Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Random blank pages after google searches.

Started by JustUniqu3 , Jun 23 2010 05:05 AM

  • This topic is locked This topic is locked

#31
JustUniqu3
Posted 27 June 2010 - 12:18 PM

JustUniqu3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
What will this program do? Is this (possibly) going to deliberately make me open to such popup attacks?
  • 0

Advertisements

#32
kahdah
Posted 27 June 2010 - 12:20 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Makes a backup of the spybot hosts file then replaces it with the original default hosts entries.
The spybot hosts file has never prevented malware that I know of.

Edited by kahdah, 27 June 2010 - 12:21 PM.

  • 0

#33
JustUniqu3
Posted 27 June 2010 - 12:24 PM

JustUniqu3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
While browsing through one of your links you gave me earlier I came accross some team dedicated to preventing malware through building up a hosts file with blocks in it, is it worth me applying that aswell after some general usage tests?
  • 0

#34
kahdah
Posted 28 June 2010 - 04:56 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
You can use it if you want that is fine.
In my experience using a hosts file to block sites is ok but really not that effective.
  • 0

#35
JustUniqu3
Posted 28 June 2010 - 05:25 AM

JustUniqu3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Hmm, the adverts are connecting this time and loading fine, I have only had two of them pop up, and they both advertise a free iPod.

Beginning to annoy me now, though they seem to be less frequent since I carried out what you said.
  • 0

#36
kahdah
Posted 28 June 2010 - 05:57 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Are you connected to a router?

Please download DDS and save it to your desktop.
  • Double click dds.scr to run the tool.
  • When done, DDS.txt will open as well as attach.txt.
  • Save both reports to your desktop.
---------------------------------------------------

Please include the contents of the following in your next reply:

DDS.txt
attach.txt
  • 0

#37
JustUniqu3
Posted 28 June 2010 - 11:41 AM

JustUniqu3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Yes, I am.

This DDS, is it supposed to do anything other than sit their at the information screen? It has no indication as to if it is actually doing anything, and my AV picks this up as a virus.
  • 0

#38
JustUniqu3
Posted 28 June 2010 - 11:50 AM

JustUniqu3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
DDS (Ver_10-03-17.01) - NTFSx86
Run by Dale at 18:47:04.03 on 28/06/2010
Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2045.1001 [GMT 1:00]

SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint II\SetpointII.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\notepad.exe
svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Users\Dale\Desktop\New Folder\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uInternet Settings,ProxyOverride = local
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\setpoi~1.lnk - c:\program files\logitech\setpoint ii\SetpointII.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: Download &All by FD - file://c:\program files\freshdevices\freshdownload\fdiectx2.htm
IE: Download with &FD - file://c:\program files\freshdevices\freshdownload\fdiectx.htm
IE: Sothink SWF Catcher - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: {15697B7E-3594-4C7B-90E5-52FA0174C3BB} - c:\program files\freshdevices\freshdownload\fd.exe
IE: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - hxxp://launch.gamespyarcade.com/software/launch/alaunch.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {B8A48F42-30E1-48f8-AE87-7BD7C75DB8AA} - hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_test.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {7A64FDB6-90DA-4704-9669-117D1F15F651} = 156.154.70.22,156.154.71.22
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: c:\windows\system32\guard32.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\dale\appdata\roaming\mozilla\firefox\profiles\x8r7xqby.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - plugin: c:\program files\ahnlab\asp\mykeydefense 2.5\npmkd25aos.dll
FF - plugin: c:\program files\byond\bin\npbyond.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr
ef", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 CLFS;Common Log (CLFS);c:\windows\system32\clfs.sys [2009-10-26 245736]
R0 Ecache;ReadyBoost Caching Driver;c:\windows\system32\drivers\ecache.sys [2009-10-26 141288]
R0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2009-6-29 58936]
R0 msisadrv;ISA/EISA Class Driver;c:\windows\system32\drivers\msisadrv.sys [2009-6-29 16440]
R0 spldr;Security Processor Loader Driver;c:\windows\system32\drivers\spldr.sys [2009-6-29 21048]
R0 volmgr;Volume Manager Driver;c:\windows\system32\drivers\volmgr.sys [2009-6-29 52792]
R0 volmgrx;Dynamic Volume Manager;c:\windows\system32\drivers\volmgrx.sys [2009-10-26 292840]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2010-6-1 16744]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-6-4 224240]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-6-1 30112]
R1 DfsC;DFS Namespace Client Driver;c:\windows\system32\drivers\dfsc.sys [2009-10-26 75264]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-7-8 214664]
R1 nsiproxy;NSI proxy service;c:\windows\system32\drivers\nsiproxy.sys [2009-6-29 16384]
R1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\RDPENCDD.sys [2009-6-29 6144]
R1 Smb;Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session);c:\windows\system32\drivers\smb.sys [2009-10-26 66560]
R1 tdx;NetIO Legacy TDI Support Driver;c:\windows\system32\drivers\tdx.sys [2009-10-26 72192]
R1 Wanarpv6;Remote Access IPv6 ARP Driver;c:\windows\system32\drivers\wanarp.sys [2009-6-29 62464]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-14 172032]
R2 AudioEndpointBuilder;Windows Audio Endpoint Builder;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-6-29 21504]
R2 BFE;Base Filtering Engine;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [2009-6-29 21504]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2010-6-1 1778480]
R2 DPS;Diagnostic Policy Service;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [2009-6-29 21504]
R2 EMDMgmt;ReadyBoost;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-6-29 21504]
R2 FDResPub;Function Discovery Resource Publication;c:\windows\system32\svchost.exe -k LocalService [2009-6-29 21504]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-10-15 233472]
R2 gpsvc;Group Policy Client;c:\windows\system32\svchost.exe -k GPSvcGroup [2009-6-29 21504]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2010-3-30 1107336]
R2 KtmRm;KtmRm for Distributed Transaction Coordinator;c:\windows\system32\svchost.exe -k NetworkService [2009-6-29 21504]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\drivers\lltdio.sys [2009-6-29 47104]
R2 luafv;UAC File Virtualization;c:\windows\system32\drivers\luafv.sys [2009-6-29 84480]
R2 lxbf_device;lxbf_device;c:\windows\system32\lxbfcoms.exe -service --> c:\windows\system32\lxbfcoms.exe -service [?]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-3-25 304464]
R2 MMCSS;Multimedia Class Scheduler;c:\windows\system32\svchost.exe -k netsvcs [2009-6-29 21504]
R2 MpsSvc;Windows Firewall;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [2009-6-29 21504]
R2 netprofm;Network List Service;c:\windows\system32\svchost.exe -k LocalService [2009-6-29 21504]
R2 NlaSvc;Network Location Awareness;c:\windows\system32\svchost.exe -k NetworkService [2009-6-29 21504]
R2 nsi;Network Store Interface Service;c:\windows\system32\svchost.exe -k LocalService [2009-6-29 21504]
R2 PEAUTH;PEAUTH;c:\windows\system32\drivers\PEAuth.sys [2006-11-2 878080]
R2 ProfSvc;User Profile Service;c:\windows\system32\svchost.exe -k netsvcs [2009-6-29 21504]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-6-25 1153368]
R2 slsvc;Software Licensing;c:\windows\system32\SLsvc.exe [2009-10-26 3408896]
R2 SysMain;Superfetch;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-6-29 21504]
R2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2010-2-10 30720]
R2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2009-12-17 185640]
R2 UxSms;Desktop Window Manager Session Manager;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-6-29 21504]
R2 WinDefend;Windows Defender;c:\windows\system32\svchost.exe -k secsvcs [2009-6-29 21504]
R2 WPDBusEnum;Portable Device Enumerator Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-6-29 21504]
R3 bowser;Bowser;c:\windows\system32\drivers\bowser.sys [2009-6-29 69632]
R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-6-29 21504]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2009-10-15 36608]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-3-25 20952]
R3 mpsdrv;Windows Firewall Authorization Driver;c:\windows\system32\drivers\mpsdrv.sys [2009-6-29 64000]
R3 mrxsmb10;SMB 1.x MiniRedirector;c:\windows\system32\drivers\mrxsmb10.sys [2010-4-15 212992]
R3 mrxsmb20;SMB 2.0 MiniRedirector;c:\windows\system32\drivers\mrxsmb20.sys [2010-4-15 79360]
R3 srv2;srv2;c:\windows\system32\drivers\srv2.sys [2009-10-14 144896]
R3 srvnet;srvnet;c:\windows\system32\drivers\srvnet.sys [2010-2-10 98816]
R3 WdiSystemHost;Diagnostic System Host;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-6-29 21504]
S2 gupdate1ca17bf68127180;Google Update Service (gupdate1ca17bf68127180);c:\program files\google\update\GoogleUpdate.exe [2009-8-8 133104]
S2 TBS;TPM Base Services;c:\windows\system32\svchost.exe -k LocalService [2009-6-29 21504]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 Appinfo;Application Information;c:\windows\system32\svchost.exe -k netsvcs [2009-6-29 21504]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\drivers\BrFiltLo.sys [2006-11-2 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\drivers\BrFiltUp.sys [2006-11-2 5248]
S3 CertPropSvc;Certificate Propagation;c:\windows\system32\svchost.exe -k netsvcs [2009-6-29 21504]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\system32\drivers\dxgkrnl.sys [2009-10-31 634880]
S3 E1G60;Intel® PRO/1000 NDIS 6 Adapter Driver;c:\windows\system32\drivers\E1G60I32.sys [2006-11-2 117760]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [2010-3-29 31616]
S3 fdPHost;Function Discovery Provider Host;c:\windows\system32\svchost.exe -k LocalService [2009-6-29 21504]
S3 Filetrace;FileTrace;c:\windows\system32\drivers\filetrace.sys [2009-6-29 27648]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-11-4 13224]
S3 IPBusEnum;PnP-X IP Bus Enumerator;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-6-29 21504]
S3 iScsiPrt;iScsiPort Driver;c:\windows\system32\drivers\msiscsi.sys [2009-10-26 180712]
S3 KeyIso;CNG Key Isolation;c:\windows\system32\lsass.exe [2009-9-4 9728]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-7-14 19720]
S3 lltdsvc;Link-Layer Topology Discovery Mapper;c:\windows\system32\svchost.exe -k LocalService [2009-6-29 21504]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-8-28 79816]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-8-28 35272]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-8-28 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-8-28 40552]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [2009-8-28 131072]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2009-8-28 79104]
S3 monitor;Microsoft Monitor Class Function Driver Service;c:\windows\system32\drivers\monitor.sys [2009-6-29 41984]
S3 MSiSCSI;Microsoft iSCSI Initiator Service;c:\windows\system32\svchost.exe -k netsvcs [2009-6-29 21504]
S3 MsRPC;MsRPC;c:\windows\system32\drivers\msrpc.sys [2009-10-26 161752]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\drivers\nwifi.sys [2009-10-26 148480]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-1-25 42000]
S3 pla;Performance Logs & Alerts;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [2009-6-29 21504]
S3 PNRPAutoReg;PNRP Machine Name Publication Service;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted [2009-6-29 21504]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-8-10 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-8-10 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-8-10 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-8-10 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-8-10 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-8-10 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-8-10 115752]
S3 SCPolicySvc;Smart Card Removal Policy;c:\windows\system32\svchost.exe -k netsvcs [2009-6-29 21504]
S3 SDRSVC;Windows Backup;c:\windows\system32\svchost.exe -k SDRSVC [2009-6-29 21504]
S3 SessionEnv;Terminal Services Configuration;c:\windows\system32\svchost.exe -k netsvcs [2009-6-29 21504]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\system32\drivers\sffp_mmc.sys [2006-11-2 12800]
S3 SLUINotify;SL UI Notification Service;c:\windows\system32\svchost.exe -k LocalService [2009-6-29 21504]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2009-10-15 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2009-10-15 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2009-10-15 121856]
S3 THREADORDER;Thread Ordering Server;c:\windows\system32\svchost.exe -k LocalService [2009-6-29 21504]
S3 TrustedInstaller;Windows Modules Installer;c:\windows\servicing\TrustedInstaller.exe [2009-10-26 39424]
S3 tssecsrv;Terminal Services Security Filter Driver;c:\windows\system32\drivers\tssecsrv.sys [2009-6-29 23552]
S3 tunnel;Microsoft IPv6 Tunnel Miniport Adapter Driver;c:\windows\system32\drivers\tunnel.sys [2010-4-15 25088]
S3 UI0Detect;Interactive Services Detection;c:\windows\system32\UI0Detect.exe [2009-6-29 35840]
S3 uliagpkx;Uli AGP Bus Filter;c:\windows\system32\drivers\ULIAGPKX.SYS [2006-11-2 58472]
S3 umbus;UMBus Enumerator Driver;c:\windows\system32\drivers\umbus.sys [2009-6-29 34816]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2009-11-10 95568]
S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [2009-11-10 32016]
S3 wcncsvc;Windows Connect Now - Config Registrar;c:\windows\system32\svchost.exe -k LocalService [2009-6-29 21504]
S3 WcsPlugInService;Windows Color System;c:\windows\system32\svchost.exe -k wcssvc [2009-6-29 21504]
S3 WdiServiceHost;Diagnostic Service Host;c:\windows\system32\svchost.exe -k wdisvc [2009-6-29 21504]
S3 Wecsvc;Windows Event Collector;c:\windows\system32\svchost.exe -k NetworkService [2009-6-29 21504]
S3 wercplsupport;Problem Reports and Solutions Control Panel Support;c:\windows\system32\svchost.exe -k netsvcs [2009-6-29 21504]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k NetworkService [2009-6-29 21504]
S3 Wlansvc;WLAN AutoConfig;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-6-29 21504]
S3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted [2009-6-29 21504]
S4 adp94xx;adp94xx;c:\windows\system32\drivers\adp94xx.sys [2006-11-2 420968]
S4 adpahci;adpahci;c:\windows\system32\drivers\adpahci.sys [2006-11-2 297576]
S4 arcsas;arcsas;c:\windows\system32\drivers\arcsas.sys [2006-11-2 67688]
S4 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\system32\drivers\BrSerId.sys [2006-11-2 71808]
S4 BrSerWdm;Brother WDM Serial driver;c:\windows\system32\drivers\BrSerWdm.sys [2006-11-2 62336]
S4 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\system32\drivers\BrUsbMdm.sys [2006-11-2 12160]
S4 circlass;Consumer IR Devices;c:\windows\system32\drivers\circlass.sys [2006-11-2 35328]
S4 Crusoe;Transmeta Crusoe Processor Driver;c:\windows\system32\drivers\crusoe.sys [2006-11-2 38912]
S4 elxstor;elxstor;c:\windows\system32\drivers\elxstor.sys [2006-11-2 316520]
S4 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\firebird\firebird_2_1\bin\fbguard.exe -s defaultinstance --> c:\program files\firebird\firebird_2_1\bin\fbguard.exe -s DefaultInstance [?]
S4 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\firebird\firebird_2_1\bin\fbserver.exe -s defaultinstance --> c:\program files\firebird\firebird_2_1\bin\fbserver.exe -s DefaultInstance [?]
S4 HpCISSs;HpCISSs;c:\windows\system32\drivers\HpCISSs.sys [2006-11-2 37480]
S4 iaStorV;Intel RAID Controller Vista;c:\windows\system32\drivers\iaStorV.sys [2006-11-2 232040]
S4 IKEEXT;IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe -k netsvcs [2009-6-29 21504]
S4 iphlpsvc;IP Helper;c:\windows\system32\svchost.exe -k NetSvcs [2009-6-29 21504]
S4 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [2006-11-2 65536]
S4 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [2006-11-2 35944]
S4 LSI_FC;LSI_FC;c:\windows\system32\drivers\lsi_fc.sys [2006-11-2 65640]
S4 LSI_SAS;LSI_SAS;c:\windows\system32\drivers\lsi_sas.sys [2006-11-2 65640]
S4 LSI_SCSI;LSI_SCSI;c:\windows\system32\drivers\lsi_scsi.sys [2006-11-2 65640]
S4 Mcx2Svc;Windows Media Center Extender Service;c:\windows\system32\svchost.exe -k LocalService [2009-6-29 21504]
S4 megasas;megasas;c:\windows\system32\drivers\megasas.sys [2006-11-2 28776]
S4 mpio;Microsoft Multi-Path Bus Driver;c:\windows\system32\drivers\mpio.sys [2006-11-2 78952]
S4 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2006-11-2 23144]
S4 msdsm;Microsoft Multi-Path Device Specific Module;c:\windows\system32\drivers\msdsm.sys [2006-11-2 80488]
S4 nfrd960;nfrd960;c:\windows\system32\drivers\nfrd960.sys [2006-11-2 45160]
S4 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S4 ntrigdigi;N-trig HID Tablet Driver;c:\windows\system32\drivers\ntrigdigi.sys [2006-11-2 20608]
S4 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [2006-11-2 40040]
S4 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-6-29 21504]
S4 ql2300;QLogic Fibre Channel Miniport Driver;c:\windows\system32\drivers\ql2300.sys [2006-11-2 900712]
S4 ql40xx;QLogic iSCSI Miniport Driver;c:\windows\system32\drivers\ql40xx.sys [2006-11-2 106088]
S4 SiSRaid4;SiSRaid4;c:\windows\system32\drivers\sisraid4.sys [2006-11-2 71784]
S4 TabletInputService;Tablet PC Input Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-6-29 21504]
S4 uliahci;uliahci;c:\windows\system32\drivers\uliahci.sys [2006-11-2 235112]
S4 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [2006-11-2 115816]
S4 usbcir;eHome Infrared Receiver (USBCIR);c:\windows\system32\drivers\usbcir.sys [2006-11-2 68608]
S4 ViaC7;VIA C7 Processor Driver;c:\windows\system32\drivers\viac7.sys [2006-11-2 39424]
S4 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~1\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~1\VideoAcceleratorService.exe -start -scm [?]
S4 vsmraid;vsmraid;c:\windows\system32\drivers\vsmraid.sys [2006-11-2 112232]
S4 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [2006-11-2 20608]
S4 Wd;Microsoft Watchdog Timer Driver;c:\windows\system32\drivers\wd.sys [2006-11-2 19560]
S4 WerSvc;Windows Error Reporting Service;c:\windows\system32\svchost.exe -k WerSvcGroup [2009-6-29 21504]

=============== Created Last 30 ================

2010-06-27 13:24:52 0 d--h--w- C:\VritualRoot
2010-06-27 09:36:23 0 d-----w- c:\programdata\COMODO
2010-06-27 09:36:00 681728 ----a-w- c:\windows\system32\drivers\sfi.dat
2010-06-27 09:22:55 0 d-----w- c:\program files\COMODO
2010-06-27 09:20:59 0 d-----w- c:\programdata\Comodo Downloader
2010-06-26 20:59:35 0 d-----w- c:\programdata\Sun
2010-06-26 20:58:56 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-25 23:13:25 632 --sha-r- c:\users\dale\ntuser.pol
2010-06-25 17:51:24 0 d-----w- c:\programdata\Spybot - Search & Destroy
2010-06-25 17:51:24 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-06-23 11:59:42 0 d-sh--w- C:\$RECYCLE.BIN
2010-06-14 19:39:31 2419568 ----a-w- c:\windows\system32\pbsvc_apb.exe
2010-06-14 19:38:36 0 d-----w- c:\program files\NVIDIA Corporation
2010-06-07 01:09:08 524288 --sha-w- c:\users\dale\ntuser.dat{071e414a-71cf-11df-b0b1-001c25349b08}.TMContainer00000000000000000002.regtrans-ms
2010-06-07 01:09:08 524288 --sha-w- c:\users\dale\ntuser.dat{071e414a-71cf-11df-b0b1-001c25349b08}.TMContainer00000000000000000001.regtrans-ms
2010-06-07 01:09:07 65536 --sha-w- c:\users\dale\ntuser.dat{071e414a-71cf-11df-b0b1-001c25349b08}.TM.blf
2010-06-04 11:42:03 0 d-----w- c:\users\dale\appdata\roaming\InfraRecorder
2010-06-04 10:55:40 224240 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2010-06-04 10:51:57 0 d-----w- c:\program files\InfraRecorder
2010-06-02 16:00:50 419 ----a-w- c:\windows\system32\settings.Conf
2010-06-02 16:00:50 0 d-----w- c:\windows\system32\profiles
2010-06-01 18:00:52 278288 ----a-w- c:\windows\system32\guard32.dll
2010-06-01 18:00:06 30112 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-06-01 18:00:04 16744 ----a-w- c:\windows\system32\drivers\cmderd.sys
2010-05-31 14:27:05 0 d-----w- c:\program files\LogMeIn Hamachi
2010-05-30 15:25:37 0 d-----w- C:\Autoruns
2010-05-30 15:22:28 595499 ----a-w- C:\Autoruns.zip

==================== Find3M ====================

2010-06-27 09:23:29 86016 ----a-w- c:\windows\inf\infpub.dat
2010-06-27 09:23:29 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-06-27 09:23:29 143360 ----a-w- c:\windows\inf\infstor.dat
2010-06-14 19:39:48 138056 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-14 19:39:48 138056 ----a-w- c:\users\dale\appdata\roaming\PnkBstrK.sys
2010-06-14 19:39:38 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-14 19:39:31 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-05-28 00:09:00 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-05-26 17:06:41 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47:41 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 13:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-04 05:59:21 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55:42 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 05:55:42 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 04:31:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 15:26:59 94816 ----a-w- c:\windows\fonts\cordiaz.ttf
2010-05-01 14:13:48 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-23 14:13:55 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-17 17:26:53 75 ----a-w- c:\users\dale\jagex_runescape_preferences2.dat
2010-04-17 16:56:26 41 ----a-w- c:\users\dale\jagex_runescape_preferences.dat
2010-04-15 23:57:46 0 ----a-w- c:\users\dale\jagex__preferences3.dat
2010-04-05 17:01:01 67072 ----a-w- c:\windows\system32\asycfilt.dll
2009-10-31 14:26:56 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-07-04 20:21:55 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-12-05 20:10:08 10 --sha-r- c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\config.sys
2009-12-05 20:10:08 10 --sha-r- c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\config.sys
2009-12-05 20:10:08 10 --sha-r- c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\config.sys

============= FINISH: 18:49:33.38 ===============
  • 0

#39
kahdah
Posted 28 June 2010 - 11:50 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
If your antivirus detects it then turn it off prior to running it.
It is only a diagnostic tool it only scans your machine.
If it has already detected it then delete the version you have (DDS) and redownload it with the Antivirus turned off then run dds.
Post the resulting logs please.
  • 0

#40
JustUniqu3
Posted 28 June 2010 - 11:51 AM

JustUniqu3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 25/06/2009 7:57:36 PM
System Uptime: 28/06/2010 2:28:29 PM (4 hours ago)

Motherboard: Foxconn | | 45CMX/45GMX/45CMX-K
Processor: Intel® Pentium® D CPU 3.00GHz | Socket 775 | 3000/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 43.823 GiB free.
D: is CDROM (CDFS)
E: is FIXED (NTFS) - 149 GiB total, 124.268 GiB free.
H: is FIXED (NTFS) - 149 GiB total, 112.208 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

3DMark Vantage
AAC Decoder
Acrobat.com
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe After Effects CS4
Adobe After Effects CS4 Presets
Adobe After Effects CS4 Third Party Content
Adobe AIR
Adobe Anchor Service CS4
Adobe Asset Services CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles AE CS4
Adobe Color Video Profiles CS CS4
Adobe Contribute CS4
Adobe Creative Suite 4 Master Collection
Adobe CS4 American English Speech Analysis Models
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Drive CS4
Adobe Dynamiclink Support
Adobe Encore CS4
Adobe Encore CS4 Codecs
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Fireworks CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Dolby
Adobe Media Encoder CS4 Exporter
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe MotionPicture Color Files CS4
Adobe OnLocation CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Premiere Pro CS4
Adobe Premiere Pro CS4 Functional Content
Adobe Premiere Pro CS4 Third Party Content
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe Shockwave Player 11.5
Adobe SING CS4
Adobe Soundbooth CS4
Adobe Soundbooth CS4 Codecs
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe Version Cue CS4 Server
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Age of Empires III
Age of Mythology
AhnLab Online Security
AoA Audio Extractor 1.0
APB Europe
Apple Application Support
Apple Software Update
ATI AVIVO Codecs
ATI Catalyst Install Manager
AutoHotkey 1.0.48.05
AutoUpdate
Battlefield 2™
Battlefield 2: Special Forces
BitTorrent
Build Your Own Net Dream (remove only)
Call of Duty® - World at War™
Call of Duty® 4 - Modern Warfare™
Call of Duty® 4 - Modern Warfare™ 1.6 Patch
Call of Duty® 4 - Modern Warfare™ 1.7 Patch
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
ccc-core-static
ccc-utility
CCC Help English
CCleaner
CoD RconTool
COMODO Internet Security
Connect
Counter-Strike: Source
D-Day
DBManager 3.2.4
Defraggler
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
DNA
Dystopia
Emerald Viewer 1.23.5.1101
erLT
ERUNT 1.1j
Europe MapleStory
File Recover 7.5
FileZilla Client 3.3.3
Firebird 2.1.0.16780 (Win32)
Fraps (remove only)
Free Screen Recorder v2.9
FreeMind
FreshDiagnose
FreshUI
Futuremark SystemInfo
G15_TeamSpeak (NSIS)
Game Booster
Garry's Mod
Google Earth
Google Update Helper
Google Updater
Gordon's Gate Flash Driver 2.2.0.1
GTA San Andreas
H.264 Decoder
Half-Life 2: Deathmatch
HashTab 2.3.0
HLSW v1.3.2.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HydraVision
ijji REACTOR
ImgBurn
InfraRecorder
InterActual Player
Java Auto Updater
Java™ 6 Update 20
Junk Mail filter update
KeyText v3
kuler
Left 4 Dead
Lexmark X6100 Series
LimeWire 5.4.6
Logitech GamePanel Software 3.03.133
Logitech Motion Detector Gadget
Logitech QuickCapture Gadget
Logitech SetPoint 5.00
Logitech Webcam Software
LogMeIn Hamachi
Malwarebytes' Anti-Malware
MapleStory
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual Studio 6.0 Enterprise Edition
Microsoft Web Publishing Wizard 1.53
mIRC
MKV Splitter
Mozilla Firefox (3.6.6)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
MTA:SA v1.0.4-rc-1783
Mz Vista Force v2.2
No-IP DUC
Notepad++
NVIDIA Drivers
NVIDIA GAME System Software 2.8.1
NVIDIA PhysX
OpenAL
OpenOffice.org 3.2
PC Connectivity Solution
PDF Settings CS4
Photoshop Camera Raw
Pixel Bender Toolkit
PunkBuster Services
QuickTime
Realtek High Definition Audio Driver
Recuva
SAM3 (remove only)
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio
Samsung New PC Studio USB Driver Installer
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver
San Andreas Mod Installer
ScopeUserGuide
SecondLifeViewer2 (remove only)
Security Update for CAPICOM (KB931906)
Silent Hunter II
Skype Toolbars
Skype™ 4.2
Sony Ericsson PC Suite 5.009.00
Sothink SWF Decompiler
SourceForts
Speccy
SpeedBit Video Accelerator
Spotify
Spring 0.80.5.1
Spring 1944 Lyuban (1.07)
Spybot - Search & Destroy
Steam
Strawberry Perl
Suite Shared Configuration CS4
System Requirements Lab
TeamSpeak 2 RC2
TeamSpeak 3 Client
TeamViewer 5
Theme Hospital
TortoiseSVN 1.6.3.16613 (32 bit)
TreeSize Free V2.3.3
Trinity GunZ 6.4.0
TS Admin-Client 2.2.3-alpha [Build: 1485]
Unlocker 1.8.7
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update Service
VC80CRTRedist - 8.0.50727.4053
Ventrilo Client
VGA Utility
Virtual Audio Cable 4.04
VistaGlazz 2.0
VLC media player 0.9.9
Warsow 0.42
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Media Player Firefox Plugin
WinPcap 4.0
WinRAR archiver
Xfire (remove only)

