Jump to content


Photo

I think I got a Virus...


  • Please log in to reply
3 replies to this topic

#1 evilguy919

evilguy919

    Active Member

  • Active Members
  • 31 posts

Posted 06 March 2012 - 12:02 AM

Update:
Never mind, I found out what happen. I was moving some stuff around my computer and hit it a few time, nothing hard. However, it cause some of the wire to loose up. I was looking up on google to see any reason why my computer resolution not reset to default and why it was sluggish. Someone was post on Nvidia forum about loose wire that cause the monitor to reset resolution and sluggish on the computer part when trying to open file. This cause because it take a while for your computer to send picture to your monitor because of the loose wire. So I check the wire and bingo, it was loose and almost come off. I plug it back in and restart my computer. All is fix now, I would like to delete this post, but there seem to be no option for it. So I just post this update here. Sorry if I jump the gun there, it just it happen right after I visit a few third part skyrim mods site. So I thought I got hit by a virus or something.

Hello guys,
I think I got a virus. I haven't play Skyrim in a while, but since they introduce steam workshop, there some quality mods that are flying around. So I visit a few mods site over the weekend and d/l a few mods. Then weird thing start happen to my computer. It first started yesterday, my computer just crash for no reason, then when I turn it on my screen resolution got inflated for some reason. I try to re-adjust it, but the screen don't seem to go back to before and there is some sluggish when I try to open folder or program. Hopefully this is enough information for you guys to start on. Also, when I run OTL, there wasn't any backup log that was save, there was only 1 log.

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.05.09

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
xnguyen1 :: XNGUYEN1-PC [administrator]

3/5/2012 6:33:25 PM
mbam-log-2012-03-05 (18-33-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 190380
Time elapsed: 2 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



OTL logfile created on: 3/5/2012 6:49:02 PM - Run 3
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\xnguyen1\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 78.19% Memory free
6.50 Gb Paging File | 5.73 Gb Available in Paging File | 88.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.41 Gb Total Space | 516.78 Gb Free Space | 55.48% Space Free | Partition Type: NTFS

Computer Name: XNGUYEN1-PC | User Name: xnguyen1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/05 18:41:01 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\xnguyen1\Desktop\OTL.exe
PRC - [2011/11/02 08:24:04 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NLSSRV32.EXE
PRC - [2011/10/15 03:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/15 03:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/07/27 06:06:44 | 000,267,488 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2010/08/23 19:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Win32 Services (SafeList) ==========

SRV - [2012/03/03 21:57:21 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/11/02 08:24:04 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2011/10/15 03:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/07/27 06:06:44 | 000,267,488 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2010/08/23 19:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/12/15 15:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/10/15 03:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/07/07 18:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010/04/12 03:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EB 1A EF D7 40 2A CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {9B97950D-482C-1D79-568F-FC7B9D40C785}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...amp;FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6b0d4c9d-c6eb-4a9a-981c-ac3f9d8373c0}: "URL" = http://search.xfinit...q={searchTerms}
IE - HKCU\..\SearchScopes\{9B97950D-482C-1D79-568F-FC7B9D40C785}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z192&form=ZGAADF&install_date=20111012&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/18 14:22:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/18 14:22:30 | 000,000,000 | ---D | M]

[2010/08/15 23:15:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xnguyen1\AppData\Roaming\Mozilla\Extensions
[2012/03/04 15:00:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xnguyen1\AppData\Roaming\Mozilla\Firefox\Profiles\7iuajncf.default\extensions
[2011/08/04 07:46:00 | 000,000,000 | ---D | M] (Xfinity.com Toolbar) -- C:\Users\xnguyen1\AppData\Roaming\Mozilla\Firefox\Profiles\7iuajncf.default\extensions\{7000b6ca-4388-4d95-893d-6659c2d4d1ce}
[2011/12/06 01:55:02 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\xnguyen1\AppData\Roaming\Mozilla\Firefox\Profiles\7iuajncf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011/12/14 21:10:44 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\xnguyen1\AppData\Roaming\Mozilla\Firefox\Profiles\7iuajncf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012/02/13 18:18:13 | 000,000,000 | ---D | M] (SkipScreen) -- C:\Users\xnguyen1\AppData\Roaming\Mozilla\Firefox\Profiles\7iuajncf.default\extensions\SkipScreen@SkipScreen
[2011/10/11 23:30:11 | 000,001,945 | ---- | M] () -- C:\Users\xnguyen1\AppData\Roaming\Mozilla\Firefox\Profiles\7iuajncf.default\searchplugins\bing-zugo.xml
[2012/03/04 15:00:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/26 20:38:44 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/04/23 11:19:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/24 13:04:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/02/02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/07/12 11:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010/10/06 09:51:30 | 000,003,277 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\xfinitylcsearch.xml

O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Xfinity.com Toolbar) - {dcc70a83-e184-40a3-906b-779af5e941c4} - C:\Program Files\xfinitytb\xfinitydx.dll ()
O2 - BHO: (Updater For Xfinity.com Toolbar 3.5) - {e6d0b79e-ecac-411b-8bf6-7a574981af30} - C:\Program Files\xfinitytb\auxi\xfinityAu.dll (Visicom Media)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (Xfinity.com Toolbar) - {dcc70a83-e184-40a3-906b-779af5e941c4} - C:\Program Files\xfinitytb\xfinitydx.dll ()
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TurboTax 2011] "C:\Users\xnguyen1\AppData\Local\Temp\ckz_0A4S\TurboTax 2011\TurboTax 2011 Installer.exe" File not found
O4 - HKCU..\Run: [ComcastAntispyClient] "C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DD56B6B-B5A9-488F-8625-BF7A456554D9}: DhcpNameServer = 192.168.10.1 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/05 18:40:59 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\xnguyen1\Desktop\OTL.exe
[2012/03/03 18:13:22 | 000,000,000 | ---D | C] -- C:\Games
[2012/03/03 18:11:49 | 000,000,000 | ---D | C] -- C:\Users\xnguyen1\Documents\Nexus Mod Manager
[2012/03/03 18:11:49 | 000,000,000 | ---D | C] -- C:\Users\xnguyen1\AppData\Local\Black_Tree_Gaming
[2012/03/03 18:11:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2012/03/03 18:11:44 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager
[2012/02/12 15:43:22 | 000,000,000 | ---D | C] -- C:\Users\xnguyen1\Documents\Mount&Blade Warband Savegames
[2012/02/12 15:32:01 | 000,000,000 | ---D | C] -- C:\Users\xnguyen1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband
[2012/02/12 15:30:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mount&Blade Warband
[2012/02/12 02:39:39 | 000,000,000 | ---D | C] -- C:\Users\xnguyen1\AppData\Roaming\NVIDIA
[2012/02/12 02:37:54 | 000,000,000 | ---D | C] -- C:\Users\xnguyen1\Documents\Mount&Blade Warband
[2012/02/12 01:44:42 | 000,000,000 | ---D | C] -- C:\Users\xnguyen1\AppData\Roaming\Mount&Blade Warband
[2012/02/12 01:43:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband

========== Files - Modified Within 30 Days ==========

[2012/03/05 18:41:37 | 000,879,700 | ---- | M] () -- C:\Users\xnguyen1\Desktop\SecurityCheck.exe
[2012/03/05 18:41:01 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\xnguyen1\Desktop\OTL.exe
[2012/03/05 18:27:02 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/05 18:27:02 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/05 18:21:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/05 18:21:51 | 2616,598,528 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/03 18:11:45 | 000,001,043 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/02/25 21:17:23 | 000,000,780 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012/02/23 10:25:42 | 000,124,598 | ---- | M] () -- C:\Users\xnguyen1\Desktop\sales report.pdf
[2012/02/16 16:35:57 | 000,626,844 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/16 16:35:57 | 000,107,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/12 15:32:01 | 000,001,052 | ---- | M] () -- C:\Users\xnguyen1\Desktop\Mount&Blade Warband.lnk
[2012/02/07 09:40:31 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

