1,105,534 Community Members

Computer overloads when connected to Internet

Member Avatar
Classified64
Newbie Poster
1 post since Feb 2012
Reputation Points: 0 [?]
Q&As Helped to Solve: 0 [?]
Skill Endorsements: 0 [?]
 
0
 

Hello

Before I start I'd like to show you this thread, which is basically the same problem as I had/have.
What happens is the fans starts getting louder and louder, which means they're running faster... eventually my computer just starts slowing down and become unusable. I haven't gotten to that point though, I've always shut down my computer before that happen.
After reading some on the internet I tried to start it without the net cable plugged in and it helped, nothing happen to the computer.

So I ran some tests with MBAM, GMER and DDS and I've got the logs to show you.
I resetted my computer to an earlier point (2 days ago) and it seems to be working flawless now, but just to make sure, I'd like to know if you find anything weird.

Here are the logs:
Mbam-log
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.26.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
admin :: ADMIN-PC [administrator]

2012-02-26 19:20:13
mbam-log-2012-02-26 (19-20-13).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 419050
Time elapsed: 45 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\admin\Downloads\CSCZ skins 2010\HLC_1\HLC_1_setup.exe (Worm.Magania) -> Quarantined and deleted successfully.
C:\Users\admin\Downloads\CSCZ skins 2010\Update.and.Crack-ASC-II-Mbb\SKIDROW\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Users\admin\Downloads\Left 4 Dead 2 - V2.0.1.1 (Patched For Online Gameplay) PROPER .Full-Rip. [blaze69]\Left 4 Dead 2\Left 4 Dead 2\left4dead2\addons\Name_Enabler.dll (Malware.UPX.Mod) -> Quarantined and deleted successfully.

(end)

GMER One
This .txt file was just empty, I don't know if it's supposed to be like this. GMER did run a quick scan when started but the saved log is just empty...

GMER Two

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-02-26 20:41:51
Windows 6.1.7601 Service Pack 1
Running: qyxkv91v.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xAF 0xEB 0x8A 0x59 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x35 0x6E 0xD2 0x59 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFD 0xFC 0xB3 0x47 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x2A 0x54 0x60 0x63 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xAF 0xEB 0x8A 0x59 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x35 0x6E 0xD2 0x59 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFD 0xFC 0xB3 0x47 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x2A 0x54 0x60 0x63 ...

---- EOF - GMER 1.0.15 ----

DDS

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by admin at 20:17:14 on 2012-02-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1033.18.4023.2556 [GMT 1:00]
.
AV: AVG Internet Security *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\AVG\AVG9\avgam.exe
C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
C:\Program Files (x86)\AVG\AVG9\avgemc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Users\admin\AppData\Roaming\cacaoweb\cacaoweb.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUI.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
D:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=041d&m=imedia_s3810&r=17361010n716pe415v165y66512232
uDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=041d&m=imedia_s3810&r=17361010n716pe415v165y66512232
mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=041d&m=imedia_s3810&r=17361010n716pe415v165y66512232
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=041d&m=imedia_s3810&r=17361010n716pe415v165y66512232
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [cacaoweb] "C:\Users\admin\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
mRun: [D3DOverrider] "C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderWrapper.exe" /s
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: Interfaces\{D3775893-BBA7-4F83-AB6A-232329218F2A} : DhcpNameServer = 130.244.127.161 130.244.127.169
TCP: Interfaces\{F8EE9510-ED6A-4941-B0B9-79B66AF76C97} : DhcpNameServer = 192.168.2.1 192.168.176.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
mRun-x64: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
mRun-x64: [D3DOverrider] "C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderWrapper.exe" /s
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun-x64: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8fbhm2fd.default\
FF - prefs.js: browser.startup.homepage - www.google.se
FF - component: C:\Program Files (x86)\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8fbhm2fd.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AvgRkx64;avgrkx64.sys;C:\Windows\system32\Drivers\avgrkx64.sys --> C:\Windows\system32\Drivers\avgrkx64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 AvgLdx64;AVG AVI Loader Driver x64;C:\Windows\system32\Drivers\avgldx64.sys --> C:\Windows\system32\Drivers\avgldx64.sys [?]
R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;C:\Windows\system32\Drivers\avgmfx64.sys --> C:\Windows\system32\Drivers\avgmfx64.sys [?]
R1 AvgTdiA;AVG Network Redirector x64;C:\Windows\system32\Drivers\avgtdia.sys --> C:\Windows\system32\Drivers\avgtdia.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
R2 avg9emc;AVG E-mail Scanner;C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-10-25 921952]
R2 avg9wd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-10-25 308136]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-2-7 2343816]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-3-18 243232]
R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-14 76320]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-24 135664]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-22 2253120]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;D:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2012-2-16 25832]
S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-24 135664]
S3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys --> C:\Windows\system32\DRIVERS\lv302a64.sys [?]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?]
S3 LVUVC64;Logitech Webcam 200(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-02-26 18:19:39 -------- d-----w- C:\Users\admin\AppData\Roaming\Malwarebytes
2012-02-26 18:19:32 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-26 18:19:32 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-26 18:19:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-26 14:07:28 -------- d-----w- C:\Program Files (x86)\Gmask 1.70 English
2012-02-19 16:41:03 -------- d-----w- C:\ProgramData\EA Logs
2012-02-17 23:04:29 -------- d-----w- C:\Users\admin\AppData\Local\SKIDROW
2012-02-17 13:54:04 -------- d-----w- C:\ProgramData\BioWare
2012-02-16 21:50:48 -------- d-----w- C:\Program Files (x86)\TeamViewer
2012-02-16 21:15:36 -------- d-----w- C:\Users\admin\AppData\Roaming\TeamViewer
2012-02-16 20:25:03 -------- d-----w- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2012-02-16 20:24:56 -------- d-----w- C:\ProgramData\Media Center Programs
2012-02-16 20:15:33 -------- d-----w- C:\Program Files (x86)\Common Files\BioWare
2012-02-10 22:47:55 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-02-10 22:47:55 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-02-10 22:47:55 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-02-10 22:47:55 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-02-10 22:47:55 -------- d-----w- C:\Program Files (x86)\OpenAL
2012-02-09 16:03:01 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2012-02-03 19:52:47 -------- d-----w- C:\Program Files (x86)\Amnesia - The Dark Descent
2012-02-03 09:29:56 42392 ----a-w- C:\Windows\SysWow64\xfcodec.dll
2012-02-03 09:29:56 28056 ----a-w- C:\Windows\System32\xfcodec64.dll
.
==================== Find3M ====================
.
2012-02-23 15:28:18 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-02-23 15:28:18 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-02-23 15:27:54 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-02-23 15:00:07 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-14 04:06:27 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-01-03 20:34:41 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl
2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-12-16 08:47:38 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-12-16 08:46:06 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2011-12-16 07:54:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-16 07:52:58 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2011-12-16 06:44:38 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-16 06:09:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 20:17:59,03 ===============

DDS - Attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2010-10-24 16:54:37
System Uptime: 2012-02-26 20:15:18 (0 hours ago)
.
Motherboard: Packard Bell | | imedia S3810
Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz | CPU 1 | 3067/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 287 GiB total, 120,678 GiB free.
D: is FIXED (NTFS) - 288 GiB total, 250,581 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is CDROM ()
K: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&153956B5&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&153956B5&0
Service: i8042prt
.
Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}
Description: Standard PS/2 Keyboard
Device ID: ACPI\PNP0303\4&153956B5&0
Manufacturer: (Standard keyboards)
Name: Standard PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&153956B5&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP177: 2012-02-11 16:08:12 - Windows Update
RP178: 2012-02-16 00:01:02 - Windows Update
RP179: 2012-02-17 15:48:46 - Installed DirectX
RP180: 2012-02-20 15:35:47 - Avg Update
RP181: 2012-02-24 20:38:50 - Logitech Webcam Software v12.10.1110
RP182: 2012-02-26 19:08:21 - Restore Operation
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
AC2 server emulator 0.44 by Dormine
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop Elements 8.0
Adobe Reader 9.1 MUI
Advertising Center
Apple Application Support
Apple Software Update
µTorrent
AVG 9.0
AviSynth 2.5
Battlefield 3™
Battlelog Web Plugins
Bejeweled 2 Deluxe
Blasterball 3
Bob the Builder Can-Do-Zoo
Build-a-lot 2
Chicken Invaders 3 - Revenge of the Yolk
Compatibility Pack for the 2007 Office system
Creative Element Power Tools
Curse Client
Dachon 4k
DAEMON Tools Lite
Dev-C++ 5 beta 9 release (4.9.9.2)
Dragon Age: Origins
Escape Rosecliff Island
ESN Sonar
Fable III
Faerie Solitaire
FATE - The Traitor Soul
Fraps (remove only)
Google Update Helper
Hotkey Utility
Identity Card
ImagXpress
ImgBurn
Insaniquarium Deluxe
Java Auto Updater
Java(TM) 6 Update 29
Jewel Quest
Jewel Quest Solitaire 3
Junk Mail filter update
LimeWire 4.12.11
LogMeIn Hamachi
Mahjongg Artifacts
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft XNA Framework Redistributable 3.1
Miners4k
Mozilla Firefox 10.0.2 (x86 en-US)
Mozilla Firefox 4.0.1 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 9 Essentials
Nero ControlCenter
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
NeroExpress
neroxml
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenAL
Origin
Packard Bell Game Console
Packard Bell Games
Packard Bell InfoCentre
Packard Bell Recovery Management
Packard Bell Registration
Packard Bell ScreenSaver
Packard Bell Software Suite SE
Packard Bell Updater
Penguins!
Polar Bowler
Polar Golfer
Polar Pool
Portal 2
Project64 1.6
PunkBuster Services
QuickTime
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Rockstar Games Social Club
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype™ 5.5
Spotify
Steam(TM)
System Requirements Lab CYRI
TouchCopy 11
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Vegas Movie Studio HD Platinum 10.0
Welcome Center
Videora iPhone Converter 6
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinPcap 4.1.2
Wireshark 1.6.4
Virtual Families
Virtual Villagers - A New Home
Visual C++ 8.0 Runtime Setup Package (x64)
VLC media player 1.1.4
World of Warcraft
World of Warcraft Public Test
Xfire (remove only)
Yahtzee
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
2012-02-26 17:25:13, Error: bowser [8003] - The master browser has received a server announcement from the computer ARTHAS that believes that it is the master browser for the domain on transport NetBT_Tcpip_{191ED7ED-1669-46B8-AF0F-730B24DEEB39}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================

Thank you for your time

Member Avatar
Rik_
Posting Maven
2,556 posts since May 2009
Reputation Points: 111 [?]
Q&As Helped to Solve: 221 [?]
Skill Endorsements: 8 [?]
 
0
 

Looking at your Mbam log, you have been infected by downloading illegal software.

Stop downloading illegal stuff if you want your computer to keep working well!!!

Member Avatar
rubberman
Senior Poster
3,999 posts since Mar 2010
Reputation Points: 513 [?]
Q&As Helped to Solve: 501 [?]
Skill Endorsements: 87 [?]
 
0
 

Well, I'm not sure I'd go as far as Rik and accuse you of downloading "illegal" software, but it appears you were infected with a virus. Rolling back the system probably removed them, as should have the Malware Bites A/V software. Consider yourself lucky if that is all that happened to you!

Member Avatar
Rik_
Posting Maven
2,556 posts since May 2009
Reputation Points: 111 [?]
Q&As Helped to Solve: 221 [?]
Skill Endorsements: 8 [?]
 
0
 

C:\Users\admin\Downloads\CSCZ skins 2010\Update.and.Crack-ASC-II-Mbb\SKIDROW\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Users\admin\Downloads\Left 4 Dead 2 - V2.0.1.1 (Patched For Online Gameplay) PROPER .Full-Rip. [blaze69]\Left 4 Dead 2\Left 4 Dead 2\left4dead2\addons\Name_Enabler.dll (Malware.UPX.Mod) -> Quarantined and deleted successfully.

A crack and an online gameplay patch! Definitely NOT legal.

Question Answered as of 2 Years Ago by Rik_ and rubberman
You
This question has already been solved: Start a new discussion instead
Post:
Start New Discussion
View similar articles that have also been tagged: