d2jsp
Log InRegister
d2jsp Forums > d2jsp > General Help > General Help Archive > Very Bad Problem > Help Is Needed Asap
12Next
Add Reply New Topic New Poll
Member
Posts: 25,015
Joined: May 9 2008
Gold: 3,516.80
Jun 12 2011 11:04pm
I just got done ridding of trojans/virus'/malware etc etc. Since I have done this I have ONLY been on Jsp and D2. I was listning to music on playlist when all the sudden it stopped playing music and said xxx has fail on your HDD you must restart. I restarted but now all my icons are gone my start menu is gone and the only thing left is everything in C"/Program files.

Wth is going on???

/E I just ran Malbytes yesterday and it came up as 0. Now it's saying I have 8 problems when I haven't even done anything. Could being on a unsecure network do it?


/E2 A strange scanner popped up when I restarted (I have never seen it) and started scanning my comp.

The only thing left on my comp is malwarebytes..

This post was edited by IIBBQII on Jun 12 2011 11:10pm
Member
Posts: 24,008
Joined: Nov 18 2008
Gold: 10,219.79
Jun 12 2011 11:07pm
you might have a rouge virus of some kind

PM this guy he is really informed with this kind of stuff: http://forums.d2jsp.org/user.php?i=772734
Member
Posts: 50,357
Joined: Feb 15 2007
Gold: 150.00
Warn: 100%
Jun 12 2011 11:08pm
If you are not very computer savvy I suggest paying for an antivirus subscription or using avg and hope for the best.
Member
Posts: 25,015
Joined: May 9 2008
Gold: 3,516.80
Jun 12 2011 11:08pm
Btw when I download something, it does not show up anywhere on my comp...
Member
Posts: 11,523
Joined: Jan 13 2010
Gold: 75.01
Jun 12 2011 11:10pm
Quote (IIBBQII @ Jun 12 2011 10:04pm)
I just got done ridding of trojans/virus'/malware etc etc. Since I have done this I have ONLY been on Jsp and D2. I was listning to music on playlist when all the sudden it stopped playing music and said xxx has fail on your HDD you must restart. I restarted but now all my icons are gone my start menu is gone and the only thing left is everything in C"/Program files.

Wth is going on???

/E I just ran Malbytes yesterday and it came up as 0. Now it's saying I have 8 problems when I haven't even done anything. Could being on a unsecure network do it?


/E2 A strange scanner popped up when I restarted (I have never seen it) and started scanning my comp.


the scanner is prob spyware

might be a rootkit still there
Member
Posts: 25,015
Joined: May 9 2008
Gold: 3,516.80
Jun 12 2011 11:13pm
Quote (Manevolent @ Jun 12 2011 09:10pm)
the scanner is prob spyware

might be a rootkit still there


I am running combo fix and malbytes. What was the other scanner you pm'd me a few day's ago?
Member
Posts: 25,015
Joined: May 9 2008
Gold: 3,516.80
Jun 12 2011 11:29pm
ComboFix 11-06-12.01 - Owner 06/12/2011 23:15:49.2.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1519.1039 [GMT -6:00]
Running from: c:\program files\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\17096484.exe
c:\documents and settings\All Users\Application Data\FcfOwmsgtCRNpxt.exe
c:\documents and settings\All Users\Application Data\nvvsvc.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SVRWSC
-------\Service_SvrWsc
.
.
((((((((((((((((((((((((( Files Created from 2011-05-13 to 2011-06-13 )))))))))))))))))))))))))))))))
.
.
2011-06-13 05:13 . 2011-06-13 05:13 4120455 ------r- c:\program files\ComboFix.exe
2011-06-12 03:08 . 2011-06-12 03:08 -------- d-----w- c:\program files\SystemRequirementsLab
2011-06-12 03:08 . 2011-06-12 03:08 -------- d--h--w- c:\documents and settings\Owner\Application Data\SystemRequirementsLab
2011-06-09 23:49 . 2011-06-09 23:49 -------- d-----w- c:\documents and settings\All Users\Application Data\regid.1986-12.com.adobe
2011-06-09 23:37 . 2011-06-09 23:47 -------- d-----w- c:\program files\Common Files\Adobe
2011-06-09 22:59 . 2011-06-09 23:36 -------- d-----w- c:\documents and settings\Adobe Photoshop CS5.1
2011-06-09 22:58 . 2011-06-09 22:58 -------- d--h--w- c:\documents and settings\Owner\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
2011-06-09 22:58 . 2011-06-09 22:58 -------- d-----w- c:\program files\Adobe Download Assistant
2011-06-09 22:58 . 2011-06-09 22:58 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-06-09 03:11 . 2011-06-09 03:11 -------- d-s---w- c:\documents and settings\LocalService\UserData
2011-06-09 02:21 . 2011-06-09 05:56 -------- d-----w- c:\program files\Crawler
2011-06-09 02:21 . 2011-06-09 02:21 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-06-09 02:21 . 2011-06-09 02:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2011-06-09 02:21 . 2011-06-09 02:21 -------- d-----w- c:\program files\Spyware Terminator
2011-06-09 02:00 . 2011-05-29 15:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-09 01:50 . 2011-06-09 01:50 170 ---ha-w- c:\documents and settings\Owner\Application Data\QreSDGLt.bat
2011-06-09 01:38 . 2011-06-09 01:38 -------- d-s---w- c:\documents and settings\NetworkService\UserData
2011-06-09 01:36 . 2011-06-09 05:47 -------- d-----w- c:\program files\QuestScan
2011-06-09 01:36 . 2011-06-09 03:13 -------- d-----w- c:\documents and settings\All Users\Application Data\QuestScan
2011-06-09 01:25 . 2011-06-09 01:25 -------- d-----w- c:\documents and settings\Administrator
2011-06-09 00:50 . 2011-06-09 09:24 -------- d-----w- c:\program files\Diablo II
2011-06-09 00:29 . 2011-06-09 00:29 0 ----a-w- c:\windows\Dxukeyibewe.bin
2011-06-09 00:27 . 2011-06-09 00:27 102400 --sha-r- c:\windows\system32\version4.dll
2011-06-09 00:27 . 2011-06-09 00:27 102400 --sha-r- c:\windows\system32\msvfw324.dll
2011-06-09 00:27 . 2011-06-09 00:27 102400 --sha-r- c:\windows\system32\l_excepti.dll
2011-06-09 00:20 . 2011-06-09 00:23 -------- d--h--w- c:\documents and settings\Owner\Application Data\AVG
2011-06-08 23:44 . 2011-06-08 23:44 -------- d-----w- c:\windows\system32\wbem\Repository
2011-06-08 22:25 . 2011-06-08 22:25 -------- d-----w- C:$AVG
2011-06-08 22:02 . 2011-06-08 22:02 -------- d--h--w- c:\documents and settings\Owner\Local Settings\Application Data\AVG Security Toolbar
2011-06-08 21:55 . 2011-06-08 21:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Common Files
2011-06-08 21:53 . 2011-06-08 23:43 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10
2011-06-08 21:53 . 2011-06-08 22:02 -------- d-----w- c:\windows\system32\drivers\AVG
2011-06-08 20:16 . 2011-06-08 20:16 -------- d-----w- c:\program files\Uniblue
2011-06-08 07:57 . 2011-06-08 08:02 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-06-08 07:56 . 2011-06-08 18:45 -------- d--h--w- c:\documents and settings\Owner\Application Data\DAEMON Tools Lite
2011-06-08 07:56 . 2011-06-08 07:56 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2011-06-08 05:36 . 2008-07-31 16:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-06-08 05:36 . 2008-07-31 16:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2011-06-08 05:36 . 2008-07-12 14:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2011-06-08 05:36 . 2008-07-12 14:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2011-06-08 05:36 . 2008-07-12 14:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-06-08 05:36 . 2011-06-08 05:36 -------- d-----w- c:\windows\Logs
2011-06-08 05:14 . 2011-06-08 05:19 -------- d--h--w- c:\documents and settings\Owner\Application Data\Ventrilo
2011-06-08 04:56 . 2011-06-08 06:59 -------- d--h--w- c:\documents and settings\Owner\Local Settings\Application Data\PMB Files