========== Files Created - No Company Name ==========

[2012/03/05 18:41:37 | 000,879,700 | ---- | C] () -- C:\Users\xnguyen1\Desktop\SecurityCheck.exe
[2012/03/03 18:11:45 | 000,001,043 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/02/14 10:29:38 | 000,124,598 | ---- | C] () -- C:\Users\xnguyen1\Desktop\sales report.pdf
[2012/02/12 15:32:01 | 000,001,052 | ---- | C] () -- C:\Users\xnguyen1\Desktop\Mount&Blade Warband.lnk
[2011/10/15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/07/28 08:40:57 | 000,000,595 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011/05/02 20:32:34 | 000,077,648 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011/04/26 20:41:08 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/04/03 19:28:11 | 000,000,000 | ---- | C] () -- C:\Windows\System32\wow-4.0.0.1807-to-4.0.0.2072-enUS-tools-patch.exe.part
[2011/02/22 14:39:04 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/02/07 13:00:08 | 001,529,856 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2011/02/07 13:00:08 | 000,925,667 | ---- | C] () -- C:\Windows\System32\ffmpegmt.dll
[2011/02/07 13:00:08 | 000,721,798 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/02/07 13:00:08 | 000,336,384 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2011/02/07 13:00:08 | 000,324,096 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2011/02/07 13:00:08 | 000,216,576 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2011/02/07 13:00:08 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2011/02/07 13:00:08 | 000,145,408 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2011/02/07 13:00:08 | 000,140,800 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2011/02/07 13:00:08 | 000,121,856 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2011/02/07 13:00:08 | 000,100,864 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2011/02/07 13:00:08 | 000,065,024 | ---- | C] () -- C:\Windows\System32\FLT_ffdshow.dll
[2011/02/07 12:45:52 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/02/07 12:39:02 | 004,166,551 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
[2010/12/18 21:46:28 | 000,000,246 | ---- | C] () -- C:\Windows\PowerReg.dat
[2010/10/23 19:46:58 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2010/09/27 16:13:41 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2010/08/28 21:01:38 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/08/18 14:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2010/08/14 03:45:18 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2010/08/14 03:45:10 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2010/08/14 03:43:52 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2010/08/14 03:43:42 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
[2010/08/14 03:43:34 | 000,141,824 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2010/08/14 03:43:22 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2010/08/14 03:42:54 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2010/08/14 03:42:48 | 000,154,112 | ---- | C] () -- C:\Windows\System32\ts.dll
[2010/08/14 03:42:10 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
[2010/08/14 03:42:06 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2010/08/14 03:41:54 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
[2010/08/14 03:40:02 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2010/08/14 03:39:58 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll

========== LOP Check ==========

[2010/12/01 17:19:48 | 000,000,000 | ---D | M] -- C:\Users\xnguyen1\AppData\Roaming\Black Sea Studios
[2011/11/20 19:22:41 | 000,000,000 | ---D | M] -- C:\Users\xnguyen1\AppData\Roaming\Downloaded Installations
[2011/11/14 02:33:39 | 000,000,000 | ---D | M] -- C:\Users\xnguyen1\AppData\Roaming\GrabPro
[2011/06/10 19:54:43 | 000,000,000 | ---D | M] -- C:\Users\xnguyen1\AppData\Roaming\Lionhead Studios
[2012/02/12 01:44:56 | 000,000,000 | ---D | M] -- C:\Users\xnguyen1\AppData\Roaming\Mount&Blade Warband
[2011/11/20 19:26:32 | 000,000,000 | ---D | M] -- C:\Users\xnguyen1\AppData\Roaming\Nitro PDF
[2011/11/14 02:49:41 | 000,000,000 | ---D | M] -- C:\Users\xnguyen1\AppData\Roaming\Orbit
[2011/11/14 02:33:33 | 000,000,000 | ---D | M] -- C:\Users\xnguyen1\AppData\Roaming\ProgSense
[2011/11/21 15:56:01 | 000,000,000 | ---D | M] -- C:\Users\xnguyen1\AppData\Roaming\Softplicity
[2011/08/28 16:00:01 | 000,000,000 | ---D | M] -- C:\Users\xnguyen1\AppData\Roaming\VBA-M
[2011/11/18 16:04:41 | 000,000,000 | ---D | M] -- C:\Users\xnguyen1\AppData\Roaming\webex
[2012/02/22 19:48:01 | 000,032,656 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >



Results of screen317's Security Check version 0.99.31
Windows 7 x86 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 24
Java version out of date!
Adobe Flash Player 10.3.183.11 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (3.6.27) Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

``````````End of Log````````````

Edited by evilguy919, 06 March 2012 - 02:27 AM.


#2 sempai

sempai

    3 stars and a sun

  • Admin
  • 1,043 posts

Posted 06 March 2012 - 04:06 AM

Hi,


QUOTE
Update:
Never mind, I found out what happen.
I am not sure if you still need help or will consider this topic as resolved. Please advice.

#3 evilguy919

evilguy919

    Active Member

  • Active Members
  • 31 posts

Posted 06 March 2012 - 05:12 AM

Problem had been resolved. Thanks

#4 sempai

sempai

    3 stars and a sun

  • Admin
  • 1,043 posts

Posted 06 March 2012 - 01:25 PM

OK, thanks for letting us know.


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users