TechSpot

IDK, just want it clean. Also: Claro

Inactive
By Evan Komp
Nov 17, 2012
  1. Dealt with it awhile ago, but now I'm trying to just clean my comp. MSE came clean, malwarebytes anti malware came up clean, and here are the DDS logs. Thanks for any help.

    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16338.13746 [GMT -8:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
    SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\SmartTechnology\Software\ProfilerU.exe
    C:\Program Files\SmartTechnology\Software\SaiMfd.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    D:\Programs\steam\Steam.exe
    C:\Windows\System32\spool\drivers\x64\3\E_IATICDA.EXE
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    D:\Programs\LOLReplay\LOLRecorder.exe
    C:\Users\evan\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\system32\sppsvc.exe
    C:\Users\evan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\evan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\evan\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.claro-search.com/?affID=114508&tt=4212_3&babsrc=HP_clro&mntrId=62dec1590000000000008c89a5da00c6
    uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned>
    mWinlogon: Userinit = userinit.exe,
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    uRun: [Google Update] "C:\Users\evan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [Steam] "D:\Programs\steam\steam.exe" -silent
    uRun: [EPSON Stylus CX7400 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATICDA.EXE /FU "C:\Windows\TEMP\E_S2AF5.tmp" /EF "HKCU"
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
    StartupFolder: C:\Users\evan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\evan\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOLREC~1.LNK - D:\Programs\LOLReplay\LOLRecorder.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
    TCP: NameServer = 192.168.2.1
    TCP: Interfaces\{6405776E-88CB-47C0-836C-772B084BC8FE} : DHCPNameServer = 192.168.2.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    x64-Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe
    x64-Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    x64-DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
    R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
    R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 128456]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
    R3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2009-10-7 271640]
    R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
    R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2009-10-7 327704]
    R3 lvsels64;Logitech Selective Suspend Filter;C:\Windows\System32\drivers\lvsels64.sys [2009-10-7 67992]
    R3 LVUVC64;QuickCam Orbit/Sphere MP(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2009-10-7 6379288]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-7-14 676968]
    R3 SaiK0CD5;SaiK0CD5;C:\Windows\System32\drivers\SaiK0CD5.sys [2011-9-20 183104]
    R3 SaiU0CD5;SaiU0CD5;C:\Windows\System32\drivers\SaiU0CD5.sys [2011-9-20 47168]
    S2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe --> C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe [?]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-7-14 20992]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-7-14 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-15 1255736]
    .
    =============== Created Last 30 ================
    .
    2074-05-19 01:44:52607296----a-w-C:\Program Files (x86)\Microsoft Games\Age of Empires III\deformerdllyD.dll
    2074-05-08 02:38:48203576------w-C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
    2012-11-18 05:09:55--------d-----w-C:\Users\evan\AppData\Roaming\Malwarebytes
    2012-11-18 05:09:15--------d-----w-C:\ProgramData\Malwarebytes
    2012-11-18 05:09:1425928----a-w-C:\Windows\System32\drivers\mbam.sys
    2012-11-18 00:28:359291768----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{45B59608-F016-467D-A755-0ACEDD20DD70}\mpengine.dll
    2012-11-17 03:56:35--------d-----w-C:\Windows\System32\41621
    2012-11-17 00:09:479291768----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-11-15 00:23:06--------d-----w-C:\Users\evan\AppData\Local\{86D1A66B-E5B5-4F14-8BDA-54C94EB67A2D}
    2012-11-14 11:00:24--------d-----w-C:\Program Files (x86)\MSXML 4.0
    2012-11-13 08:17:08--------d-----w-C:\Users\evan\AppData\Local\{DFB1ECEE-5E3C-4073-AC95-07836AE8C412}
    2012-11-13 03:31:05--------d-----w-C:\Users\evan\AppData\Roaming\GameRanger
    2012-11-12 22:45:53--------d-----w-C:\Program Files (x86)\Common Files\Microsoft Games
