2E7F5171&0&03F0 Service: ==== System Restore Points =================== No restore point in system. ==== Installed Programs ====================== Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Shockwave Player 11.5 µTorrent avast! Free Antivirus CCleaner D3DX10 Disktrix UltimateDefrag Foxit Reader Google Talk Plugin Intel(R) Graphics Media Accelerator Driver Intel(R) TV Wizard Java(TM) 6 Update 21 KeyScrambler Malwarebytes' Anti-Malware Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox (3.6.13) MSVCRT PeerBlock 1.1 (r518) PokerStars Super Hide IP SUPERAntiSpyware Vistumbler Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver Yahoo! Messenger Yahoo! Software Update ==== Event Viewer Messages From Past Week ======== 29/12/2010 3:52:26 AM, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 28/12/2010 6:20:13 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 03/01/2011 8:39:21 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly. 03/01/2011 3:59:09 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error. 03/01/2011 3:01:54 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3. 03/01/2011 1:23:55 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 02/01/2011 8:00:48 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{3C8FC6E7-BD90-44DF-81D9-CEBB4F57BC6A} because another computer on the network has the same name. The server could not start. 02/01/2011 8:00:48 AM, Error: NetBT [4321] - The name "BLACKHAT-PC :20" could not be registered on the interface with IP address 172.18.225.10. The computer with the IP address 169.254.46.146 did not allow the name to be claimed by this computer. 02/01/2011 8:00:48 AM, Error: NetBT [4321] - The name "BLACKHAT-PC :0" could not be registered on the interface with IP address 172.18.225.10. The computer with the IP address 169.254.46.146 did not allow the name to be claimed by this computer. 02/01/2011 7:42:43 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2. 02/01/2011 1:01:36 AM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack. 01/01/2011 9:20:35 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147014847 ==== End Of File ===========================
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/972528

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice