Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue screen of death.


  • This topic is locked This topic is locked
2 replies to this topic

#1 novocaine

novocaine

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:38 PM

Posted 26 February 2011 - 05:51 PM

Referred from here: http://www.bleepingcomputer.com/forums/topic380253.html ~ OB

DDS (Ver_10-12-12.02) - NTFS_AMD64 NETWORK
Run by nekro at 16:58:26.00 on Sat 02/26/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2937.2273 [GMT -5:00]

AV: Webroot AntiVirus with Spy Sweeper *Disabled/Updated* {3A033352-45FD-579C-DF47-2D2DA7A56A3D}
SP: Webroot AntiVirus with Spy Sweeper *Disabled/Updated* {8162D2B6-63C7-5812-E5F7-165FDC222080}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\ctfmon.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Users\nekro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nekro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nekro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nekro\Desktop\dds.scr
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/ig?brand=TSNA&bmod=TSNA
uDefault_Page_URL = hxxp://www.google.com/ig?brand=TSNA&bmod=TSNA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mURLSearchHooks: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\tbIMV1.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll
mURLSearchHooks: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngi0.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\tbIMV1.dll
BHO: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
BHO: {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - No File
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll
BHO: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\tbIMV1.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngi0.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dll
TB: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
{338b4dfe-2e2c-4338-9e41-e176d497299e}
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
mRun: [SVPWUTIL] "C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" SVPwUTIL
mRun: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [SpySweeper] "C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Randy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files%20(x86)/The%20Great%20Tree/Images/stg_drm.ocx
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files%20(x86)/The%20Great%20Tree/Images/armhelper.ocx
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
BHO-X64: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
BHO-X64: Windows Live Family Safety Browser Helper - No File
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB-X64: {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
TB-X64: {90B49673-5506-483E-B92B-CA0265BD9CA8} - No File
TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File
mRun-x64: [(Default)]
mRun-x64: [IgfxTray] "C:\windows\system32\igfxtray.exe"
mRun-x64: [HotKeysCmds] "C:\windows\system32\hkcmd.exe"
mRun-x64: [Persistence] "C:\windows\system32\igfxpers.exe"
mRun-x64: [RtHDVCpl] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun-x64: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun-x64: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun-x64: [TosVolRegulator] "C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe"
mRun-x64: [TosSENotify] "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe"
mRun-x64: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
IE-X64: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
AppInit_DLLs-X64: SDLoader.dll
Hosts: 188.165.56.119 patchpc.ipsueu.segaonline.jp
Hosts: 188.165.56.119 loginpc.ipsueu.segaonline.jp

================= FIREFOX ===================

FF - ProfilePath - C:\Users\nekro\AppData\Roaming\Mozilla\Firefox\Profiles\pmf3jzmz.default\
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPMFireLauncher.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npWebLaunch.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Roozz\nproozz.dll
FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\nekro\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\windows\system32\npOGPPlugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: FiddlerHook: fiddlerhook@fiddler2.com - C:\Program Files (x86)\Fiddler2\FiddlerHook

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-12-18 55280]
R0 ssfs0bbc;ssfs0bbc;C:\Windows\System32\drivers\ssfs0bbc.sys [2009-11-6 37488]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\System32\drivers\tos_sps64.sys [2009-12-18 482384]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2010-12-6 2101640]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe [2009-11-6 4048240]
R2 WRConsumerService;Webroot Client Service;C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe [2011-2-18 1201640]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187B.sys [2009-12-18 446976]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S2 Akamai;Akamai NetSession Interface;C:\windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 FLEXnet Licensing Manager;FLEXnet Licensing Manager for Adobe Products;C:\Windows\system\regsrv.exe [2010-5-4 675033]
S2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2010-5-7 197976]
S2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-7 2228008]
S3 EagleX64;EagleX64;C:\Windows\System32\drivers\EagleX64.sys [2010-8-11 116312]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-12-15 61288]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-4-28 704872]
S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2009-10-7 271640]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2009-10-7 327704]
S3 LVUVC64;Logitech Webcam 200(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2010-7-27 6465632]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2010-10-25 97552]
S3 npggsvc;nProtect GameGuard Service;C:\windows\system32\GameMon.des -service --> C:\windows\system32\GameMon.des -service [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-12-18 215040]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-8-3 137560]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-28 1255736]
S4 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688]
S4 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2009-7-14 42368]
S4 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448]
S4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-28 135664]
S4 MSSQL$FLYFF;SQL Server (FLYFF);C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-5-27 29262680]
S4 MSSQL$SQLEXPRESS1;SQL Server (SQLEXPRESS1);C:\Program Files (x86)\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe [2009-5-27 29262680]
S4 Roozz Helper;Roozz Helper;C:\Program Files (x86)\Roozz\RoozzHelper.exe [2011-2-9 49664]
S4 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2009-12-18 54136]

=============== Created Last 30 ================

2011-02-26 08:01:01 367104 ----a-w- C:\windows\System32\wcncsvc.dll
2011-02-26 08:01:01 276992 ----a-w- C:\windows\SysWow64\wcncsvc.dll
2011-02-26 07:24:28 7947600 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{7913AD65-1D3F-4E3E-8FB2-AAB782FB06E0}\mpengine.dll
2011-02-26 07:23:25 442880 ----a-w- C:\windows\SysWow64\XpsPrint.dll
2011-02-26 07:23:24 662528 ----a-w- C:\windows\System32\XpsPrint.dll
2011-02-26 07:23:24 475648 ----a-w- C:\windows\System32\XpsGdiConverter.dll
2011-02-26 07:23:24 288256 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll
2011-02-25 20:36:59 -------- d-----w- C:\Program Files (x86)\ESET
2011-02-25 19:00:40 -------- d-----w- C:\PROGRA~3\SecTaskMan
2011-02-25 19:00:37 -------- d-----w- C:\Program Files (x86)\Security Task Manager
2011-02-18 22:41:10 -------- d-----w- C:\Users\nekro\AppData\Roaming\Webroot
2011-02-18 22:36:15 -------- d-----w- C:\Program Files (x86)\Ask.com
2011-02-18 22:35:52 -------- d-----w- C:\Program Files (x86)\MSSOAP
2011-02-18 22:35:52 -------- d-----w- C:\Program Files (x86)\Common Files\MSSoap
2011-02-18 22:35:33 1563008 ----a-w- C:\windows\WRSetup.dll
2011-02-18 22:35:33 -------- d-----w- C:\Program Files (x86)\Webroot
2011-02-18 22:35:33 -------- d-----w- C:\PROGRA~3\Webroot
2011-02-18 14:54:18 15256 ----a-w- C:\Users\nekro\AppData\Roaming\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
2011-02-18 02:49:16 -------- d-----w- C:\Users\nekro\AppData\Roaming\DAEMON Tools Lite
2011-02-18 02:48:54 -------- d-----w- C:\Users\nekro\AppData\Roaming\uTorrent
2011-02-18 02:48:54 -------- d-----w- C:\Users\nekro\AppData\Local\SRS Labs
2011-02-17 15:42:23 -------- d-----w- C:\Users\nekro\AppData\Local\Apple Computer
2011-02-17 13:39:27 -------- d-----w- C:\Users\nekro\AppData\Roaming\Malwarebytes
2011-02-14 20:57:59 181608 ----a-w- C:\PROGRA~3\Microsoft\Windows\Sqm\Manifest\Sqm10137.bin
2011-02-12 17:49:11 -------- d-----w- C:\Program Files (x86)\VMware
2011-02-11 03:05:15 714752 ----a-w- C:\windows\System32\kerberos.dll
2011-02-11 03:05:15 541184 ----a-w- C:\windows\SysWow64\kerberos.dll
2011-02-11 03:05:02 9302528 ----a-w- C:\windows\System32\mshtml(46).dll
2011-02-11 03:03:50 5510528 ----a-w- C:\windows\System32\ntoskrnl.exe
2011-02-11 03:03:49 3901824 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2011-02-11 03:03:49 1739176 ----a-w- C:\windows\System32\ntdll.dll
2011-02-11 03:03:49 1293120 ----a-w- C:\windows\SysWow64\ntdll.dll
2011-02-11 03:03:48 3957120 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2011-02-11 03:03:45 612352 ----a-w- C:\windows\System32\vbscript.dll
2011-02-11 03:03:44 428032 ----a-w- C:\windows\SysWow64\vbscript.dll
2011-02-11 03:03:42 46080 ----a-w- C:\windows\System32\atmlib.dll
2011-02-11 03:03:42 366080 ----a-w- C:\windows\System32\atmfd.dll
2011-02-11 03:03:42 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2011-02-11 03:03:42 294400 ----a-w- C:\windows\SysWow64\atmfd.dll
2011-02-09 23:27:23 -------- d-----w- C:\Program Files (x86)\Roozz
2011-02-09 17:17:17 -------- d-----w- C:\Program Files (x86)\Games
2011-02-09 16:27:55 -------- d-----w- C:\Program Files (x86)\X-Play
2011-02-09 03:51:09 -------- d-----w- C:\Jazz3d
2011-02-09 03:48:14 -------- d-----w- C:\Games
2011-02-06 07:29:09 -------- d-----w- C:\PROGRA~3\realtech VR
2011-02-06 07:29:04 -------- d-----w- C:\Program Files (x86)\realtech VR
2011-02-04 21:50:31 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2011-01-30 00:09:59 -------- d-----w- C:\windows\RTLInstallTemp
2011-01-30 00:09:27 -------- d-----w- C:\Users\nekro\AppData\Roaming\WinBatch
2011-01-29 23:32:04 -------- d-----w- C:\Users\nekro\AppData\Local\FLVService