2011-06-08 04:56 . 2011-06-08 06:59 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2011-06-08 04:55 . 2011-06-08 04:55 -------- d-----w- c:\program files\Pando Networks
2011-06-08 03:59 . 2011-06-08 03:59 -------- d--h--w- c:\documents and settings\Owner\Local Settings\Application Data\Mozilla
2011-06-08 03:47 . 2011-06-08 03:47 -------- d--h--w- c:\documents and settings\Owner\Application Data\Malwarebytes
2011-06-08 03:46 . 2011-06-08 03:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-06-08 03:46 . 2011-06-09 02:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-09 01:15 . 2010-04-29 02:05 21840 -c--atw- c:\windows\system32\SIntfNT.dll
2011-06-09 01:15 . 2010-04-29 02:05 17212 -c--atw- c:\windows\system32\SIntf32.dll
2011-06-09 01:15 . 2010-04-29 02:05 12067 ----atw- c:\windows\system32\SIntf16.dll
2011-04-14 16:26 . 2011-06-08 03:59 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-09_02.46.27 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-27 01:07 . 2009-06-27 01:07 59712 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90rus.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 42816 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90kor.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 43328 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90jpn.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 61248 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90ita.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 62784 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90fra.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90esp.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90esn.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90enu.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90deu.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 36672 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90cht.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90chs.dll
+ 2009-06-27 01:10 . 2009-06-27 01:10 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfcm90u.dll
+ 2009-06-27 01:10 . 2009-06-27 01:10 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfcm90.dll
+ 2011-06-13 05:22 . 2011-06-13 05:22 16384 c:\windows\temp\Perflib_Perfdata_69c.dat
- 2004-08-04 12:00 . 2011-06-09 01:29 68156 c:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2011-06-09 02:47 68156 c:\windows\system32\perfc009.dat
+ 2011-06-13 04:55 . 2011-06-13 04:56 31752 c:\windows\system32\GDIPFONTCACHEV1.DAT
+ 2010-01-18 00:07 . 2011-06-13 04:57 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-18 00:07 . 2010-11-19 03:27 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-18 00:07 . 2011-06-13 04:57 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-01-18 00:07 . 2010-11-18 21:04 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-06-13 04:48 . 2011-06-13 04:57 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-01-18 00:07 . 2010-11-18 21:04 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-06-09 23:44 . 2011-06-09 23:44 29184 c:\windows\Installer\338447b.msi
+ 2011-06-12 03:08 . 2011-06-12 03:08 30208 c:\windows\Installer\327eabc.msi
+ 2011-06-09 22:58 . 2011-06-09 22:58 21504 c:\windows\Installer\31077d3.msi
+ 2011-06-09 22:58 . 2011-06-09 22:58 28160 c:\windows\Installer\31077ce.msi
+ 2011-06-09 23:41 . 2011-06-09 23:41 10134 c:\windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe
+ 2011-06-09 23:42 . 2011-06-09 23:42 10134 c:\windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe
+ 2011-06-09 23:42 . 2011-06-09 23:42 10134 c:\windows\Installer\{B6D38690-755E-4F40-A35A-23F8BC2B86AC}\ARPPRODUCTICON.exe
+ 2011-06-09 23:41 . 2011-06-09 23:41 10134 c:\windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
+ 2011-06-09 23:42 . 2011-06-09 23:42 10134 c:\windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe
+ 2011-06-09 23:45 . 2011-06-09 23:45 10134 c:\windows\Installer\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}\ARPPRODUCTICON.exe
+ 2011-06-09 23:41 . 2011-06-09 23:41 10134 c:\windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
+ 2011-06-09 23:42 . 2011-06-09 23:42 10134 c:\windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe
+ 2011-06-12 03:19 . 2004-01-30 02:13 33847 c:\windows\Drivers\Intel\Graphics\wa301b.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 33847 c:\windows\Drivers\Intel\Graphics\wa301a.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 21045 c:\windows\Drivers\Intel\Graphics\Vch.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 69632 c:\windows\Drivers\Intel\Graphics\oemdspif.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 94208 c:\windows\Drivers\Intel\Graphics\igfxext.exe
