0 Members and 1 Guest are viewing this topic.
Might be an infection, so lets check that first.Download tdsskiller.exe and malwarebytesIf you are able to run them have them both scan your system and let me know how it goes Shane
Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 2HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{12F02779-6D88-4958-8AD3-83C12D86ADC7} (Fake.Dropped.Malware) -> Data: -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{12F02779-6D88-4958-8AD3-83C12D86ADC7} (Fake.Dropped.Malware) -> Data: -> Quarantined and deleted successfully.Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 1C:\Windupdt\winupdate.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
Ok so looks like your system is clean.IS KasperskyPasswordManager (stpass.exe) the only one giving you the error?Also do you know how to check if DEP is enabled on your system?http://windows.microsoft.com/en-us/windows-vista/change-data-execution-prevention-settingsbut make sure it is set to the first option and not the 2nd.Shane
OK so we know it isnt DEP and it isnt an infection. What other programs give this error or is it only that one?Shane
If no other program is giving these errors then I think it is something more with those programs and not your system I wonder if these two programs need a runtime file installed.Have you check Kaspersky for this error yet?Shane
I have seen this before on one of my laptops after I installed SPEEDbit. Luckily for me I uninstalled it and the problem went away. May not help, but it's worth a try.Chris
What Is an eAccess Violation?Function The EAccess violation keeps a program on your computer from accessing invalid memory. There may have been some loophole that allowed malicious software to harm your computer that was patched up in a Windows update. While it is a good thing that they are patching these loopholes, it can be confusing to the user as all they will see on their end is the EAccess violation.Prevention/Solution You can help prevent these kind of errors from occurring by updating your device drivers after formatting and reinstalling your operating system or installing a Windows service pack. Always install the latest service pack BEFORE going through and updating your device drivers. Be conscious of when and what you are doing when you first receive an error like this. You may need this information to tell a service representative if you cannot solve the problem.Speculation It seems as this is most frequently caused by the Realtek on-board audio drivers that come with motherboards. Most people have found a fix by double-checking that they had installed the latest Realtek audio device drivers. Other people have been receiving problems with their network cards. Make sure your drivers are updated. if this does not work, try contacting the manufacturer of your network card.Warning Make sure you have tried to uninstall then reinstall the latest drivers before you get too hasty and try to reinstall Windows or format your hard drive. Make sure you are installing the correct drivers. Sometimes people just keep reinstalling their motherboard drivers when they need to download their audio drivers separately. Also, make sure you are downloading the correct audio drivers for your specific motherboard. If you have a KD1100 motherboard, make sure you are downloading for the KD1100 motherboard and not, for instance, the KD1000KS motherboard.
QuoteWhat Is an eAccess Violation?Function The EAccess violation keeps a program on your computer from accessing invalid memory. There may have been some loophole that allowed malicious software to harm your computer that was patched up in a Windows update. While it is a good thing that they are patching these loopholes, it can be confusing to the user as all they will see on their end is the EAccess violation.Prevention/Solution You can help prevent these kind of errors from occurring by updating your device drivers after formatting and reinstalling your operating system or installing a Windows service pack. Always install the latest service pack BEFORE going through and updating your device drivers. Be conscious of when and what you are doing when