1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Limited connectivity to internet from several apps.

Discussion in 'Malware and Virus Removal Archive' started by bobpommer, 2011/04/20.

Thread Status:
Not open for further replies.
  1. 2011/04/20
    bobpommer

    bobpommer Inactive Thread Starter

    Joined:
    2011/04/18
    Messages:
    7
    Likes Received:
    0
    [Inactive] Limited connectivity to internet from several apps.

    I just got a new gaming rig. Windows 7 64 home edition. Service Pack 1

    My problem.

    I can access the internet through Chrome.
    Programs like yahoo messenger, starcraft, minecraft, dragon age 2 and others can access the internet servers for log in or downloads.

    Programs like I.E. firefox, Steam, Electronic arts Download manager, Crysis 2, he Avast program and virus definitions update and the norton update cannot find their respective servers along with several other programs

    the system came with norton internet security. I have uninstalled. I have installed Avast internet security.

    I have checked that my internet settings have auto configure proxy.
    I have turned off my windows firewall
    I have turned off my avast firewall

    Same problem (server not found) in the applications above.

    I have manually added these applications as approved apps in both windows firewall and avast. I opened all ports, TCP/UDP

    I tried resetting all networking to default settings.

    This is driving me crazy....

    Any suggestions?
     
    bobpommer,
    #1
  2. 2011/04/20
    bobpommer

    bobpommer Inactive Thread Starter

    Joined:
    2011/04/18
    Messages:
    7
    Likes Received:
    0
    Results of malware scans

    I went ahead and followed the instructions for the malware diagnosis.

    Results below.

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows 7 Home Premium Edition
    Windows Information: Service Pack 1 (build 7601), 64-bit
    Base Board Manufacturer: ASUSTeK Computer INC.
    BIOS Manufacturer: American Megatrends Inc.
    System Manufacturer: System manufacturer
    System Product Name: System Product Name
    Logical Drives Mask: 0x000001fc

    Kernel Drivers (total 173):
    0x0305E000 \SystemRoot\system32\ntoskrnl.exe
    0x03015000 \SystemRoot\system32\hal.dll
    0x00B9F000 \SystemRoot\system32\kdcom.dll
    0x00C35000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
    0x00C84000 \SystemRoot\system32\PSHED.dll
    0x00C98000 \SystemRoot\system32\CLFS.SYS
    0x00CF6000 \SystemRoot\system32\CI.dll
    0x00EE1000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x00F85000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x00F94000 \SystemRoot\system32\drivers\ACPI.sys
    0x00FEB000 \SystemRoot\system32\drivers\WMILIB.SYS
    0x00FF4000 \SystemRoot\system32\drivers\msisadrv.sys
    0x00E00000 \SystemRoot\system32\drivers\pci.sys
    0x00E33000 \SystemRoot\system32\drivers\vdrvroot.sys
    0x00E40000 \SystemRoot\System32\drivers\partmgr.sys
    0x00E55000 \SystemRoot\system32\drivers\volmgr.sys
    0x00E6A000 \SystemRoot\System32\drivers\volmgrx.sys
    0x00EC6000 \SystemRoot\system32\drivers\pciide.sys
    0x00ECD000 \SystemRoot\system32\drivers\PCIIDEX.SYS
    0x00DB6000 \SystemRoot\system32\DRIVERS\mv91cons.sys
    0x00DC0000 \SystemRoot\System32\drivers\mountmgr.sys
    0x00DDA000 \SystemRoot\system32\drivers\atapi.sys
    0x00C00000 \SystemRoot\system32\drivers\ataport.SYS
    0x010A7000 \SystemRoot\system32\DRIVERS\mv91xx.sys
    0x01134000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
    0x01163000 \SystemRoot\system32\DRIVERS\mvxxmm.sys
    0x01176000 \SystemRoot\system32\DRIVERS\storport.sys
    0x011D9000 \SystemRoot\system32\drivers\amdxata.sys
    0x01000000 \SystemRoot\system32\drivers\fltmgr.sys
    0x0104C000 \SystemRoot\system32\drivers\fileinfo.sys
    0x0123C000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x01438000 \SystemRoot\System32\Drivers\msrpc.sys
    0x01496000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x014B1000 \SystemRoot\System32\Drivers\cng.sys
    0x01523000 \SystemRoot\System32\drivers\pcw.sys
    0x01534000 \SystemRoot\System32\Drivers\Fs_Rec.sys
    0x01614000 \SystemRoot\system32\drivers\ndis.sys
    0x01707000 \SystemRoot\system32\drivers\NETIO.SYS
    0x01767000 \SystemRoot\System32\Drivers\aswNdis2.sys
    0x017A9000 \SystemRoot\System32\Drivers\ksecpkg.sys
    0x01832000 \SystemRoot\System32\drivers\tcpip.sys
    0x01A36000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x01A80000 \SystemRoot\system32\DRIVERS\aswNdis.sys
    0x01A87000 \SystemRoot\system32\drivers\volsnap.sys
    0x01AD3000 \SystemRoot\System32\Drivers\spldr.sys
    0x01ADB000 \SystemRoot\System32\drivers\rdyboost.sys
    0x01B15000 \SystemRoot\System32\Drivers\mup.sys
    0x01B27000 \SystemRoot\System32\drivers\hwpolicy.sys
    0x01B30000 \SystemRoot\system32\drivers\GDBehave.sys
    0x01B40000 \SystemRoot\System32\DRIVERS\fvevol.sys
    0x01B7A000 \SystemRoot\system32\drivers\disk.sys
    0x01B90000 \SystemRoot\system32\drivers\CLASSPNP.SYS
    0x01800000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x0153E000 \SystemRoot\System32\Drivers\aswSnx.SYS
    0x017D4000 \??\C:\Windows\system32\drivers\MiniIcpt.sys
    0x017EE000 \??\C:\Windows\system32\drivers\HookCentre.sys
    0x01BF6000 \SystemRoot\System32\Drivers\Null.SYS
    0x0182A000 \SystemRoot\System32\Drivers\Beep.SYS
    0x01600000 \SystemRoot\System32\drivers\vga.sys
    0x015BE000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x015E3000 \SystemRoot\System32\drivers\watchdog.sys
    0x015F3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x01400000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x01409000 \SystemRoot\system32\drivers\rdprefmp.sys
    0x01412000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x0141D000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x01200000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x01222000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x01060000 \SystemRoot\System32\Drivers\aswFW.SYS
    0x013DF000 \SystemRoot\System32\Drivers\aswTdi.SYS
    0x04429000 \SystemRoot\system32\drivers\afd.sys
    0x044B2000 \SystemRoot\System32\Drivers\aswRdr.SYS
    0x044BC000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x04501000 \SystemRoot\system32\drivers\ws2ifsl.sys
    0x0450C000 \SystemRoot\system32\DRIVERS\wfplwf.sys
    0x04515000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x0453B000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x0454A000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x04565000 \SystemRoot\system32\DRIVERS\termdd.sys
    0x04579000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x045CA000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x045D6000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0x045E1000 \SystemRoot\system32\drivers\gdwfpcd64.sys
    0x045F1000 \SystemRoot\System32\drivers\discache.sys
    0x04400000 \SystemRoot\System32\Drivers\dfsc.sys
    0x013EF000 \SystemRoot\system32\DRIVERS\blbdrive.sys
    0x046F6000 \SystemRoot\System32\Drivers\aswSP.SYS
    0x04741000 \SystemRoot\SysWow64\drivers\AsIO.sys
    0x04747000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x0476D000 \SystemRoot\system32\DRIVERS\intelppm.sys
    0x04783000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
    0x047B3000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x12238000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    0x12E94000 \SystemRoot\System32\Drivers\nvBridge.kmd
    0x12E96000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x12F8A000 \SystemRoot\System32\drivers\dxgmms1.sys
    0x12FD0000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0x12200000 \SystemRoot\system32\DRIVERS\usbuhci.sys
    0x04600000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x1220D000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x04656000 \SystemRoot\system32\DRIVERS\Xeno7x64.sys
    0x0467F000 \SystemRoot\system32\DRIVERS\yk62x64.sys
    0x047B5000 \SystemRoot\system32\DRIVERS\1394ohci.sys
    0x1221E000 \SystemRoot\system32\DRIVERS\ASACPI.sys
    0x12226000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
    0x046E4000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
    0x01082000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
    0x05869000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x0588D000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x05899000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x058C8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x058E3000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x05904000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x0591E000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x0592D000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x0593C000 \SystemRoot\system32\DRIVERS\swenum.sys
    0x0593E000 \SystemRoot\system32\DRIVERS\ks.sys
    0x05981000 \SystemRoot\system32\DRIVERS\nvoclk64.sys
    0x05991000 \SystemRoot\system32\DRIVERS\umbus.sys
    0x059A3000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
    0x05800000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x059BB000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x059D0000 \SystemRoot\system32\drivers\nvhda64v.sys
    0x06E12000 \SystemRoot\system32\drivers\portcls.sys
    0x06E4F000 \SystemRoot\system32\drivers\drmk.sys
    0x06E71000 \SystemRoot\system32\drivers\ksthunk.sys
    0x07003000 \SystemRoot\system32\drivers\RTKVHD64.sys
    0x06E77000 \SystemRoot\system32\DRIVERS\cdfs.sys
    0x06E94000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
    0x00040000 \SystemRoot\System32\win32k.sys
    0x071F0000 \SystemRoot\System32\drivers\Dxapi.sys
    0x06EAF000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x06EBD000 \SystemRoot\System32\Drivers\dump_dumpata.sys
    0x06EC9000 \SystemRoot\System32\Drivers\dump_atapi.sys
    0x06ED2000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
    0x06EE5000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x00500000 \SystemRoot\System32\TSDDD.dll
    0x00790000 \SystemRoot\System32\cdd.dll
    0x06EF3000 \SystemRoot\system32\drivers\luafv.sys
    0x06F16000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
    0x06F50000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
    0x06F59000 \SystemRoot\system32\drivers\WudfPf.sys
    0x06F7A000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0x06F8F000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0x048B3000 \SystemRoot\system32\drivers\HTTP.sys
    0x0497C000 \SystemRoot\System32\Drivers\fastfat.SYS
    0x049B2000 \SystemRoot\system32\DRIVERS\bowser.sys
    0x049D0000 \SystemRoot\System32\drivers\mpsdrv.sys
    0x04800000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0x0482D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0x0487A000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0x06FA7000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x0489E000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0x06FC4000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0x049E8000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0x06FDD000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
    0x049F1000 \SystemRoot\system32\DRIVERS\kbdhid.sys
    0x06FF2000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0x01BC0000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
    0x06E00000 \SystemRoot\system32\DRIVERS\usbprint.sys
    0x07C6F000 \SystemRoot\system32\drivers\peauth.sys
    0x07D15000 \SystemRoot\System32\Drivers\secdrv.SYS
    0x07D20000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0x07D51000 \SystemRoot\System32\drivers\tcpipreg.sys
    0x07D63000 \??\C:\Users\Bob Pommer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys
    0x07D6A000 \??\C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl
    0x07D95000 \SystemRoot\System32\DRIVERS\srv2.sys
    0x080E7000 \SystemRoot\System32\DRIVERS\srv.sys
    0x0817F000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
    0x081B0000 \??\C:\Windows\system32\drivers\PktIcpt.sys
    0x774D0000 \Windows\System32\ntdll.dll
    0x48480000 \Windows\System32\smss.exe
    0xFF7F0000 \Windows\System32\apisetschema.dll