    2012-11-12 22:45:5234304------w-C:\Program Files (x86)\Microsoft Games\Age of Empires III\SetupENU2.dll
    2012-11-12 22:09:29--------d-----w-C:\ProgramData\Age of Empires 3
    2012-11-12 22:03:553767504----a-w-C:\Windows\System32\d3dx9_26.dll
    2012-11-12 22:03:552297552----a-w-C:\Windows\SysWow64\d3dx9_26.dll
    2012-11-12 21:46:20--------d-----w-C:\Program Files (x86)\Microsoft Games
    2012-11-08 03:47:03--------d-----w-C:\Users\evan\AppData\Local\{1859B1F5-E46B-48B4-94AF-1BFE7A999376}
    2012-11-05 06:41:02--------d-----w-C:\Users\evan\AppData\Local\{A149B07C-6D06-4C39-A138-071F51651BFB}
    2012-11-02 05:03:14--------d-----w-C:\Users\evan\AppData\Local\{3CD7AE3C-ACE1-4864-9D4D-5347C97FBC18}
    2012-10-28 04:13:43--------d-----w-C:\Users\evan\AppData\Local\{52E07492-C710-4EC2-A07E-D3916C49171E}
    2012-10-26 02:27:09--------d-----w-C:\Users\evan\AppData\Roaming\Dropbox
    2012-10-25 23:51:36--------d-----w-C:\Users\evan\AppData\Local\{245EC8FF-C15F-405B-A49F-242A34D0F6C8}
    2012-10-25 03:08:51--------d-----w-C:\Users\evan\AppData\Local\{47A2741E-7F08-410E-A2E7-EE1F888D48C9}
    2012-10-22 18:31:5874344----a-w-C:\Windows\System32\RtNicProp64.dll
    2012-10-22 18:31:58107624----a-w-C:\Windows\System32\RTNUninst64.dll
    2012-10-22 18:31:54--------d-----w-C:\Program Files (x86)\Realtek
    2012-10-22 08:38:1033856---ha-w-C:\Windows\System32\hamachi.sys
    2012-10-22 08:19:55--------d-----w-C:\Windows\System32\appmgmt
    2012-10-22 07:27:46--------d-----w-C:\Users\evan\AppData\Roaming\Anvisoft
    2012-10-22 07:27:41--------d-----w-C:\ProgramData\Anvisoft
    2012-10-22 07:08:49--------d-----w-C:\Windows\pss
    2012-10-22 07:06:07--------d-----w-C:\Windows\System32\33821
    2012-10-22 03:54:56--------d-----w-C:\Users\evan\AppData\Roaming\Babylon
    2012-10-22 03:54:56--------d-----w-C:\ProgramData\Babylon
    2012-10-22 03:54:55--------d-----w-C:\Windows\SysWow64\searchplugins
    2012-10-22 03:54:55--------d-----w-C:\Windows\SysWow64\Extensions
    2012-10-20 23:57:44972192------w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F905F08E-28AE-45C2-A0B0-D21A10ADD46B}\gapaengine.dll
    .
    ==================== Find3M ====================
    .
    2012-11-18 05:14:2773656----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-11-18 05:14:27697272----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-09-25 06:16:3395208----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-09-14 19:19:292048----a-w-C:\Windows\System32\tzres.dll
    2012-09-14 18:28:532048----a-w-C:\Windows\SysWow64\tzres.dll
    2012-09-01 19:58:12627600----a-w-C:\Windows\System32\deployJava1.dll
    2012-09-01 07:10:35821736----a-w-C:\Windows\SysWow64\npDeployJava1.dll
    2012-09-01 07:10:35746984----a-w-C:\Windows\SysWow64\deployJava1.dll
    2012-08-31 18:19:351659760----a-w-C:\Windows\System32\drivers\ntfs.sys
    2012-08-31 05:03:48228768----a-w-C:\Windows\System32\drivers\MpFilter.sys
    2012-08-31 05:03:48128456----a-w-C:\Windows\System32\drivers\NisDrvWFP.sys
    2012-08-30 18:03:455559664----a-w-C:\Windows\System32\ntoskrnl.exe
    2012-08-30 17:12:023968880----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
    2012-08-30 17:12:023914096----a-w-C:\Windows\SysWow64\ntoskrnl.exe
    2012-08-24 18:05:07220160----a-w-C:\Windows\System32\wintrust.dll
    2012-08-24 16:57:48172544----a-w-C:\Windows\SysWow64\wintrust.dll
    2012-08-24 10:31:322312704----a-w-C:\Windows\System32\jscript9.dll
    2012-08-24 10:21:181392128----a-w-C:\Windows\System32\wininet.dll
    2012-08-24 10:20:111494528----a-w-C:\Windows\System32\inetcpl.cpl
    2012-08-24 10:14:45173056----a-w-C:\Windows\System32\ieUnatt.exe
    2012-08-24 10:13:29599040----a-w-C:\Windows\System32\vbscript.dll
    2012-08-24 10:09:422382848----a-w-C:\Windows\System32\mshtml.tlb
    2012-08-24 06:59:171800704----a-w-C:\Windows\SysWow64\jscript9.dll
    2012-08-24 06:51:271129472----a-w-C:\Windows\SysWow64\wininet.dll
    2012-08-24 06:51:021427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
    2012-08-24 06:47:26142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
    2012-08-24 06:47:12420864----a-w-C:\Windows\SysWow64\vbscript.dll
    2012-08-24 06:43:582382848----a-w-C:\Windows\SysWow64\mshtml.tlb
    2012-08-22 18:12:501913200----a-w-C:\Windows\System32\drivers\tcpip.sys
    2012-08-22 18:12:40950128----a-w-C:\Windows\System32\drivers\ndis.sys
    2012-08-22 18:12:40376688----a-w-C:\Windows\System32\drivers\netio.sys
    2012-08-22 18:12:33288624----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
    2012-08-21 21:01:00245760----a-w-C:\Windows\System32\OxpsConverter.exe
    2012-08-20 18:48:44362496----a-w-C:\Windows\System32\wow64win.dll
    2012-08-20 18:48:44243200----a-w-C:\Windows\System32\wow64.dll
    2012-08-20 18:48:4413312----a-w-C:\Windows\System32\wow64cpu.dll
    2012-08-20 18:48:43215040----a-w-C:\Windows\System32\winsrv.dll
    2012-08-20 18:48:3716384----a-w-C:\Windows\System32\ntvdm64.dll
    2012-08-20 18:48:35424448----a-w-C:\Windows\System32\KernelBase.dll
    2012-08-20 18:46:22338432----a-w-C:\Windows\System32\conhost.exe
    2012-08-20 17:40:2114336----a-w-C:\Windows\SysWow64\ntvdm64.dll
    2012-08-20 17:38:4444032----a-w-C:\Windows\apppatch\acwow64.dll
    2012-08-20 17:38:2625600----a-w-C:\Windows\SysWow64\setup16.exe
    2012-08-20 17:37:195120----a-w-C:\Windows\SysWow64\wow32.dll
    2012-08-20 17:37:18274944----a-w-C:\Windows\SysWow64\KernelBase.dll
    2012-08-20 15:38:217680----a-w-C:\Windows\SysWow64\instnm.exe
    2012-08-20 15:38:202048----a-w-C:\Windows\SysWow64\user.exe
    2012-08-20 15:33:286144---ha-w-C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2012-08-20 15:33:284608---ha-w-C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-08-20 15:33:283584---ha-w-C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2012-08-20 15:33:283072---ha-w-C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    .
    ============= FINISH: 21:17:32.97 ===============
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-07.01)
    .
    Microsoft Windows 7 Ultimate
    Boot Device: \Device\HarddiskVolume1
    Install Date: 7/14/2012 5:29:46 PM
    System Uptime: 11/17/2012 9:13:21 PM (0 hours ago)
    .
    Motherboard: MSI | | Z77A-G43 (MS-7758)
    Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz | SOCKET 0 | 2975/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 223 GiB total, 135.179 GiB free.
    D: is FIXED (NTFS) - 932 GiB total, 886.138 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description: Universal Serial Bus (USB) Controller
    Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_77581462&REV_04\3&11583659&0&A0
    Manufacturer:
    Name: Universal Serial Bus (USB) Controller
    PNP Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_77581462&REV_04\3&11583659&0&A0
    Service:
    .
    ==== System Restore Points ===================
    .
    RP89: 10/27/2012 4:18:30 PM - Windows Update
    RP90: 10/31/2012 4:36:10 PM - Windows Update
    RP91: 11/4/2012 11:37:13 AM - Windows Update
    RP92: 11/8/2012 3:49:50 PM - Windows Update
    RP93: 11/12/2012 12:37:41 PM - Windows Update
    RP94: 11/12/2012 1:45:12 PM - Installed Age of Empires III
    RP95: 11/12/2012 2:43:51 PM - Installed Age of Empires III - The WarChiefs
    RP96: 11/12/2012 2:47:04 PM - Installed Age of Empires III - The Asian Dynasties
    RP97: 11/12/2012 5:37:50 PM - Removed Apple Application Support
    RP98: 11/12/2012 5:38:12 PM - Removed Bonjour
    RP99: 11/12/2012 5:38:26 PM - Removed Bonjour
    RP100: 11/12/2012 5:38:37 PM - Removed Apple Software Update
    RP101: 11/12/2012 5:38:51 PM - Removed Apple Mobile Device Support
    RP102: 11/14/2012 3:00:13 AM - Windows Update
    RP103: 11/16/2012 8:22:17 PM - Removed Easy Phone Tunes
    RP104: 11/16/2012 8:23:02 PM - Removed Hi-Rez Studios Games
    RP105: 11/16/2012 8:24:53 PM - Removed Microsoft XNA Framework Redistributable 3.1
    RP106: 11/16/2012 8:26:04 PM - Removed iTunes
    RP107: 11/17/2012 4:28:30 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Age of Empires III
    Age of Empires III - The Asian Dynasties
    Age of Empires III - The WarChiefs
    Bloodline Champions
    D3DX10
    Dropbox
    EPSON Printer Software
    EPSON Scan
    Fraps (remove only)
    GameMaker: Studio
    Google Chrome
    Java 7 Update 9
    Java Auto Updater
    Java(TM) 7
    Java(TM) 7 (64-bit)
    JavaFX 2.1.1
    League of Legends
    Logitech Webcam Software
    LOLReplay
    Malwarebytes Anti-Malware version 1.65.1.1000
    MapleStory
    Microsoft Application Error Reporting
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Word Viewer 2003
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    MSVCRT
    MSVCRT Redists
    MSXML 4.0 SP2 (KB954430)
    Nexus Mod Manager
    NVIDIA 3D Vision Controller Driver 301.42
    NVIDIA 3D Vision Driver 301.42
    NVIDIA Control Panel 301.42
    NVIDIA Graphics Driver 301.42
    NVIDIA HD Audio Driver 1.3.16.0
    NVIDIA Install Application
    NVIDIA PhysX
    NVIDIA PhysX System Software 9.12.0213
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update 1.8.15
    NVIDIA Update Components
    Paint.NET v3.5.10
    Prototype
    Realtek Ethernet Controller Driver
    Security Update for CAPICOM (KB931906)
    Sid Meier's Civilization V
    Skype™ 5.10
    Smart Technology Programming Software 7.0.13.22
    Steam
    Team Fortress 2
    The Elder Scrolls V: Skyrim
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    WinRAR 4.20 (32-bit)
    World of Warcraft
    XBMC
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/17/2012 9:13:31 PM, Error: Service Control Manager [7000] - The Browser Manager service failed to start due to the following error: The system cannot find the file specified.
    11/16/2012 7:54:22 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    11/16/2012 7:54:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    11/16/2012 7:54:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    11/16/2012 7:54:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    11/16/2012 7:54:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    11/16/2012 7:54:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    11/16/2012 7:54:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    11/16/2012 7:54:10 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
    11/16/2012 7:54:10 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    11/16/2012 7:54:10 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    11/16/2012 7:54:10 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    11/16/2012 7:54:10 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    11/16/2012 7:54:10 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    11/16/2012 7:54:10 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    11/16/2012 7:54:10 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    11/16/2012 7:54:10 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    11/16/2012 7:54:10 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/16/2012 7:54:10 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    11/16/2012 7:12:01 PM, Error: Service Control Manager [7034] - The Hi-Rez Studios Authenticate and Update Service service terminated unexpectedly. It has done this 1 time(s).
    11/16/2012 3:41:32 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Browser Manager service, but this action failed with the following error: An instance of the service is already running.
    11/16/2012 3:41:02 PM, Error: Service Control Manager [7031] - The Browser Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
    11/12/2012 5:38:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
    11/12/2012 5:38:09 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    11/12/2012 1:41:02 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
    11/12/2012 1:41:02 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    .
    ==== End Of File ===========================
     
  2. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hello, and welcome to TechSpot.


    [​IMG] Please see here for the board rules and other FAQ.

    Please feel free to introduce yourself, after you follow the steps below to get started.

    Information
    • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
    • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
    • If you have already asked for help somewhere, please post the link to the topic you were helped.
    • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
    • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.


    ComboFix scan

    Please download ComboFix[​IMG] by sUBs
    From BleepingComputer.com

    Please save the file to your Desktop.

    Important information about ComboFix


    After the download:
    • Close any open browsers.
    • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
    • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.
    Running ComboFix:
    • Double click on ComboFix.exe & follow the prompts.
    • When ComboFix finishes, it will produce a report for you.
    • Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.
    Troubleshooting ComboFix

    Safe Mode:

    If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

    (To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
    logo appears. A list of options will appear, select "Safe Mode.")

    Re-downloading:

    If this doesn't work either, try the same method (above method), but try to download it again, except name
    ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

    Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

    NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
     
  3. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hello! Are you still with us? Your topic is now marked inactive, because you have lacked to reply.

    However, we'd like to still help. Please update us on the state of your PC.
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.