==================== Find3M ====================

2011-02-02 22:11:20 270720 ------w- C:\windows\System32\MpSigStub.exe
2011-02-02 02:21:07 43520 ----a-w- C:\windows\SysWow64\CmdLineExt03.dll
2011-01-26 06:53:10 982912 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2011-01-26 06:53:10 265088 ----a-w- C:\windows\System32\drivers\dxgmms1.sys
2011-01-26 06:31:20 144384 ----a-w- C:\windows\System32\cdd.dll
2011-01-05 04:00:16 3127808 ----a-w- C:\windows\System32\win32k.sys
2011-01-04 20:17:12 521448 ----a-w- C:\windows\System32\deployJava1.dll
2011-01-01 11:32:25 94208 ----a-w- C:\windows\DIIUnin.exe
2011-01-01 11:32:25 2829 ----a-w- C:\windows\DIIUnin.pif
2010-12-21 06:16:27 97280 ----a-w- C:\windows\System32\wscsvc.dll
2010-12-21 06:16:27 62976 ----a-w- C:\windows\System32\wscapi.dll
2010-12-21 06:16:16 214016 ----a-w- C:\windows\System32\winsrv.dll
2010-12-21 06:16:14 442880 ----a-w- C:\windows\System32\winhttp.dll
2010-12-21 06:16:14 1197056 ----a-w- C:\windows\System32\wininet.dll
2010-12-21 06:16:09 258048 ----a-w- C:\windows\System32\WebClnt.dll
2010-12-21 06:15:55 264192 ----a-w- C:\windows\System32\upnp.dll
2010-12-21 06:15:31 15360 ----a-w- C:\windows\System32\slwga.dll
2010-12-21 06:13:03 2003968 ----a-w- C:\windows\System32\msxml6.dll
2010-12-21 06:13:03 1880576 ----a-w- C:\windows\System32\msxml3.dll
2010-12-21 06:10:22 100864 ----a-w- C:\windows\System32\davclnt.dll
2010-12-21 05:38:24 51200 ----a-w- C:\windows\SysWow64\wscapi.dll
2010-12-21 05:38:22 981504 ----a-w- C:\windows\SysWow64\wininet.dll
2010-12-21 05:38:22 350720 ----a-w- C:\windows\SysWow64\winhttp.dll
2010-12-21 05:38:21 204800 ----a-w- C:\windows\SysWow64\WebClnt.dll
2010-12-21 05:38:19 204288 ----a-w- C:\windows\SysWow64\upnp.dll
2010-12-21 05:38:16 14336 ----a-w- C:\windows\SysWow64\slwga.dll
2010-12-21 05:36:17 1389568 ----a-w- C:\windows\SysWow64\msxml6.dll
2010-12-21 05:36:16 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll
2010-12-21 05:34:12 80384 ----a-w- C:\windows\SysWow64\davclnt.dll
2010-12-20 23:08:40 24152 ----a-w- C:\windows\System32\drivers\mbam.sys
2010-12-18 06:11:41 57856 ----a-w- C:\windows\System32\licmgr10.dll
2010-12-18 05:29:40 44544 ----a-w- C:\windows\SysWow64\licmgr10.dll
2010-12-18 04:55:03 482816 ----a-w- C:\windows\System32\html.iec
2010-12-18 04:20:55 386048 ----a-w- C:\windows\SysWow64\html.iec
2010-12-18 04:13:40 1638912 ----a-w- C:\windows\System32\mshtml.tlb
2010-12-18 03:47:59 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb
2010-12-10 00:17:38 0 ----a-w- C:\windows\SysWow64\ConduitEngine.tmp

============= FINISH: 17:01:19.14 ===============

Attached Files

  • Attached File  ark.txt   4.47KB   0 downloads

Edited by Orange Blossom, 26 February 2011 - 07:56 PM.


BC AdBot (Login to Remove)

 


#2 novocaine

novocaine
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:12:38 PM

Posted 05 March 2011 - 02:24 AM

Fixed by reinstalling windows. Close topic please :). Thank you all for the help.
~Randy

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,963 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:38 PM

Posted 05 March 2011 - 06:52 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users