    Processes (total 91):
    0 System Idle Process
    4 System
    360 C:\Windows\System32\smss.exe
    516 csrss.exe
    616 C:\Windows\System32\wininit.exe
    624 csrss.exe
    664 C:\Windows\System32\services.exe
    692 C:\Windows\System32\lsass.exe
    700 C:\Windows\System32\lsm.exe
    792 C:\Windows\System32\svchost.exe
    880 C:\Windows\System32\nvvsvc.exe
    920 C:\Windows\System32\svchost.exe
    168 C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
    164 C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVK\AVKWCtlX64.exe
    536 C:\Windows\System32\svchost.exe
    496 C:\Windows\System32\svchost.exe
    1028 C:\Windows\System32\svchost.exe
    1128 C:\Windows\System32\audiodg.exe
    1172 C:\Windows\System32\svchost.exe
    1292 C:\Program Files\AVAST Software\Avast\afwServ.exe
    1516 C:\Windows\System32\spoolsv.exe
    1548 C:\Windows\System32\svchost.exe
    1608 C:\Windows\System32\svchost.exe
    1720 C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
    1744 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    1772 C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
    1804 C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVK\AVKService.exe
    1864 C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
    1936 C:\Windows\System32\winlogon.exe
    2040 C:\Windows\System32\svchost.exe
    1264 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    2100 C:\ASUS.SYS\CONFIG\DVMExportService.exe
    2128 C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
    2196 C:\Windows\System32\svchost.exe
    2256 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    2348 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    2388 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    2464 C:\Windows\System32\svchost.exe
    2488 C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
    2536 C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe
    2580 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    2740 WmiPrvSE.exe
    3488 C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Firewall\GDFwSvcx64.exe
    3672 C:\Windows\System32\svchost.exe
    3764 WUDFHost.exe
    4416 AvkBap64.exe
    4624 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    4636 C:\Windows\System32\nvvsvc.exe
    5020 C:\Windows\System32\taskeng.exe
    5100 C:\Windows\System32\taskhost.exe
    4772 C:\Windows\System32\taskeng.exe
    3712 C:\Windows\System32\dwm.exe
    5044 C:\Windows\explorer.exe
    5468 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    5492 C:\Program Files\Logitech\SetPointP\SetPoint.exe
    5520 C:\Program Files\Windows Sidebar\sidebar.exe
    5628 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    5812 C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
    6048 C:\Program Files\AVAST Software\Avast\AvastUI.exe
    5876 C:\PROGRA~2\SPEEDB~1\VideoAcceleratorEngine.exe
    6548 C:\Windows\System32\svchost.exe
    6812 WmiPrvSE.exe
    7072 PrintIsolationHost.exe
    4236 C:\Windows\splwow64.exe
    4596 C:\Windows\System32\taskhost.exe
    6760 C:\Program Files\Windows Media Player\wmpnetwk.exe
    6716 C:\Program Files\AVAST Software\Avast\Setup\avast.setup
    6436 WmiPrvSE.exe
    7360 C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
    8100 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    6832 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    6940 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    7396 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    7388 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    7380 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    4208 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    7488 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    6796 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    7912 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.2.0.0_0\plugin\ClickClean.exe
    7884 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    8044 C:\Windows\SysWOW64\rundll32.exe
    8056 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    7544 C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    8016 C:\Windows\System32\SearchIndexer.exe
    8472 C:\Windows\System32\SearchProtocolHost.exe
    8508 C:\Windows\System32\SearchFilterHost.exe
    9140 dllhost.exe
    9192 dllhost.exe
    7976 D:\Downloads\Chrome Downloads\MBRCheck.exe
    7992 C:\Windows\System32\conhost.exe
    7908 C:\Program Files\AVAST Software\Avast\defs\11022400\Sf.bin

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
    \\.\D: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)

    PhysicalDrive0 Model Number: ADATASSDS599128GB, Rev: 3.1.0
    PhysicalDrive1 Model Number: WDCWD1002FAEX-00Z3A0, Rev: 05.01D05

    Size Device Name MBR Status
    --------------------------------------------
    111 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
    SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
    931 GB \\.\PhysicalDrive1 RE: Windows 7 MBR code detected
    SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


    Done!

