Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible virus


  • This topic is locked This topic is locked
3 replies to this topic

#1 poolio71

poolio71

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 16 September 2014 - 10:01 PM

I can't even type on my desktop computer because the problem is so bad so I am typing this on my iPad

When I try to type, it's like something is constantly ( like every 2 seconds ) taking over control for 4 seconds and then letting me type again. Even when the cursor is on the desktop you can see the hourglass pop up every 2 seconds.

I will reply to this message with log file on the troubled computer. This would have taken four hours to type out

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 10.60.2
Run by Ripon at 22:36:15 on 2014-09-16
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8169.6094 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
C:\Windows\SysWow64\WinFLService.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\WinFLTray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Ripon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ripon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ripon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ripon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ripon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ripon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ripon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wermgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [WinFLTray] C:\Windows\SysWow64\WinFLTray.exe
uRun: [FLBackup] C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{1D1FD7F4-0869-4271-BD4C-3EEDF4F2527D} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{48F86302-228D-406C-AA4D-0BB650960A58} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{48F86302-228D-406C-AA4D-0BB650960A58} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-9-15 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-9-15 224896]
R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\System32\drivers\mv91cons.sys [2010-11-22 24880]
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-11-22 303408]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-9-15 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-9-15 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-12-14 283200]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-9-15 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-9-15 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-9-15 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-9-15 50344]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2011-4-7 21992]
R2 DigiNet;Digidesign Ethernet Support;C:\Windows\System32\drivers\diginet.sys [2011-4-7 21520]
R2 FLService;FLService;C:\Windows\SysWOW64\WinFLService.exe [2013-7-23 92360]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-6 13336]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2011-4-7 164520]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-9-16 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-9-16 860472]
R2 NEWDRIVER;NEWDRIVER;C:\Windows\SysWOW64\WinVDEdrv6.sys [2013-7-23 197648]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-9-15 1720608]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-9-15 18956064]
R2 PaceLicenseDServices;PACE License Services;C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-5-18 2938880]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-9-15 411936]
R2 USBMIDIAudioDevMon;USB MIDI Series Audio Device Monitor;C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe [2010-4-13 1636872]
R2 WinVDEDrv;WinVDEDrv;C:\Windows\SysWOW64\WinVDEdrv.sys [2013-7-23 225680]
R3 iLokDrvr;Usb Driver;C:\Windows\System32\drivers\iLokDrvr.sys [2012-5-16 25752]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2010-8-24 74320]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2010-8-24 13392]
R3 MAFW;Service for M-Audio FireWire;C:\Windows\System32\drivers\mafw.sys [2009-7-29 231944]
R3 MAUSBMIDI;Service for M-Audio USB MIDI Series;C:\Windows\System32\drivers\MAudioUSBMIDI.sys [2010-4-13 200200]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-4-9 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-9-16 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-9-16 63704]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-9-15 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-9-15 40392]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-4-7 428136]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-1-5 49152]
S3 CLAVIAUSB64;CLAVIAUSB64;C:\Windows\System32\drivers\ClaviaUSB64.sys [2011-9-19 26496]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\RpcAgentSrv.exe [2011-4-7 93848]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-27 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-7 1255736]
S3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);C:\Windows\System32\drivers\ymidusbx64.sys [2011-1-31 49256]
.
=============== Created Last 30 ================
.
2014-09-17 01:31:40 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8C52747C-3FAE-45A2-82F8-13D82EE7FC8E}\offreg.dll
2014-09-16 16:45:32 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-16 16:45:25 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-09-16 16:45:25 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-09-16 16:45:25 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-15 22:01:10 -------- d-----w- C:\Users\Ripon\AppData\Roaming\AVAST Software
2014-09-15 22:00:48 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-09-15 22:00:47 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-09-15 22:00:47 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-09-15 22:00:47 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-09-15 22:00:47 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-09-15 22:00:47 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-09-15 22:00:47 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-09-15 22:00:46 43152 ----a-w- C:\Windows\avastSS.scr
2014-09-15 21:31:08 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-09-15 21:31:08 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-09-15 21:31:08 1283136 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-09-15 21:31:08 1126480 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-09-15 21:31:08 -------- d-----w- C:\Users\Ripon\AppData\Local\NVIDIA Corporation
2014-09-15 21:31:08 -------- d-----w- C:\Users\Ripon\AppData\Local\NVIDIA
2014-09-15 21:30:49 609240 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-08-28 09:35:20 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8C52747C-3FAE-45A2-82F8-13D82EE7FC8E}\mpengine.dll
.
==================== Find3M  ====================
.
2014-09-16 17:14:04 297088 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-09-16 17:14:04 297088 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-09-16 17:13:56 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-08-18 05:54:36 16 ----a-w- C:\Windows\SysWow64\msvcsv60.dll
2014-08-11 20:31:46 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2014-08-11 20:31:46 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2014-08-11 20:31:46 1515296 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2014-07-02 18:55:43 6783776 ----a-w- C:\Windows\System32\nvcpl.dll
2014-07-02 18:55:43 3522392 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-07-02 18:55:41 935368 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-07-02 18:55:41 62808 ----a-w- C:\Windows\System32\nvshext.dll
2014-07-02 18:55:41 386520 ----a-w- C:\Windows\System32\nvmctray.dll
2014-07-02 10:14:12 3826628 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-06-30 00:02:05 76152 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
.
============= FINISH: 22:36:27.60 ===============

Edited by poolio71, 16 September 2014 - 10:02 PM.


BC AdBot (Login to Remove)

 


m

#2 poolio71

poolio71
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 16 September 2014 - 10:04 PM

here is attach

Attached Files



#3 poolio71

poolio71
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:07 AM

Posted 18 September 2014 - 01:28 PM

ok i figured out what it was. i went to action center and turned off the report problems button. it was constantly trying to send something. most annoying thing ive ever encountered that wasnt a virus or something.

 

thank you



#4 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,286 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:09:07 PM

Posted 21 September 2014 - 06:46 PM

Thank you for letting us know your issue has been resolved, and was not malware after all. This topic is now closed per the OP's report.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users