+ 2011-06-12 03:19 . 2004-01-30 02:13 32768 c:\windows\Drivers\Intel\Graphics\igfxexps.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 86016 c:\windows\Drivers\Intel\Graphics\igfxdo.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 45056 c:\windows\Drivers\Intel\Graphics\igfxdgps.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 36927 c:\windows\Drivers\Intel\Graphics\ialmrnt5.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 94267 c:\windows\Drivers\Intel\Graphics\ialmrem.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 95579 c:\windows\Drivers\Intel\Graphics\ialmnt5.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 99002 c:\windows\Drivers\Intel\Graphics\ialmkchw.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 65536 c:\windows\Drivers\Intel\Graphics\ialmcoin.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 11319 c:\windows\Drivers\Intel\Graphics\a314.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 37431 c:\windows\Drivers\Intel\Graphics\a313.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 33335 c:\windows\Drivers\Intel\Graphics\a311.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 33335 c:\windows\Drivers\Intel\Graphics\a310.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 26167 c:\windows\Drivers\Intel\Graphics\a309.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 11319 c:\windows\Drivers\Intel\Graphics\a308.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 21559 c:\windows\Drivers\Intel\Graphics\a307.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 16951 c:\windows\Drivers\Intel\Graphics\a306.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 12855 c:\windows\Drivers\Intel\Graphics\a305.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 46647 c:\windows\Drivers\Intel\Graphics\a304.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 29751 c:\windows\Drivers\Intel\Graphics\a303.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 11831 c:\windows\Drivers\Intel\Graphics\a302.sys
+ 2009-06-27 01:07 . 2009-06-27 01:07 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcr90.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcp90.dll
+ 2009-06-27 01:10 . 2009-06-27 01:10 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcm90.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_35349982\atl90.dll
- 2004-08-04 12:00 . 2011-06-09 01:29 435260 c:\windows\system32\perfh009.dat
+ 2004-08-04 12:00 . 2011-06-09 02:47 435260 c:\windows\system32\perfh009.dat
+ 2011-03-01 00:01 . 2011-03-01 00:01 947472 c:\windows\system32\msjava.dll
+ 2011-06-09 23:45 . 2011-06-09 23:45 356352 c:\windows\Installer\3384480.msi
+ 2011-06-09 23:42 . 2011-06-09 23:42 319488 c:\windows\Installer\3384476.msi
+ 2011-06-09 23:42 . 2011-06-09 23:42 315392 c:\windows\Installer\3384471.msi
+ 2011-06-09 23:42 . 2011-06-09 23:42 316928 c:\windows\Installer\338446c.msi
+ 2011-06-09 23:42 . 2011-06-09 23:42 356864 c:\windows\Installer\3384467.msi
+ 2011-06-09 23:41 . 2011-06-09 23:41 359424 c:\windows\Installer\3384462.msi
+ 2011-06-09 23:41 . 2011-06-09 23:41 356352 c:\windows\Installer\338445d.msi
+ 2011-06-09 23:41 . 2011-06-09 23:41 316416 c:\windows\Installer\3384458.msi
+ 2011-06-12 03:19 . 2004-01-30 02:13 155648 c:\windows\Drivers\Intel\Graphics\igfxtray.exe
+ 2011-06-12 03:19 . 2004-01-30 02:13 323584 c:\windows\Drivers\Intel\Graphics\igfxsrvc.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 909312 c:\windows\Drivers\Intel\Graphics\igfxress.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 204800 c:\windows\Drivers\Intel\Graphics\igfxpph.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 122880 c:\windows\Drivers\Intel\Graphics\igfxhk.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 221184 c:\windows\Drivers\Intel\Graphics\igfxeud.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 151552 c:\windows\Drivers\Intel\Graphics\igfxdiag.exe
+ 2011-06-12 03:19 . 2004-01-30 02:13 151552 c:\windows\Drivers\Intel\Graphics\igfxdev.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 499712 c:\windows\Drivers\Intel\Graphics\igfxcfg.exe
+ 2011-06-12 03:19 . 2004-01-30 02:13 122110 c:\windows\Drivers\Intel\Graphics\ialmsbw.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 192512 c:\windows\Drivers\Intel\Graphics\ialmgdev.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 116796 c:\windows\Drivers\Intel\Graphics\ialmdnt5.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 198331 c:\windows\Drivers\Intel\Graphics\ialmdev5.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 488002 c:\windows\Drivers\Intel\Graphics\ialmdd5.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 118784 c:\windows\Drivers\Intel\Graphics\hkcmd.exe
+ 2011-06-12 03:19 . 2004-01-30 02:13 118784 c:\windows\Drivers\Intel\Graphics\hccutils.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 3780416 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfc90u.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfc90.dll
+ 2010-01-17 16:52 . 2011-06-10 18:07 3462192 c:\windows\system32\FNTCACHE.DAT
+ 2011-06-09 23:46 . 2011-06-09 23:46 2096128 c:\windows\Installer\3384485.msi
+ 2011-06-12 03:19 . 2004-01-30 02:13 1851392 c:\windows\Drivers\Intel\Graphics\ialmgicd.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PRONoMgr.exe"="c:\program files\Intel\NCS\PROSet\PRONoMgr.exe" [2003-03-11 86016]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-05 114688]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-13 642856]
"Linksys Wireless Manager"="c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" [2009-02-15 1358384]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-06-01 149280]
"QuickTime Task"="c:\program files\MpcStar\Codecs\QuickTime\qttask.exe" [2010-03-19 421888]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Taskman"=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 11:42 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-19 04:16 421888 ----a-w- c:\program files\MpcStar\Codecs\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2009-07-08 18:31 236016 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Nwsapagent"=2 (0x2)
"YahooAUService"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Owner\\Desktop\\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\\pvpgn-1.8.5\\PvPGN.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21041:TCP"= 21041:TCP:BitComet 21041 TCP
"21041:UDP"= 21041:UDP:BitComet 21041 UDP
"58801:TCP"= 58801:TCP:Pando Media Booster
"58801:UDP"= 58801:UDP:Pando Media Booster
.
R2 d2dbs;d2dbs service;c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\d2dbsConsole.exe --service --> c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\d2dbsConsole.exe --service [?]
R2 D2GS;Diablo II Close Game Server;c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\ORIGINAL REALM\D2GSSVC.exe [4/13/2011 2:41 PM 14848]
R2 pvpgn;PvPGN service;c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\PvPGNConsole.exe --service --> c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\PvPGNConsole.exe --service [?]
S?2 d2cs;d2cs service;c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\d2csConsole.exe --service --> c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\d2csConsole.exe --service [?]
S2 TeamViewer6;TeamViewer 6;c:\docume~1\Owner\LOCALS~1\Temp\TeamViewer\Version6\TeamViewer_Service.exe --> c:\docume~1\Owner\LOCALS~1\Temp\TeamViewer\Version6\TeamViewer_Service.exe [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 qrkis;Tether Miniport;c:\windows\system32\drivers\qrkis.sys [8/24/2010 6:30 PM 45608]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]
.
.
------- Supplementary Scan -------
.
uStart Page = my.daemon-search.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\mhmcsoql.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - d2jsp.org
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-SvrWsc - (no file)
HKLM-Run-CLCKR - c:\documents and settings\All Users\Application Data\nvvsvc.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-12 23:23
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(648)
c:\windows\system32\l3codeca.acm
.
- - - - - - - > 'explorer.exe'(4044)
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\d2dbsConsole.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\ORIGINAL REALM\D2GS.EXE
c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\PvPGNConsole.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files\Internet Explorer\iexplore.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\imapi.exe
c:\progra~1\Yahoo!\Messenger\ymsgr_tray.exe
c:\windows\system32\rundll32.exe
c:\program files\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Completion time: 2011-06-12 23:26:05 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-13 05:26
ComboFix2.txt 2011-06-09 02:49
.
Pre-Run: 135,877,091,328 bytes free
Post-Run: 134,367,809,536 bytes free
.
- - End Of File - - BC21B7B9E22EA0CDCC764D9076E918BF


I got my desktop back but my computer is acting very strange.
Member
Posts: 8,153
Joined: Dec 30 2005
Gold: 1,333.63
Jun 13 2011 03:06am
Have you already scanned your computer with Malwarebytes since you are having those problems? Before running it, you should start you computer in safe mode.
Trade Moderator
Posts: 27,986
Joined: Dec 20 2005
Gold: 149,175.00
Trader: Trusted
Jun 13 2011 04:54am
Scan your system with Hijackthis and then copy paste the log to thier site for analyze .
This will tell you what ever your pc running is nasty or what ever.
Also it shows you some hidden program's in your system that run's in the shadow's.
Member
Posts: 25,015
Joined: May 9 2008
Gold: 3,516.80
Jun 13 2011 05:28am
Quote (iDGames @ Jun 13 2011 01:06am)
Have you already scanned your computer with Malwarebytes since you are having those problems? Before running it, you should start you computer in safe mode.



Yes I have. I got it under control now but it will be back.
Go Back To General Help Archive Topic List
12Next
Add Reply New Topic New Poll