    GMER 1.0.15.15570 - http://www.gmer.net
    Rootkit scan 2011-04-20 08:38:48
    Windows 6.1.7601 Service Pack 1
    Running: 30w8ihcf.exe


    ---- Files - GMER 1.0.15 ----

    File C:\## aswSnx private storage 0 bytes
    File C:\## aswSnx private storage\r3 0 bytes
    File C:\## aswSnx private storage\sfzone 0 bytes
    File C:\## aswSnx private storage\sfzone\attrib 0 bytes
    File C:\## aswSnx private storage\sfzone\image 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Program Files 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Program Files\AVAST Software 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Program Files\AVAST Software\Avast 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Program Files\AVAST Software\Avast\sfzone 0 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile 0 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\chrome_shutdown_ms.txt 3 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default 0 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Archived History 53248 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Bookmarks 505 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Bookmarks.bak 505 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache 0 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\data_0 45056 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\data_1 270336 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\data_2 8192 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\data_3 8192 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cache\index 524656 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Cookies 6144 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Current Session 198 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Favicons 10240 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\History 90112 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Plugin Data 0 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Plugin Data\Google Gears 0 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Preferences 1513 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\User StyleSheets 0 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\User StyleSheets\Custom.css 0 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Visited Links 131072 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Default\Web Data 61440 bytes
    File C:\## aswSnx private storage\sfzone\image\sfzone_profile\Local State 1493 bytes
    File C:\## aswSnx private storage\sfzone\image\Users 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\History 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\History\History.IE5 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 16384 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\Temporary Internet Files 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8STQVO73 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8STQVO73\desktop.ini 67 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BHZK4XAO 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BHZK4XAO\desktop.ini 67 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EWBY7J1A 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EWBY7J1A\desktop.ini 67 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 32768 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OW99B8EF 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OW99B8EF\desktop.ini 67 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Local\Temp 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Roaming 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Roaming\Microsoft 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Roaming\Microsoft\Windows 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Roaming\Microsoft\Windows\Cookies 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\AppData\Roaming\Microsoft\Windows\Cookies\index.dat 16384 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\Desktop 0 bytes
    File C:\## aswSnx private storage\sfzone\image\Users\Bob Pommer\Desktop\Chromium.lnk 2123 bytes
    File C:\## aswSnx private storage\sfzone\snx_fs.dat 9178 bytes
    File C:\## aswSnx private storage\snx_rhive 262144 bytes
    File C:\## aswSnx private storage\snx_rhive.LOG1 21504 bytes
    File C:\## aswSnx private storage\snx_rhive.LOG2 0 bytes
    File C:\## aswSnx private storage\snx_rhive{79e53148-69d7-11e0-ba91-b8d4dc3b4728}.TM.blf 65536 bytes
    File C:\## aswSnx private storage\snx_rhive{79e53148-69d7-11e0-ba91-b8d4dc3b4728}.TMContainer00000000000000000001.regtrans-ms 524288 bytes
    File C:\## aswSnx private storage\snx_rhive{79e53148-69d7-11e0-ba91-b8d4dc3b4728}.TMContainer00000000000000000002.regtrans-ms 524288 bytes
    File D:\## aswSnx private storage 0 bytes
    File D:\## aswSnx private storage\r3 0 bytes
    File D:\## aswSnx private storage\sfzone 0 bytes
    File D:\## aswSnx private storage\sfzone\attrib 0 bytes
    File D:\## aswSnx private storage\sfzone\image 0 bytes

    ---- EOF - GMER 1.0.15 ----
     
    bobpommer,
    #2


  3. to hide this advert.

  4. 2011/04/20
    bobpommer

    bobpommer Inactive Thread Starter

    Joined:
    2011/04/18
    Messages:
    7
    Likes Received:
    0
    Malware results

    .
    DDS (Ver_11-03-05.01) - NTFS_AMD64
    Run by Bob Pommer at 8:51:16.51 on Wed 04/20/2011
    Internet Explorer: 9.0.8112.16421
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12279.9758 [GMT -5:00]
    .
    AV: avast! Internet Security *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Ad-Aware Total Security *Disabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}
    SP: avast! Internet Security *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Ad-Aware Total Security *Enabled/Updated* {EFCD2318-A544-E9EB-4022-6820AEE79F52}
    FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
    FW: Ad-Aware Personal Firewall *Enabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVK\AVKWCtlX64.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\svchost.exe -k NetworkService
    C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVK\AVKService.exe
    C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\ASUS.SYS\CONFIG\DVMExportService.exe
    C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
    C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Firewall\GDFwSvcx64.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe
    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Logitech\SetPointP\SetPoint.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
    C:\PROGRA~2\SPEEDB~1\VideoAcceleratorEngine.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Windows\splwow64.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\PrintIsolationHost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.2.0.0_0\plugin\ClickClean.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\AVAST Software\Avast\setup\avast.setup
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    D:\Downloads\Chrome Downloads\dds.scr
    C:\Windows\system32\conhost.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.mail.google.com/
    uDefault_Page_URL = hxxp://www.msn.com
    mDefault_Page_URL = hxxp://www.msn.com
    mStart Page = hxxp://www.msn.com
    uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    mWinlogon: Userinit=userinit.exe
    BHO: Ad-Aware WebFilter: {0124123d-61b4-456f-af86-78c53a0790c5} - C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\WebFilter\AvkWebIE.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    BHO: Search-Results Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    TB: Ad-Aware WebFilter: {0124123d-61b4-456f-af86-78c53a0790c5} - C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\WebFilter\AvkWebIE.dll
    TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
    TB: Search-Results Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
    uRun: [TVPlanet]
    uRun: [RadioPlanet]
    uRun: [C:!Users!Bob Pommer!AppData!Local!Google!Chrome!User Data_service_run] "C:\Users\Bob Pommer\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
    mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5 "
    mRun: [MDS_Menu] "C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1 "
    mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0 "
    mRun: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0 "
    mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0 "
    mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter "
    mRun: [<NO NAME>]
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    LSP: %SYSTEMROOT%\system32\BfLLR.dll
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
    DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe "
    BHO-X64: Ad-Aware WebFilter: {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Webfilter\AVKWebIEx64.dll
    BHO-X64: Ad-Aware WebFilter Class - No File
    BHO-X64: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    TB-X64: Ad-Aware WebFilter: {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Webfilter\AVKWebIEx64.dll
    TB-X64: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    mRun-x64: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\BOBPOM~1\AppData\Roaming\Mozilla\Firefox\Profiles\tumoei8g.default\
    FF - prefs.js: browser.search.selectedEngine - Bing
    FF - prefs.js: browser.startup.homepage - www.bing.com
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\Download Manager\npfpdlm.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    FF - plugin: C:\Users\Bob Pommer\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2011-4-18 12368]
    R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2011-4-18 253784]
    R0 GDBehave;GDBehave;C:\Windows\System32\drivers\GDBehave.sys [2011-3-18 40392]
    R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\System32\drivers\mv91cons.sys [2010-11-22 24880]
    R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-11-22 303408]
    R1 aswFW;avast! TDI Firewall driver;C:\Windows\System32\drivers\aswFW.sys [2011-4-18 127320]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-4-18 505176]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-4-18 280408]
    R1 GDMnIcpt;GDMnIcpt;C:\Windows\System32\drivers\MiniIcpt.sys [2011-3-18 85960]
    R1 gdwfpcd;G DATA WFP CD;C:\Windows\System32\drivers\gdwfpcd64.sys [2011-3-18 48584]
    R1 HookCentre;HookCentre;C:\Windows\System32\drivers\HookCentre.sys [2011-3-18 49096]
    R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2011/03/16 16:41:43];C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [2009-8-28 146928]
    R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2011-3-19 96896]
    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-4-18 22360]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-4-18 64344]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-4-18 42184]
    R2 AVKProxy;Ad-Aware Total Security Proxy;C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2010-6-29 1081384]
    R2 AVKService;Ad-Aware Scheduler;C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVK\AVKService.exe [2010-6-29 412944]
    R2 AVKWCtl;Ad-Aware Filesystem Monitor;C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVK\AVKWCtlX64.exe [2010-6-23 2170224]
    R2 Bigfoot Networks Killer Service;Bigfoot Networks Killer Service;C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [2011-1-14 570368]
    R2 MDES;DVM Meta Data Export Service;C:\ASUS.SYS\CONFIG\DVMExportService.exe [2009-3-24 319488]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-1-7 378984]
    R2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe -start -scm --> C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe -start -scm [?]
    R2 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users\Bob Pommer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys [2011-4-8 14544]
    R3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2011-1-14 157288]
    R3 GDFwSvc;Ad-Aware Personal Firewall;C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Firewall\GDFwSvcx64.exe [2010-6-15 1954472]
    R3 GDPkIcpt;GDPkIcpt;C:\Windows\System32\drivers\PktIcpt.sys [2011-3-18 57288]
    R3 GDScan;Ad-Aware Scanner;C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2010-6-29 624064]
    R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-1-22 77824]
    R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-1-22 180224]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2011-3-16 155752]
    R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\System32\drivers\nvoclk64.sys [2009-9-15 42088]
    R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-6-23 402720]
    S0 acs6nts;acs6nts;C:\Windows\System32\drivers\acs6nts.sys [2010-6-1 29744]
    S2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-4-18 121000]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 BfEdge7x64;Bigfoot Networks Killer Ethernet Service;C:\Windows\System32\drivers\Edge7x64.sys [2011-1-14 31336]
    S3 GDBackupSvc;Ad-Aware Backup Service;C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVKBackup\AVKBackupService.exe [2010-6-29 911976]
    S3 GDTunerSvc;Ad-Aware Tuner Service;C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVKTuner\AVKTunerService.exe [2010-6-29 1234896]
    S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-20 1255736]
    .
    =============== Created Last 30 ================
    .
    2011-04-20 13:24:09 -------- d-----w- C:\Users\BOBPOM~1\AppData\Roaming\Malwarebytes
    2011-04-20 13:24:04 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    2011-04-20 13:24:04 -------- d-----w- C:\PROGRA~3\Malwarebytes
    2011-04-20 13:24:01 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-04-20 13:24:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-04-20 12:29:30 -------- d-----w- C:\temp
    2011-04-19 12:24:47 8802128 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{ED65F7C1-15B2-4DF1-9001-69C3624B440F}\mpengine.dll
    2011-04-18 17:15:28 -------- d-----w- C:\TempDTV4PC
    2011-04-18 15:39:57 127320 ----a-w- C:\Windows\System32\drivers\aswFW.sys
    2011-04-18 15:39:53 64344 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2011-04-18 15:39:53 505176 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2011-04-18 15:39:53 253784 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys
    2011-04-18 15:39:37 12368 ----a-w- C:\Windows\System32\drivers\aswNdis.sys
    2011-04-18 15:39:33 40648 ----a-w- C:\Windows\avastSS.scr
    2011-04-14 19:31:54 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
    2011-04-14 19:31:51 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
    2011-04-14 19:31:51 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    2011-04-14 19:31:51 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
    2011-04-14 19:31:51 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
    2011-04-14 16:06:51 -------- d-----w- C:\Program Files\SmartFTP Client
    2011-04-14 16:06:00 -------- d-----w- C:\Program Files (x86)\SmartFTP Client 4.0 (x64) Setup Files
    2011-04-14 15:50:02 -------- d-----w- C:\Users\BOBPOM~1\AppData\Local\Mozilla
    2011-04-13 13:24:30 -------- d-----w- C:\Program Files\Pidgjn
    2011-04-13 13:19:28 -------- d-----w- C:\Program Files (x86)\Pidgin
    2011-04-10 13:59:18 -------- d-----w- C:\Windows\System32\wbem\Logs
    2011-04-09 15:41:34 -------- d--h--w- C:\Windows\AxInstSV
    2011-04-09 14:32:18 -------- d-----w- C:\Program Files\Bigfoot Networks
    2011-04-09 14:32:18 -------- d-----w- C:\PROGRA~3\Bigfoot Networks
    2011-04-09 14:31:03 -------- d-----w- C:\Program Files (x86)\Bigfoot Networks
    2011-04-09 02:34:51 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
    2011-04-09 02:34:51 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
    2011-04-08 23:44:17 -------- d-----w- C:\PROGRA~3\Solidshield
    2011-04-07 16:10:46 -------- d-----w- C:\Users\BOBPOM~1\AppData\Roaming\Tific
    2011-04-04 23:45:10 -------- d-----w- C:\Program Files (x86)\Ask.com
    2011-04-04 23:41:52 -------- d-----w- C:\Program Files (x86)\Download Manager
    2011-04-04 23:24:53 -------- d-----w- C:\Users\BOBPOM~1\AppData\Roaming\Stamps.com Internet Postage
    2011-04-04 23:24:46 -------- d-----w- C:\PROGRA~3\{008E9AD5-48B1-4141-ADBB-C81A7744608B}
    2011-04-04 23:24:39 -------- d-----w- C:\Program Files (x86)\Stamps.com Internet Postage
    2011-04-04 23:24:22 -------- d-----w- C:\Users\BOBPOM~1\AppData\Local\Seven Zip
    2011-03-23 15:09:16 -------- d-----w- C:\Users\BOBPOM~1\AppData\Roaming\Windows SideBar
    2011-03-23 15:02:51 -------- d-----w- C:\Users\BOBPOM~1\AppData\Local\Electronic Arts
    2011-03-23 14:53:23 -------- d-sh--w- C:\#GDATA.Trash.Store#
    2011-03-22 17:02:28 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
    2011-03-22 16:53:39 -------- dc-h--w- C:\PROGRA~3\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
    2011-03-21 23:33:13 -------- d-----w- C:\PROGRA~3\EA Core
    2011-03-21 23:16:07 -------- d-----w- C:\Program Files (x86)\Common Files\BioWare
    2011-03-21 21:05:56 -------- d-----w- C:\Users\BOBPOM~1\AppData\Local\Adobe
    2011-03-21 18:14:23 -------- d-----w- C:\Program Files (x86)\Citrix
    2011-03-21 18:14:06 72080 ----a-w- C:\Users\Bob Pommer\g2mdlhlpx.exe
    2011-03-21 15:29:21 -------- d-----w- C:\Users\BOBPOM~1\AppData\Local\Opera
    .
    ==================== Find3M ====================
    .
    2011-03-21 00:53:52 662 ----a-w- C:\Windows\SysWow64\ealregsnapshot1.reg
    2011-03-20 18:59:26 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2011-03-18 23:50:36 40392 ----a-w- C:\Windows\System32\drivers\GDBehave.sys
    2011-03-18 23:50:22 57288 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys
    2011-03-18 23:50:02 85960 ----a-w- C:\Windows\System32\drivers\MiniIcpt.sys
    2011-03-18 23:50:02 49096 ----a-w- C:\Windows\System32\drivers\HookCentre.sys
    2011-03-18 23:50:01 48584 ----a-w- C:\Windows\System32\drivers\gdwfpcd64.sys
    2011-03-18 23:49:11 15880 ----a-w- C:\Windows\SysWow64\lsdelete.exe
    2011-03-18 23:48:12 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2011-03-18 22:52:36 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
    2011-03-16 23:45:43 16384 ----a-w- C:\Windows\SysWow64\lgfwunis.exe
    2011-03-16 23:41:08 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
    2011-03-16 23:41:07 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2011-03-11 06:34:51 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
    2011-03-11 06:34:50 1395712 ----a-w- C:\Windows\System32\mfc42.dll
    2011-03-11 05:33:59 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
    2011-03-11 05:33:59 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
    2011-03-08 06:29:32 976896 ----a-w- C:\Windows\System32\inetcomm.dll
    2011-03-08 05:28:29 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
    2011-03-03 06:24:16 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
    2011-03-03 06:21:57 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
    2011-03-03 05:36:16 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
    2011-03-03 03:52:08 3135488 ----a-w- C:\Windows\System32\win32k.sys
    2011-02-24 06:15:44 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
    2011-02-24 05:38:54 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
    2011-02-23 04:56:27 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
    2011-02-23 04:56:03 411648 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2011-02-23 04:55:47 167936 ----a-w- C:\Windows\System32\drivers\srvnet.sys
    2011-02-20 04:51:56 5601616 ----a-w- C:\Windows\System32\mfc100u.dll
    2011-02-20 03:51:56 64336 ----a-w- C:\Windows\System32\mfc100fra.dll
    2011-02-20 03:51:56 64336 ----a-w- C:\Windows\System32\mfc100deu.dll
    2011-02-20 03:51:56 63824 ----a-w- C:\Windows\System32\mfc100esn.dll
    2011-02-20 03:51:56 62288 ----a-w- C:\Windows\System32\mfc100ita.dll
    2011-02-20 03:51:56 608080 ----a-w- C:\Windows\System32\msvcp100.dll
    2011-02-20 03:51:56 60752 ----a-w- C:\Windows\System32\mfc100rus.dll
    2011-02-20 03:51:56 55120 ----a-w- C:\Windows\System32\mfc100enu.dll
    2011-02-20 03:51:56 43856 ----a-w- C:\Windows\System32\mfc100jpn.dll
    2011-02-20 03:51:56 43344 ----a-w- C:\Windows\System32\mfc100kor.dll
    2011-02-20 03:51:56 36176 ----a-w- C:\Windows\System32\mfc100cht.dll
    2011-02-20 03:51:56 36176 ----a-w- C:\Windows\System32\mfc100chs.dll
    2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll
    2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll
    2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll
    2011-02-19 12:03:46 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2011-02-19 09:00:32 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
    2011-02-19 06:30:46 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2011-02-19 05:52:32 829264 ----a-w- C:\Windows\System32\msvcr100.dll
    2011-02-19 04:34:54 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2011-02-05 17:10:16 642944 ----a-w- C:\Windows\System32\winload.efi
    2011-02-05 17:10:08 20352 ----a-w- C:\Windows\System32\kdusb.dll
    2011-02-05 17:10:08 19328 ----a-w- C:\Windows\System32\kd1394.dll
    2011-02-05 17:10:08 17792 ----a-w- C:\Windows\System32\kdcom.dll
    2011-02-05 17:06:41 605552 ----a-w- C:\Windows\System32\winload.exe
    2011-02-05 17:06:41 566208 ----a-w- C:\Windows\System32\winresume.efi
    2011-02-05 17:06:41 518672 ----a-w- C:\Windows\System32\winresume.exe
    2011-02-02 23:11:20 270720 ------w- C:\Windows\System32\MpSigStub.exe
    .
    ============= FINISH: 8:51:32.86 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-03-05.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 3/18/2011 5:07:01 PM
    System Uptime: 4/20/2011 8:48:00 AM (0 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | P6X58D PREMIUM
    Processor: Intel(R) Core(TM) i7 CPU 970 @ 3.20GHz | LGA1366 | 3201/166mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 112 GiB total, 38.403 GiB free.
    D: is FIXED (NTFS) - 932 GiB total, 773.668 GiB free.
    E: is CDROM (CDFS)
    F: is CDROM ()
    G: is CDROM (CDFS)
    H: is Removable
    I: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e97b-e325-11ce-bfc1-08002be10318}
    Description: ACS-6xxxx
    Device ID: PCI\VEN_10B5&DEV_8608&SUBSYS_860810B5&REV_BA\4&32D41DE7&0&0048
    Manufacturer: Accusys Inc.
    Name: ACS-6xxxx
    PNP Device ID: PCI\VEN_10B5&DEV_8608&SUBSYS_860810B5&REV_BA\4&32D41DE7&0&0048
    Service: acs6nts
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Bigfoot Networks Killer Ethernet Controller
    Device ID: {E1A9BB88-DF88-42F4-BB35-802FCFEA41B3}\XENO831X\5&2607440F&0&419582050
    Manufacturer: Bigfoot Networks, Inc.
    Name: Bigfoot Networks Killer Ethernet Controller
    PNP Device ID: {E1A9BB88-DF88-42F4-BB35-802FCFEA41B3}\XENO831X\5&2607440F&0&419582050
    Service: BfEdge7x64
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
    Device ID: PCI\VEN_11AB&DEV_4364&SUBSYS_81F81043&REV_12\4&27E824CA&0&00E2
    Manufacturer: Marvell
    Name: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller #2
    PNP Device ID: PCI\VEN_11AB&DEV_4364&SUBSYS_81F81043&REV_12\4&27E824CA&0&00E2
    Service: yukonw7
    .
    Class GUID:
    Description: USB-232 Adapter
    Device ID: USB\VID_050D&PID_1203\BL6225
    Manufacturer:
    Name: USB-232 Adapter
    PNP Device ID: USB\VID_050D&PID_1203\BL6225
    Service:
    .
    Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
    Description: Unknown Device
    Device ID: USB\VID_0000&PID_0000\5&91176B8&0&2
    Manufacturer: (Standard USB Host Controller)
    Name: Unknown Device
    PNP Device ID: USB\VID_0000&PID_0000\5&91176B8&0&2
    Service:
    .
    ==== System Restore Points ===================
    .
    RP57: 4/17/2011 8:18:17 AM - PC Health Advisor Backup
    RP58: 4/18/2011 10:39:26 AM - avast! Internet Security Setup
    RP59: 4/18/2011 3:26:10 PM - Windows Update
    RP60: 4/20/2011 7:21:53 AM - PC Health Advisor Backup
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    7-Zip 9.20
    Ad-Aware Total Security
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader X (10.0.1)
    AI Suite
    avast! Internet Security
    Bigfoot Networks Dashboard
    Bigfoot Networks Killer Network Manager
    Call of Duty(R) 4 - Modern Warfare(TM)
    Crysis WARHEAD(R)
    Crysis® 2
    CyberLink BD Advisor 2.0
    CyberLink Blu-ray Disc Suite
    CyberLink LabelPrint
    CyberLink MediaShow
    CyberLink Power2Go
    CyberLink PowerDVD 8
    CyberLink PowerProducer
    CyberLink YouCam
    Digital TV for PC 2
    Download Manager 2.3.10
    Dragon Age II
    Dropbox
    eReg
    EVGA Precision 2.0.2
    Express Gate Tools
    Google Chrome
    GoToMeeting 4.5.0.457
    HP Officejet Pro 8500 A910 Help
    HP Update
    I.R.I.S. OCR
    Java Auto Updater
    Java(TM) 6 Update 24
    Junk Mail filter update
    Lavasoft Registry Tuner
    LG Tool Kit
    LightScribe System Software
    Malwarebytes' Anti-Malware
    marvell 91xx driver
    Marvell Miniport Driver
    Microsoft Choice Guard
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2010
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable - KB2467175
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Mozilla Firefox 4.0 (x86 en-US)
    MSVCRT
    NEC Electronics USB 3.0 Host Controller Driver
    NVIDIA Alien vs. Triangles demo
    NVIDIA Endless City demo
    NVIDIA Performance
    NVIDIA PhysX
    NVIDIA Stereoscopic 3D Driver
    NVIDIA System Monitor
    NVIDIA System Update
    Opera 11.10
    ParetoLogic PC Health Advisor
    PC Probe II
    Pidgin
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.1
    Search-Results Toolbar
    Search Toolbar
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB2466156)
    Security Update for 2007 Microsoft Office System (KB2509488)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB2464583)
    Security Update for Microsoft Office Groove 2007 (KB2494047)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB2464594)
    Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
    Security Update for Microsoft Office Publisher 2007 (KB2284697)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    SmartFTP Client Setup Files 4.0 (x64) (remove only)
    SSH Explorer
    Stamps.com
    StarCraft II
    Tom Clancy's H.A.W.X
    TurboV
    Update for 2007 Microsoft Office System (KB2284654)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Outlook 2007 (KB2509470)
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update for Outlook 2007 Junk Email Filter (KB2522999)
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    Yahoo! Messenger
    Yahoo! Software Update
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    4/20/2011 8:49:18 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    4/20/2011 8:48:18 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: acs6nts
    4/20/2011 8:48:07 AM, Error: acs6nts [11] - The driver detected a controller error on \Device\RaidPort0.
    4/20/2011 8:46:06 AM, Error: mv91xx [9] - The device, \Device\Scsi\mv91xx1, did not respond within the timeout period.
    4/20/2011 8:44:57 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
    4/20/2011 8:44:57 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    4/20/2011 8:44:54 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments " " in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    4/20/2011 8:44:42 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
    4/20/2011 8:44:42 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
    4/20/2011 7:19:14 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Bigfoot Networks Killer Service service.
    4/19/2011 7:29:33 AM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    4/18/2011 11:21:56 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
    4/18/2011 11:21:16 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
    4/15/2011 3:00:42 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
    4/14/2011 11:13:23 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user BobPommer-PC\Bob Pommer SID (S-1-5-21-1723012123-340873871-3861595040-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    .
    ==== End Of File ===========================

    I ran the malwarebyte as instructed, but the definitions were 120 days old and due to my connectivity problem, the application could not connect to the update server... Irony...

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5363

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 9.0.8112.16421

    4/20/2011 3:11:56 PM
    mbam-log-2011-04-20 (15-11-44).txt

    Scan type: Full scan (C:\|D:\|)
    Objects scanned: 324891
    Time elapsed: 19 minute(s), 14 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\Users\bob pommer\Desktop\.url (Malware.Trace) -> No action taken.


    Please advise. Thanks.
     
    bobpommer,
    #3
  5. 2011/04/20
    bobpommer

    bobpommer Inactive Thread Starter

    Joined:
    2011/04/18
    Messages:
    7
    Likes Received:
    0
    I also just tried running the troubleshooting app for networking and incoming connections. I Tried to diagnose the firefox problem and I get an error. I ran as administrator and got an error code 0x800706BE

    When i tried running internet explore troubleshooting, it said I wasn't connected to the router... Clearly not the problem.
     
    bobpommer,
    #4
  6. 2011/04/20
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Welcome aboard :)

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ====================================================

    Your MBAM log says "No action taken ".
    Please re-run it, FIX all issues and post new log.

    Is it brand new computer?

    You're running two security programs, Ad-Aware Total Security and avast! Internet Security.
    One of them has to go.
    I suggest, Ad-Aware goes.

    When done....

    Please download MiniToolBox and run it.

    Checkmark following boxes:
    • Report IE Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List last 10 Event Viewer log
    • List Users, Partitions and Memory size
    Click Go and post the result.
     
    Last edited: 2011/04/20
    broni,
    #5
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...