you first receive an error like this. You may need this information to tell a service representative if you cannot solve the problem.Speculation It seems as this is most frequently caused by the Realtek on-board audio drivers that come with motherboards. Most people have found a fix by double-checking that they had installed the latest Realtek audio device drivers. Other people have been receiving problems with their network cards. Make sure your drivers are updated. if this does not work, try contacting the manufacturer of your network card.Warning Make sure you have tried to uninstall then reinstall the latest drivers before you get too hasty and try to reinstall Windows or format your hard drive. Make sure you are installing the correct drivers. Sometimes people just keep reinstalling their motherboard drivers when they need to download their audio drivers separately. Also, make sure you are downloading the correct audio drivers for your specific motherboard. If you have a KD1100 motherboard, make sure you are downloading for the KD1100 motherboard and not, for instance, the KD1000KS motherboard.Next thing to check is your device drivers. Sound and video to start with Shane
If you go into Windows safe mode and try to run any of the programs that gives the error, do they also give the error in safe mode?Shane
I forgot to have you run combofix.exehttp://www.bleepingcomputer.com/download/combofix/Run it and reboot and see how things go Shane
ComboFix 12-08-04.02 - Debojit 08/04/2012 111401.2.4 - x86Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3062.1744 [GMT 5.5:30]Running from: F:\ComboFix.exeAV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\ntuser.datc:\users\Debojit\AppData\Roaming\chrtmpc:\windows\a3kebook.inic:\windows\akebook.inic:\windows\ANS2000.INIc:\windows\system32\DEBUG.logc:\windows\system32\drivers\etc\hosts.icsc:\windows\system32\tmp2BF0.tmpc:\windows\system32\tmp394A.tmpc:\windows\system32\tmp3989.tmpc:\windows\system32\uninstall.exe..((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Service_NPF..((((((((((((((((((((((((( Files Created from 2012-07-04 to 2012-08-04 )))))))))))))))))))))))))))))))..2012-08-04 05:51 . 2012-08-04 05:54 -------- d-----w- c:\users\Debojit\AppData\Local\temp2012-08-04 05:51 . 2012-08-04 05:51 -------- d-----w- c:\users\Public\AppData\Local\temp2012-08-04 05:51 . 2012-08-04 05:51 -------- d-----w- c:\users\Default\AppData\Local\temp2012-08-04 05:50 . 2012-08-04 05:50 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3FBE6022-55E2-41F5-B74E-36F4C54F34E2}\offreg.dll2012-08-03 15:04 . 2012-08-03 15:04 -------- d-----w- c:\users\Debojit\AppData\Roaming\Thinstall2012-08-03 14:46 . 2012-08-03 14:46 -------- d-----w- c:\program files\Mozilla Maintenance Service2012-08-03 06:18 . 2012-08-03 06:18 -------- d-----w- c:\program files\Kaspersky Lab2012-08-02 14:02 . 2012-08-02 14:49 -------- d-----w- c:\program files\SpeedBit Video Accelerator2012-08-02 09:16 . 2012-08-02 19:40 -------- d-----w- c:\program files\Unlocker2012-08-02 08:52 . 2012-08-02 08:52 -------- d-----w- c:\users\Debojit\AppData\Local\VS Revo Group2012-08-02 06:43 . 2012-08-02 06:43 -------- d-----w- c:\users\Debojit\AppData\Roaming\PC Tools Performance Toolkit2012-08-02 06:40 . 2011-10-25 13:17 128120 ----a-w- c:\windows\system32\drivers\PCTDSMon.sys2012-08-02 06:40 . 2011-10-25 13:17 108864 ----a-w- c:\windows\system32\drivers\PCTDMDefrag.sys2012-08-02 06:40 . 2011-10-25 13:16 37344 ----a-w- c:\windows\system32\CleanMFT32.exe2012-08-02 06:40 . 2011-07-26 11:45 44544 ----a-w- c:\windows\system32\msxml4a.dll2012-08-02 06:40 . 2008-04-02 11:24 1101824 ----a-w- c:\windows\system32\UniBox210.ocx2012-08-02 06:40 . 2008-04-02 11:23 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx2012-08-02 06:40 . 2008-04-02 11:23 880640 ----a-w- c:\windows\system32\UniBox10.ocx2012-08-02 06:40 . 2012-08-02 06:40 -------- d-----w- c:\program files\Common Files\PC Tools2012-08-02 06:40 . 2011-10-25 13:17 512480 ----a-w- c:\windows\system32\msxml.dll2012-08-02 06:40 . 2008-09-17 16:47 658432 ----a-w- c:\windows\system32\MSCOMCT2.OCX2012-08-02 06:40 . 2012-08-03 17:48 -------- d-----w- c:\program files\PC Tools Utilities2012-08-02 06:40 . 2012-08-02 06:40 -------- d-----w- c:\programdata\PC Tools2012-08-02 06:20 . 2012-08-02 06:20 -------- d-----w- c:\windows\system32\Adobe2012-08-01 16:15 . 2012-08-04 05:51 -------- d-----w- c:\users\Debojit\AppData\Roaming\DMCache2012-08-01 05:25 . 2012-08-01 05:25 -------- d-----w- c:\users\Debojit\MW3Download2012-07-31 17:52 . 2012-07-31 17:52 -------- d-----w- c:\program files\CBS Software2012-07-31 16:30 . 2012-07-15 21:11 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3FBE6022-55E2-41F5-B74E-36F4C54F34E2}\mpengine.dll2012-07-30 20:20 . 2012-05-04 14:02 639088 ----a-w- c:\windows\system32\VIASysFx.dll2012-07-30 20:20 . 2012-05-04 14:02 86128 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll2012-07-30 20:20 . 2012-05-04 14:02 191600 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll2012-07-30 20:20 . 2012-05-04 14:02 27760 ----a-w- c:\windows\system32\ViakaraokeSrv.exe2012-07-30 20:20 . 2012-05-04 14:02 106608 ----a-w- c:\windows\system32\ViaKaraokePropPageExt.dll2012-07-30 20:20 . 2012-05-04 14:02 1021552 ----a-w- c:\windows\system32\ViaKaraokeApo.dll2012-07-30 20:20 . 2012-05-04 14:02 82544 ----a-w- c:\windows\system32\Dts2PropPageExt.dll2012-07-30 20:20 . 2012-05-04 14:02 218224 ----a-w- c:\windows\system32\Dts2APO.dll2012-07-30 19:54 . 2012-07-30 20:20 -------- d-----w- c:\windows\LastGood.Tmp2012-07-30 19:53 . 2012-04-11 19:00 80488 ----a-w- c:\windows\system32\RtNicProp32.dll2012-07-30 19:53 . 2012-04-11 19:00 543336 ----a-w- c:\windows\system32\drivers\Rt86win7.sys2012-07-28 05:13 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys2012-07-28 05:13 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys2012-07-28 05:13 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll2012-07-28 05:13 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll2012-07-28 05:13 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll2012-07-28 04:40 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll2012-07-28 04:40 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll2012-07-28 04:40 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll2012-07-28 04:38 . 2012-04-28 04:41 919040 ----a-w- c:\windows\system32\rdpcorets.dll2012-07-28 04:38 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys2012-07-28 04:38 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll2012-07-28 04:38 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll2012-07-28 04:38 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe2012-07-28 04:38 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll2012-07-28 04:38 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys2012-07-28 04:38 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll2012-07-28 04:38 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll2012-07-27 16:14 . 2012-07-27 16:14 -------- d-----w- c:\programdata\Office Genuine Advantage2012-07-27 14:20 . 2012-07-27 14:20 123904 ----a-w- c:\windows\system32\dfrgui.dll2012-07-27 14:04 . 2012-07-27 14:04 38912 ----a-w- c:\windows\system32\dfrgsnap.dll2012-07-26 13:33 . 2012-07-26 13:33 -------- d-----w- c:\program files\Oracle2012-07-26 13:32 . 2012-07-05 16:36 772544 ----a-w- c:\windows\system32\npDeployJava1.dll2012-07-24 05:32 . 2012-07-24 05:32 181064 ----a-w- c:\windows\PSEXESVC.EXE2012-07-19 16:24 . 2012-07-19 16:24 -------- d-----w- c:\programdata\ZoomBrowser2012-07-19 16:23 . 2012-07-19 16:28 -------- d-----w- c:\programdata\Canon_Inc_IC2012-07-19 15:30 . 2012-07-19 15:30 -------- d-----w- c:\users\Debojit\AppData\Roaming\Canon2012-07-19 15:30 . 2012-07-27 03:12 -------- d-----w- c:\programdata\PhotoStitch2012-07-19 13:17 . 2012-07-19 13:17 -------- d-----w- c:\users\Debojit\AppData\Roaming\CANON INC2012-07-19 13:13 . 2012-07-28 13:24 -------- d-----w- c:\users\Debojit\AppData\Roaming\ZoomBrowser EX2012-07-19 13:08 . 2012-07-19 16:28 -------- d-----w- c:\program files\Canon2012-07-19 13:06 . 2012-07-19 16:23 -------- d-----w- c:\program files\Common Files\Canon2012-07-17 08:24 . 2012-07-17 08:24 -------- d-----w- c:\programdata\Babylon2012-07-15 18:43 . 2012-07-15 18:43 1199504 ----a-w- c:\windows\PE_File.dll2012-07-14 08:05 . 2012-08-02 08:38 -------- d-----w- c:\users\Administrator2012-07-13 07:19 . 2012-07-13 07:19 -------- d-----w- c:\programdata\ATI2012-07-13 07:19 . 2012-07-13 07:19 -------- d-----w- c:\programdata\AMD2012-07-13 07:19 . 2012-07-13 07:19 -------- d-----w- c:\program files\AMD AVT2012-07-13 07:19 . 2012-07-13 07:19 -------- d-----w- c:\program files\AMD APP2012-07-13 06:36 . 2012-07-19 19:50 1133968 ----a-w- c:\windows\PE_Rom.dll2012-07-12 18:18 . 2012-07-12 18:18 -------- d-----w- c:\users\Debojit\AppData\Roaming\ATI2012-07-12 18:18 . 2012-07-12 18:18 -------- d-----w- c:\users\Debojit\AppData\Local\ATI2012-07-12 18:17 . 2012-07-12 18:17 0 ----a-w- c:\windows\ativpsrm.bin2012-07-12 18:15 . 2012-07-12 18:15 -------- d-----w- c:\program files\Common Files\ATI Technologies2012-07-12 18:14 . 2012-07-12 18:14 -------- d-----w- c:\program files\ATI2012-07-12 18:14 . 2012-07-13 07:19 -------- d-----w- c:\program files\ATI Technologies2012-07-12 18:09 . 2010-12-20 12:38 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll2012-07-12 18:09 . 2012-07-12 18:09 -------- d-----w- c:\program files\Common Files\postureAgent2012-07-12 18:08 . 2010-10-19 11:03 41088 ----a-w- c:\windows\system32\drivers\HECI.sys2012-07-12 18:07 . 2012-04-11 19:00 100896 ----a-w- c:\windows\system32\RTNUninst32.dll2012-07-12 18:06 . 2012-05-04 14:02 2330224 ----a-w- c:\windows\system32\VIAPropPageExt.dll2012-07-12 18:06 . 2012-05-04 14:02 1832560 ----a-w- c:\windows\system32\drivers\viahduaa.sys2012-07-12 18:06 . 2011-06-08 10:19 76288 ----a-w- c:\windows\system32\nQPropPageExt.dll2012-07-12 18:06 . 2011-06-08 10:19 73728 ----a-w- c:\windows\system32\nQAPO.dll2012-07-12 18:06 . 2012-07-12 18:06 -------- d-----w- c:\program files\VIA2012-07-12 16:34 . 2012-07-12 16:35 -------- d-----w- c:\program files\ASUS E-Green2012-07-12 16:16 . 2008-12-02 14:35 184320 ----a-w- c:\windows\system32\drivers\UpdateHelper.dll2012-07-12 16:15 . 2012-07-12 16:15 -------- d-----w- c:\programdata\ASUS2012-07-12 16:15 . 2008-01-04 05:34 11832 ------w- c:\windows\system32\drivers\AsInsHelp64.sys2012-07-12 16:14 . 2011-06-15 13:11 33056 ----a-r- c:\windows\system32\drivers\RtNdPt60.sys2012-07-11 06:03 . 2012-07-11 06:05 -------- d-----w- c:\windows\vbSkinner2012-07-11 05:46 . 2012-07-11 05:46 -------- d-----w- c:\users\Debojit\AppData\Local\APN2012-07-10 20:37 . 2012-07-18 14:18 -------- d-----w- c:\users\Debojit\AppData\Roaming\Foxit Software2012-07-10 20:35 . 2012-07-10 20:35 -------- d-----w- c:\program files\Foxit Software2012-07-06 18:17 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll2012-07-06 18:17 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe2012-07-06 18:17 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll2012-07-06 18:17 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll2012-07-06 18:17 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll2012-07-06 18:17 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll2012-07-06 18:17 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll2012-07-06 18:17 . 2012-06-02 09:49 171904 ----a-w- c:\windows\system32\wuwebv.dll2012-07-06 18:17 . 2012-06-02 09:42 33792 ----a-w- c:\windows\system32\wuapp.exe2012-07-06 13:46 . 2009-07-04 08:17 11776 ----a-w- c:\windows\system32\rtl120.bpl2012-07-06 13:38 . 2012-07-06 13:38 -------- d--h--w- c:\programdata\Common Files...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-08-02 06:25 . 2012-03-31 04:02 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-08-02 06:25 . 2011-06-03 06:11 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-07-05 16:36 . 2010-07-23 19:43 687544 ----a-w- c:\windows\system32\deployJava1.dll2012-06-11 18:58 . 2012-06-11 18:58 8733696 ----a-w- c:\windows\system32\drivers\atikmdag.sys2012-06-11 18:35 . 2012-06-11 18:35 58880 ----a-w- c:\windows\system32\coinst_8.98.dll2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\system32\atioglxx.dll2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe2012-06-11 17:24 . 2011-04-06 02:03 924160 ----a-w- c:\windows\system32\aticfx32.dll2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll2012-06-11 17:19 . 2012-06-11 17:19 468992 ----a-w- c:\windows\system32\atieclxx.exe2012-06-11 17:19 . 2012-06-11 17:19 217600 ----a-w- c:\windows\system32\atiesrxx.exe2012-06-11 17:17 . 2012-06-11 17:17 163840 ----a-w- c:\windows\system32\atitmmxx.dll2012-06-11 17:17 . 2012-06-11 17:17 20992 ----a-w- c:\windows\system32\atimuixx.dll2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\system32\ati2edxx.dll2012-06-11 17:16 . 2011-04-06 01:53 6301696 ----a-w- c:\windows\system32\atidxx32.dll2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\system32\aticalrt.dll2012-06-11 16:45 . 2012-06-11 16:45 5480448 ----a-w- c:\windows\system32\atiumdag.dll2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\system32\aticalcl.dll2012-06-11 16:43 . 2012-06-11 16:43 4729344 ----a-w- c:\windows\system32\atiumdva.dll2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\system32\aticaldd.dll2012-06-11 16:26 . 2011-04-06 01:22 368640 ----a-w- c:\windows\system32\atiadlxx.dll2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\system32\atigktxx.dll2012-06-11 16:25 . 2012-06-11 16:25 295936 ----a-w- c:\windows\system32\drivers\atikmpag.sys2012-06-11 16:25 . 2011-04-06 01:20 42496 ----a-w- c:\windows\system32\atiuxpag.dll2012-06-11 16:24 . 2011-04-06 01:20 32768 ----a-w- c:\windows\system32\atiu9pag.dll2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\system32\atimpc32.dll2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\system32\amdpcom32.dll2012-06-11 08:20 . 2012-06-11 08:20 159232 ----a-w- c:\windows\system32\clinfo.exe2012-06-11 08:20 . 2012-06-11 08:20 65024 ----a-w- c:\windows\system32\OpenVideo.dll2012-06-11 08:20 . 2012-06-11 08:20 56320 ----a-w- c:\windows\system32\OVDecode.dll2012-06-11 08:19 . 2012-06-11 08:19 13008896 ----a-w- c:\windows\system32\amdocl.dll2012-06-11 08:18 . 2012-06-11 08:18 50176 ----a-w- c:\windows\system32\OpenCL.dll2012-05-14 20:51 . 2012-05-14 20:51 423744 ----a-w- c:\windows\system32\nvStreaming.exe2012-05-10 11:05 . 2012-05-10 11:05 29184 ----a-w- c:\windows\system32\kdbsdk32.dll2012-01-24 08:20 . 2012-03-09 13:03 265120 ----a-w- c:\program files\Common Files\WireHelpSvc.exe2012-07-14 00:17 . 2012-08-03 14:46 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll2010-08-03 05:41 819200 --sha-w- c:\windows\System32\xvidcore.dll2010-08-03 05:41 180224 --sha-w- c:\windows\System32\xvidvfw.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]2012-02-08 00:49 22376 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SpeedConnectStartUp"="c:\program files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe" [2010-10-17 602112]"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2012-06-09 3491264]"SpeedBitVideoAccelerator"="c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe" [2012-08-02 1517296].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 0 (0x0)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableInstallerDetection"= 0 (0x0)"EnableLUA"= 0 (0x0)"EnableSecureUIAPaths"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0)"EnableVirtualization"= 0 (0x0)"PromptOnSecureDesktop"= 0 (0x0)"SynchronousMachineGroupPolicy"= 0 (0x0)"SynchronousUserGroupPolicy"= 0 (0x0)"EnableLinkedConnections"= 1 (0x1).[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]"NoResolveTrack"= 1 (0x1)"NoRecentDocsNetHood"= 1 (0x1).[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartupbackupExtension=.CommonStartup.[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SnugTV Quick Start.lnk]backup=c:\windows\pss\SnugTV Quick Start.lnk.CommonStartupbackupExtension=.CommonStartupHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARMHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed LauncherHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManagerHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ai NapHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrentHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bywifiHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODOHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPAHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software UpdateHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMonHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgrHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MX Skype RecorderHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Download Manager{NBRT35-B23-4abb-B07C-C084B04B4F12}HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NTServiceManagerHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming ServicesHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerSuiteHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PretonClientHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkypeHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedBitVideoAcceleratorHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPCHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRSHDAudioLabHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SteamHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoardHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON TX121 Series]2009-09-14 08:00 200704 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIGGI.EXE.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]2012-06-09 20:17 3491264 ----a-w- c:\program files\Internet Download Manager\IDMan.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor]2011-10-25 13:16 103904 ----a-w- c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe.R1 MpKsl2f0aeb17;MpKsl2f0aeb17;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{08A24BA3-E7B3-45F5-BE66-731F389D7CA5}\MpKsl2f0aeb17.sys [x]R3 AVerA706;AVerMedia A706 BDA Service;c:\windows\system32\DRIVERS\AVerA706.sys [x]R3 CEDRIVER55;CEDRIVER55;c:\program files\Cheat Engine\dbk32.sys [x]R3 clwvd;CyberLink WebCam Virtual Driver; [x]R3 cpuz130;cpuz130; [x]R3 cpuz134;cpuz134;c:\users\Debojit\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [x]R3 CSTDIDRV;CSTDIDRV; [x]R3 DMDefragService;PC Tools Performance Toolkit Defrag Service;c:\program files\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [x]R3 DMRepairService;PC Tools Performance Toolkit Repair Service;c:\program files\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [x]R3 ESLvnic1;ESLvnic Virtual Network 32 Bit;c:\windows\system32\DRIVERS\ESLvnic.sys [x]R3 iprip;RIP Listener;c:\windows\System32\svchost.exe [x]R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]R3 PCTDMDefrag;PCTDMDefrag;c:\windows\system32\drivers\PCTDMDefrag.sys [x]R3 PCTDSMon;PCTDSMon;c:\windows\system32\drivers\PCTDSMon.sys [x]R3 PROCEXP151;PROCEXP151;c:\windows\system32\Drivers\PROCEXP151.SYS [x]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; [x]R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [x]R3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_i386.sys [x]R3 Synth3dVsc;Synth3dVsc; [x]R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]R3 tsusbhub;tsusbhub; [x]R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]R3 VBoxNetFlt;VBoxNetFlt Service; [x]R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x]R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [x]R3 VGPU;VGPU; [x]R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]R4 MyEpson Portal Service;MyEpson Portal Service;c:\program files\EPSON\MyEpson Portal\mepService.exe [x]R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]R4 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0602010.005\SYMDS.SYS [x]S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0602010.005\SYMEFA.SYS [x]S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120711.002\BHDrvx86.sys [x]S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\0602010.005\ccSetx86.sys [x]S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120803.002\IDSvix86.sys [x]S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0602010.005\Ironx86.SYS [x]S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360\0602010.005\SYMNETS.SYS [x]S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]S2 asComSvc;ASUS Com Service;c:\program files\ASUS\AXSP\1.00.18\atkexComSvc.exe [x]S2 asHmComSvc;ASUS HM Com Service;c:\program files\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]S2 AsusFanControlService;AsusFanControlService;c:\program files\ASUS\AsusFanControlService\1.00.21\AsusFanControlService.exe [x]S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x]S2 N360;Norton 360;c:\program files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe [x]S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [x]S2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe [x]S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [x]S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [x]S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]S3 PsxDrv;PsxDrv;c:\windows\system32\drivers\psxdrv.sys [x]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]..--- Other Services/Drivers In Memory ---.*NewlyCreated* - FSUSBEXDISK.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2SvcHPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12iissvcs REG_MULTI_SZ w3svc wasapphost REG_MULTI_SZ apphostsvcipripsvc REG_MULTI_SZ iprip.Contents of the 'Scheduled Tasks' folder.2012-08-04 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 06:25].2012-08-04 c:\windows\Tasks\AutoKMS.job- c:\windows\AutoKMS\AutoKMS.exe [2012-01-25 08:44].2012-08-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-646914889-3400711377-546484241-1001Core.job- c:\users\Debojit\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-22 09:25].2012-08-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-646914889-3400711377-546484241-1001UA.job- c:\users\Debojit\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-22 09:25].2012-08-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-646914889-3400711377-546484241-1001Core.job- c:\users\Debojit\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-23 11:31].2012-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-646914889-3400711377-546484241-1001UA.job- c:\users\Debojit\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-23 11:31].2012-08-02 c:\windows\Tasks\Launch 1249.job- c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe [2012-08-02 14:49].2012-08-03 c:\windows\Tasks\PTSchedule.job- c:\program files\PC Tools Utilities\pt.exe [2012-08-02 13:16]..------- Supplementary Scan -------.uStart Page = hxxp://google.com/uInternet Settings,ProxyOverride = localuSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sIE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htmIE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htmIE: {{09E90109-A9AA-4980-BCEF-76F8D924E902}LSP: c:\program files\SpeedBit Video Accelerator\SBLSP.dllTCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:\users\Debojit\AppData\Roaming\Mozilla\Firefox\Profiles\k5ffs16e.default\.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)SafeBoot-19295102.sysSafeBoot-US30Sys.sysMSConfigStartUp-pamela - (no file)AddRemove-3D970B9F930E7AAE23C06D39A1AC98548C90B442 - c:\progra~1\DIFX\37C35FE1F6CAE763\Dpinst.exe...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\N360]"ImagePath"="\"c:\program files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\6.2.1.5\diMaster.dll\" /prefetch:1".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-646914889-3400711377-546484241-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{073DEEDC-6736-E994-8E07-3AC21F92118B}*]"abbhmcpnpkjhopkffpidkbpmhfnocjbinh"=hex:61,62,70,6a,6b,6d,65,6e,6f,61,6c,66, 70,6c,6b,62,63,68,62,70,6a,66,64,6d,63,66,6c,6a,70,6e,6e,61,65,65,00,75"bbbhmcpnpkjhopkffpddlbhihgbkjbpiodog"=hex:61,62,6b,6a,69,63,69,70,6e,6d,6b,65, 6e,6c,70,68,61,6d,6a,63,67,64,65,62,69,6f,6f,69,67,69,69,6f,6a,6a,00,75.[HKEY_USERS\S-1-5-21-646914889-3400711377-546484241-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{87EA8E4B-40A1-99A5-FE8C-F0E5B43AC4A9}*]"hamdkgbfhfhaigcf"=hex:66,61,70,68,6a,6c,6f,6d,6a,6b,67,65,00,00"iangedmhkkcjfecnnc"=hex:6a,61,62,69,62,6c,62,6d,70,6b,70,63,63,6d,66,69,62,68, 67,66,00,00"hahfkgmkkeldhodi"=hex:6a,61,62,69,62,6c,62,6d,70,6b,70,63,63,6d,66,69,62,68, 67,66,00,00.[HKEY_USERS\S-1-5-21-646914889-3400711377-546484241-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DAD082D2-75B1-FE90-E3DC-4B62588EDC91}*]"maomihlhcjoiieilbgdegpaaej"=hex:6f,61,62,6a,6f,6f,6d,61,68,6c,68,66,61,64,63, 6f,66,70,66,6f,6e,68,6d,68,61,65,62,62,69,6d,00,6c"abblfhbmhgbnhpgfookcghjjnbihjakkoc"=hex:70,61,70,6d,64,69,63,61,69,67,66,67, 6a,64,6f,66,66,67,68,6b,61,6a,66,6c,6c,6e,61,65,6d,62,61,6c,00,00.[HKEY_USERS\S-1-5-21-646914889-3400711377-546484241-1001_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]@Denied: (Full) (Everyone)"scansk"=hex(0):32,eb,e5,7a,d1,6c,ce,59,81,40,07,8b,c0,10,9f,ca,c8,f0,ad,fc,ea, 08,9d,b2,02,73,8b,03,dd,9d,c4,51,0c,eb,05,6c,51,eb,e9,56,00,00,00,00,00,00,\.[HKEY_USERS\S-1-5-21-646914889-3400711377-546484241-1001_Classes\CLSID\{e3edf1ae-0c4c-4c04-9faa-c5b28939740a}]@Denied: (Full) (Everyone)@Allowed: (Read) (RestrictedCode)"Model"=dword:00000142"Therad"=dword:0000001b"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\windows\system32\psxss.exec:\windows\system32\taskhost.exec:\program files\Kodak\KODAK Share Button App\Listener.exec:\program files\ASUS\AI Suite II\AsRoutineController.exec:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exec:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exec:\windows\system32\conhost.exec:\program files\ASUS\AI Suite II\AI Suite II.exec:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exec:\windows\system32\sppsvc.exec:\program files\CBS Software\SpeedConnect Internet Accelerator\ShowNetworkActivity.exec:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exec:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exec:\program files\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exec:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exec:\\?\c:\windows\system32\wbem\WMIADAP.EXE.**************************************************************************.Completion time: 2012-08-04 11:28:03 - machine was rebootedComboFix-quarantined-files.txt 2012-08-04 05:58.Pre-Run: 6,446,448,640 bytes freePost-Run: 6,957,703,168 bytes free.- - End Of File - - 470DEDE19A8B78D3BE72AD24C38E85A5
2012-08-04 05:57:26 . 2012-08-04 05:57:26 998 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-3D970B9F930E7AAE23C06D39A1AC98548C90B442.reg.dat2012-08-04 05:57:15 . 2012-08-04 05:57:15 766 ----a-w- C:\Qoobox\Quarantine\Registry_backups\MSConfigStartUp-pamela.reg.dat2012-08-04 05:57:15 . 2012-08-04 05:57:15 278 ----a-w- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-US30Sys.sys.reg.dat2012-08-04 05:57:15 . 2012-08-04 05:57:15 558 ----a-w- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-19295102.sys.reg.dat2012-08-04 05:57:08 . 2012-08-04 05:57:08 173 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Toolbar-Locked.reg.dat2012-08-04 05:49:15 . 2012-08-04 05:49:15 512 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Service_NPF.reg.dat2012-08-04 05:49:05 . 2012-08-04 05:49:05 9,889 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg2012-08-04 05:42:16 . 2012-08-04 05:44:01 82 ----a-w- C:\Qoobox\Quarantine\catchme.log2012-08-02 08:38:11 . 2012-08-02 08:38:11 262,144 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\ntuser.dat.vir2012-05-18 19:09:13 . 2012-05-18 19:09:13 0 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\DEBUG.log.vir2011-12-26 07:26:37 . 2011-12-26 07:26:37 20 ----a-w- C:\Qoobox\Quarantine\C\Windows\akebook.ini.vir2011-12-26 07:26:37 . 2011-12-26 07:26:37 4 ----a-w- C:\Qoobox\Quarantine\C\Windows\a3kebook.ini.vir2011-12-26 07:26:37 . 2011-12-30 05:09:17 95 ----a-w- C:\Qoobox\Quarantine\C\Windows\ANS2000.INI.vir2011-12-11 11:25:25 . 2011-12-11 11:25:25 98,103 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\uninstall.exe.vir2011-08-04 10:57:09 . 2011-04-15 23:40:18 809,496 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\tmp2BF0.tmp.vir2011-08-04 10:57:08 . 2011-04-15 23:40:18 809,496 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\tmp3989.tmp.vir2011-04-15 23:40:18 . 2011-04-15 23:40:18 809,496 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\tmp394A.tmp.vir2011-03-29 19:05:31 . 2011-08-16 16:54:17 71,680 ----a-w- C:\Qoobox\Quarantine\C\Users\Debojit\AppData\Roaming\chrtmp.vir2011-02-17 10:19:06 . 2011-02-17 10:40:05 439 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\drivers\etc\hosts.ics.vir
I am running out of ideas on this one lolAre you able to do Windows updates without any trouble? And if so do you have all the current updates?Shane
Well since Windows and its components seem to working fine then I have to say it is more with the programs that are having trouble.Everything I have found point to it being sound drivers. You could try uninstalling the sound drivers as a test. But I am not sure it will do the trick Shane