==== Event Viewer Messages From Past Week ========

28/06/2010 2:30:05 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
28/06/2010 2:30:01 PM, Error: Service Control Manager [7001] - The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
28/06/2010 2:30:01 PM, Error: Service Control Manager [7000] - The npkcrypt service failed to start due to the following error: The system cannot find the path specified.
28/06/2010 2:29:08 PM, Error: EventLog [6008] - The previous system shutdown at 14:27:15 on 28/06/2010 was unexpected.
27/06/2010 11:27:09 PM, Error: Service Control Manager [7034] - The LogMeIn Hamachi 2.0 Tunneling Engine service terminated unexpectedly. It has done this 1 time(s).
26/06/2010 9:43:19 PM, Error: Service Control Manager [7034] - The Process Monitor service terminated unexpectedly. It has done this 1 time(s).
26/06/2010 6:02:55 PM, Error: EventLog [6008] - The previous system shutdown at 18:01:29 on 26/06/2010 was unexpected.
26/06/2010 12:15:38 AM, Error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).
26/06/2010 12:15:36 AM, Error: Service Control Manager [7034] - The PnkBstrB service terminated unexpectedly. It has done this 1 time(s).
26/06/2010 12:15:30 AM, Error: Service Control Manager [7034] - The Firebird Guardian - DefaultInstance service terminated unexpectedly. It has done this 1 time(s).
25/06/2010 11:07:44 AM, Error: Service Control Manager [7001] - The NVIDIA Display Driver Service service depends on the nvlddmkm service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
23/06/2010 8:14:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service stisvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
23/06/2010 12:53:32 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
23/06/2010 10:06:21 AM, Error: Service Control Manager [7034] - The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s).
23/06/2010 1:20:58 PM, Error: PlugPlayManager [11] - The device Root\LEGACY_UNLOCKERDRIVER5\0000 disappeared from the system without first being prepared for removal.

==== End Of File ===========================
  • 0

Advertisements

#41
JustUniqu3
Posted 28 June 2010 - 11:52 AM

JustUniqu3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
DDS eventually produced those two files, posted prior to this response, however it said Access Denied aswell, dunno if that means anything though.
  • 0

#42
kahdah
Posted 28 June 2010 - 11:58 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok since you are connected to a router are you comfortable with resetting it?
I think the infection is present in the router.
I can assist you if needed.

GO ahead and press the reset button in the back of the router to reset it to factory default.
This will remove any custom settings that a re in the router so if you have it setup up any other way besides default settings then I would take a look at the settings and try to copy them down before resetting the router.

Nothing shows up in the logs so this is why I suspect it to be this.
  • 0

#43
JustUniqu3
Posted 28 June 2010 - 12:01 PM

JustUniqu3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Hmm, the router was already recently reset and I've had this problem since before then.

I'm also the 'minor' (I'm 16) of the house, this is my personal computer however.
  • 0

#44
kahdah
Posted 28 June 2010 - 12:08 PM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
You sure it was set back to factory settings though or just unplugged?

Either way nothing still shows in the logs at all.
Please do the following:

Download TDSSKiller and save it to your Desktop.

  • Right click on the file and choose extract all extract the file to your desktop then run it.
  • If prompted to restart the computer type in Y then it will restart.
  • Or if you are prompted with a hidden service warning do go ahead and delete it.
  • Once completed it will create a log in your C:\ drive
  • Please post the contents of that log

  • 0

#45
JustUniqu3
Posted 28 June 2010 - 12:15 PM

JustUniqu3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Definately set back to factory default.

I will give the TDSSKiller thing a shot, sit tight for a minute and I will get the results back to you. :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP