User Tag List

exe opens in notepad

This is a discussion on exe opens in notepad within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. exe opens in notepad Just as the title says. I have tried: https://support.microsoft.com/en-us/...a-or-windows-7 and downloaded the default.exe, right click, merge


 
 
Thread Tools Search this Thread
Old 10-21-2017, 02:32 PM   #1
Registered Member
 
Join Date: Oct 2010
Location: Sacramento, Ca
Posts: 58
OS: Win7



exe opens in notepad
Just as the title says.
I have tried:

https://support.microsoft.com/en-us/...a-or-windows-7

and downloaded the default.exe, right click, merge

Neither one helped.
I am logged in as an admin on my computer
Thx< Dave



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 11.151.2
Run by DaveThomas at 14:24:48 on 2017-10-21
.
============== Running Processes ================
.
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Program Files (x86)\Stardock\Object Desktop\WindowFX4\WindowFXSRV.exe
C:\Program Files (x86)\Stardock\Object Desktop\WindowFX4\WFX32.exe
C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
C:\Program Files (x86)\Origin\OriginWebHelperService.exe
C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\system32\PnkBstrA.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Tablet\Wacom\WacomHost.exe
C:\Program Files (x86)\Overwolf\Overwolf.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
C:\Program Files (x86)\Overwolf\0.107.254.0\OverwolfBrowser.exe
C:\Program Files (x86)\Common Files\Overwolf\0.107.254.0\OverwolfHelper.exe
C:\Program Files (x86)\Overwolf\0.107.254.0\OverwolfBrowser.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
.
============== Pseudo HJT Report ===============
.
BHO: AutorunsDisabled - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
uRun: [Overwolf] "C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe" -overwolfsilent
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
mRun: [TkBellExe] "C:\Program Files (x86)\Real\realplayer\update\realsched.exe" -osboot
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry
mRun: [snp2uvc] C:\Windows\vsnp2uvc.exe
mRun: [tsnp2uvc] C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: DisableThumbnails = dword:0
uPolicies-Explorer: DisableThumbnailsOnNetworkFolders = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_144-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00144-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_144-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_144-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{E72235FA-EBC4-4094-B2B5-7E8281242C39} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - <orphaned>
Notify: WBSrv - C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\PROGRA~2\COMMON~1\Stardock\mcpcore.dll
SSODL: WebCheck - <orphaned>
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-BHO: AutorunsDisabled - <orphaned>
x64-Run: [Thermal Controller] "C:\Program Files\Alienware\Command Center\ThermalController.exe" /auto
x64-Run: [MacDrive 8 application for Digidesign] "C:\Program Files\Mediafour\MacDrive 8\MacDriveD.exe"
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-Run: [AlienFX Controller] "C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
x64-Run: [AVGUI.exe] "C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe" /gui
x64-Run: [DigidesignMMERefresh] C:\Program Files\Avid\Pro Tools First\MMERefresh.exe
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
x64-Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - <orphaned>
x64-Notify: WB - <no file>
x64-SSODL: WebCheck - <orphaned>
x64-STS: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\DaveThomas\AppData\Roaming\Mozilla\Firefox\Profiles\09ad09mm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.zbrushcentral.com/forumdisplay.php?101-ZBrush-Questions-and-Troubleshooting-Forum
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll
FF - plugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Windows\System32\Macromed\Flash\NPSWF64_27_0_0_130.dll
FF - plugin: C:\Windows\System32\npDeployJava1.dll
FF - plugin: C:\Windows\System32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R? androidusb;ADB Interface Driver
R? AtiHDAudioService;AMD Function Driver for HD Audio Service
R? avgbdisk;avgbdisk
R? avgbIDSAgent;avgbIDSAgent
R? avgbidsdriver;avgbidsdriver
R? avgbidsh;avgbidsh
R? avgblog;avgblog
R? avgbuniv;avgbuniv
R? avgHwid;avgHwid
R? avgRdr;avgRdr
R? avgSnx;avgSnx
R? avgStm;avgStm
R? avgVmm;avgVmm
R? cfwids;McAfee Inc. cfwids
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? cpudrv64;cpudrv64
R? cpuz134;cpuz134
R? cpuz137;cpuz137
R? Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service
R? Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service
R? Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service
R? DDDriver;DDDriver
R? DellDataVault;Dell Data Vault
R? DellProf;DellProf
R? digiSPTIService64;digiSPTIService64
R? ElRawDisk;ElRawDisk
R? FLEXnet Licensing Service 64;FLEXnet Licensing Service 64
R? hidkmdf;KMDF Driver
R? HTCAND64;HTC Device Driver
R? htcnprot;HTC NDIS Protocol Driver
R? IEEtwCollectorService;Internet Explorer ETW Collector Service
R? L6PODLV;PODxt Live Service
R? massfilter_hs;HS HandSet Mass Storage Filter Driver
R? MBAMService;MBAMService
R? MBAMWebAccessControl;MBAMWebAccessControl
R? McShield;McShield
R? mfeavfk;McAfee Inc. mfeavfk
R? mfefirek;McAfee Inc. mfefirek
R? mfehidk;McAfee Inc. mfehidk
R? mfenlfk;McAfee NDIS Light Filter
R? mferkdet;McAfee Inc. mferkdet
R? mfevtp;McAfee Validation Trust Protection Service
R? mfewfpk;McAfee Inc. mfewfpk
R? mio;Master IO Filter Driver
R? nlsX86cc;Nalpeiron Licensing Service
R? NvStreamKms;NvStreamKms
R? nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
R? Origin Client Service;Origin Client Service
R? OverwolfUpdater;Overwolf Updater Windows SCM
R? PCDSRVC{90AB3B40-A9A6E5C8-06020200}_0;PCDSRVC{90AB3B40-A9A6E5C8-06020200}_0 - PCDR Kernel Mode Service Helper Driver
R? PROCEXP151;PROCEXP151
R? RDID1142;ME-80
R? RdpVideoMiniport;Remote Desktop Video Miniport Driver
R? rspLLL;rspLLL
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? rzudd;Razer Mouse Driver
R? SWDUMon;SWDUMon
R? SwitchBoard;Adobe SwitchBoard
R? Synth3dVsc;Synth3dVsc
R? TsUsbFlt;TsUsbFlt
R? tsusbhub;tsusbhub
R? VGPU;VGPU
R? WacHidRouter;Wacom Hid Router
R? WatAdminSvc;Windows Activation Technologies Service
R? WinRing0_1_2_0;WinRing0_1_2_0
R? zghsdiag;ZTE General Handset Diagnostic Port
R? zghsmdm;ZTE General Handset USB Modem Proprietary
R? zghsnmea;ZTE General Handset NMEA Port
S? AGSService;Adobe Genuine Software Integrity Service
S? AVG Antivirus;AVG Antivirus
S? avgMonFlt;avgMonFlt
S? avgRvrt;avgRvrt
S? avgSP;avgSP
S? avgsvc;AVG Service
S? avgtp;avgtp
S? AvidAssetCacheService;Avid Asset Cache Service
S? AvidAssetDeliveryService;Avid Asset Delivery Service
S? AvidProjectSyncService;Avid Project Sync Service
S? AvidTransportClient;Avid Transport Client
S? BPowMon;Broadcom Power monitoring service
S? cpuz132;cpuz132
S? DiagTrack;Diagnostics Tracking Service
S? DigiNet;Digidesign Ethernet Support
S? Futuremark SystemInfo Service;Futuremark SystemInfo Service
S? IAStorDataMgrSvc;Intel(R) Rapid Storage Technology
S? IOCBIOS;IOCBIOS
S? k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0
S? LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver
S? LGCoreTemp;Logitech CPU Core Tempurature
S? LGJoyHidFilter;Logitech Gaming HID Filter Driver (LGS)
S? LGJoyXlCore;Logitech Translation Layer Driver (LGS)
S? LGVirHid;Logitech Gamepanel Virtual HID Device Driver
S? LogiRegistryService;Logitech Gaming Registry Service
S? MacDrive8ServiceD;MacDrive 8 service for Digidesign
S? MBAMProtector;MBAMProtector
S? MDFSYSNT;MacDrive file system driver
S? MDPMGRNT;MacDrive Partition Driver
S? nvoclk64;NVIDIA Enthusiasts Platform KDM
S? Origin Web Helper Service;Origin Web Helper Service
S? PaceLicenseDServices;PACE License Services
S? PassThru Service;Internet Pass-Through Service
S? PxHlpa64;PxHlpa64
S? RawDisk3;RawDisk3
S? RealPlayer Cloud Service;RealPlayer Cloud Service
S? RegHiveRecovery;Registry Hive Recovery Driver
S? rtsuvc;USB2.0 1080p UVC Camera
S? RzFilter;RzFilter
S? RzSynapse;Razer Driver
S? SupportAssistAgent;Dell SupportAssist Agent
S? t3;Sound Blaster X-Fi Xtreme Audio
S? TabletServiceWacom;TabletServiceWacom
S? voxaldriver;Voxal Filter Driver 2.12.01
S? WacHidRouterPro;Wacom Hid Router Pro
S? wacomrouterfilter;Wacom Router Filter Driver
S? WindowFX;Stardock WindowFX
S? WTabletServicePro;Wacom Professional Service
.
=============== File Associations ===============
.
FileExt: .jse: JSEFile=NOTEPAD.EXE %1
FileExt: .wsf: WSFFile=NOTEPAD.EXE %1
ShellExec: switch.exe: open="C:\Program Files (x86)\NCH Software\Switch\switch" "%L"
.
=============== Created Last 30 ================
.
2017-10-21 20:38:48 876 ----a-w- C:\exe.reg
2017-10-21 04:41:03 -------- d-----w- C:\Users\DaveThomas\.thumbnails
2017-10-19 18:18:19 402608 ----a-w- C:\Windows\System32\avgBoot.exe
2017-10-18 18:36:15 -------- d-----w- C:\Users\DaveThomas\.android
2017-10-18 18:35:33 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\MyPhoneExplorer
2017-10-18 04:21:55 97232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2017-10-18 04:21:55 892616 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
2017-10-12 18:45:33 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\Software Informer
2017-10-12 15:13:59 -------- d-----w- C:\Program Files\Pixologic
2017-10-12 05:38:25 126925120 -c--a-w- C:\Windows\System32\MRT-KB890830.exe
2017-10-11 23:46:19 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2017-10-11 23:46:18 -------- d-----w- C:\Program Files (x86)\Overwolf
2017-10-11 23:45:41 -------- d-----w- C:\ProgramData\Overwolf
2017-10-11 23:43:28 -------- d-----w- C:\Users\DaveThomas\AppData\Local\Overwolf
2017-10-10 18:15:29 52976 ----a-w- C:\Windows\System32\drivers\voxaldriverx64.sys
2017-10-10 18:02:47 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\NCH Software
2017-10-10 04:14:15 18896 ----a-w- C:\Program Files (x86)\Mozilla Firefox\qipcap64.dll
2017-10-08 18:51:24 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\AIMP
2017-10-08 18:49:39 -------- d-----w- C:\Users\DaveThomas\AppData\Local\Apple Computer
2017-10-07 19:01:43 48304 ----a-w- C:\Windows\System32\drivers\RegHiveRecovery.sys
2017-10-07 19:01:09 -------- d-----w- C:\Program Files (x86)\Windows Kits
2017-10-07 18:48:25 26368 ----a-w- C:\Windows\System32\drivers\rspLLL64.sys
2017-10-07 18:48:25 -------- d-----w- C:\Program Files\LatencyMon
2017-10-07 18:48:12 -------- d-----w- C:\Users\DaveThomas\AppData\Local\Programs
2017-10-07 18:37:57 -------- d-----w- C:\Users\DaveThomas\AppData\Local\PaceAP
2017-10-07 18:28:32 -------- d-----w- C:\Program Files (x86)\ASIO4ALL v2
2017-09-30 22:39:44 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\PreSonus
2017-09-30 22:23:37 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\Avid
2017-09-30 22:04:16 -------- d-----w- C:\Program Files (x86)\iLok License Manager
2017-09-30 22:04:16 -------- d-----w- C:\Program Files (x86)\Common Files\PACE
2017-09-30 21:55:36 -------- d-----w- C:\Users\DaveThomas\AppData\Local\Avid
2017-09-30 18:00:47 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\BOSS-TONE-STUDIO-for-ME-80
2017-09-30 18:00:45 -------- d-----w- C:\Program Files (x86)\BOSS TONE STUDIO for ME-80
2017-09-30 17:55:48 -------- d-----w- C:\Users\DaveThomas\AppData\Local\ElevatedDiagnostics
2017-09-30 17:39:33 -------- d-----w- C:\Users\DaveThomas\AppData\Local\Macromedia
2017-09-29 17:27:43 -------- d-----w- C:\Users\DaveThomas\AppData\Local\TeamSpeak 3
2017-09-29 17:27:40 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\NVIDIA
2017-09-29 17:27:40 -------- d-----w- C:\Users\DaveThomas\.QtWebEngineProcess
2017-09-29 17:27:38 -------- d-----w- C:\Users\DaveThomas\.TeamSpeak 3
2017-09-29 17:27:24 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\TS3Client
2017-09-29 16:56:38 -------- d-----w- C:\Users\DaveThomas\AppData\Local\Activision
2017-09-29 15:43:51 -------- d-----w- C:\Users\DaveThomas\AppData\Local\Steam
2017-09-29 04:35:02 714560 ----a-w- C:\Windows\System32\RDDP1142.EXE
2017-09-29 04:35:02 637952 ----a-w- C:\Windows\System32\RDCP1142.CPL
2017-09-29 04:35:02 275456 ----a-w- C:\Windows\SysWow64\RDAH1142.DAT
2017-09-29 04:35:02 202880 ----a-w- C:\Windows\System32\drivers\RDWM1142.sys
2017-09-29 04:35:02 17920 ----a-w- C:\Windows\System32\RDCI1142.DLL
2017-09-29 04:35:02 116736 ----a-w- C:\Windows\System32\RDAS1142.DLL
2017-09-29 04:35:02 102400 ----a-w- C:\Windows\SysWow64\RDAW1142.DLL
2017-09-29 04:35:02 -------- d-----w- C:\Program Files\RdDrv001
2017-09-29 03:57:49 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\com.adobe.configurator2.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
2017-09-28 23:57:48 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\AVG
2017-09-28 23:49:52 -------- d-----w- C:\Users\DaveThomas\AppData\Local\Mozilla
2017-09-28 23:46:57 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\Intel Corporation
2017-09-28 23:46:18 -------- d-----w- C:\Users\DaveThomas\AppData\Local\ArcSoft
2017-09-28 23:46:00 -------- d-----w- C:\Users\DaveThomas\AppData\Local\Logitech
2017-09-28 23:45:56 -------- d-----w- C:\Users\DaveThomas\AppData\Local\Adobe
2017-09-28 23:45:45 -------- d-----w- C:\Users\DaveThomas\AppData\Local\CEF
2017-09-28 23:45:15 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\Stardock
2017-09-28 23:45:14 -------- d-----w- C:\Users\DaveThomas\AppData\Local\Google
2017-09-28 23:43:39 -------- d-----w- C:\Users\DaveThomas\AppData\Roaming\WTablet
2017-09-28 23:43:33 -------- d-----w- C:\Users\DaveThomas\AppData\Local\NVIDIA Corporation
2017-09-24 22:55:59 -------- d-----w- C:\ProgramData\SupportAssist
2017-09-24 16:04:34 246272 ----a-w- C:\Windows\SysWow64\rsnp2uvc.dll
2017-09-24 16:04:34 238080 ----a-w- C:\Windows\System32\rsnp2uvc.dll
2017-09-24 16:04:33 -------- d-----w- C:\Program Files (x86)\Common Files\SNP2UVC
2017-09-23 04:32:17 127440 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleHandler.dll
2017-09-22 19:19:03 94952 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2017-09-22 19:19:03 620544 ----a-w- C:\Windows\System32\generaltel.dll
2017-09-22 19:19:03 535552 ----a-w- C:\Windows\System32\devinv.dll
2017-09-22 19:19:03 325632 ----a-w- C:\Windows\System32\invagent.dll
2017-09-22 19:19:03 311296 ----a-w- C:\Windows\System32\centel.dll
2017-09-22 19:19:03 217088 ----a-w- C:\Windows\System32\aepic.dll
2017-09-22 19:19:03 1691136 ----a-w- C:\Windows\System32\aitstatic.exe
2017-09-22 19:19:03 1555968 ----a-w- C:\Windows\System32\appraiser.dll
2017-09-22 19:19:03 127488 ----a-w- C:\Windows\System32\acmigration.dll
2017-09-22 19:19:03 1206272 ----a-w- C:\Windows\System32\aeinv.dll
2017-09-22 19:03:42 -------- d-----w- C:\ProgramData\PC-Doctor for Windows
.
==================== Find3M ====================
.
2017-10-20 14:37:58 97856 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2017-10-19 18:18:12 76832 ----a-w- C:\Windows\System32\drivers\avgRvrt.sys
2017-10-19 18:18:12 579584 ----a-w- C:\Windows\System32\drivers\avgSP.sys
2017-10-19 18:18:12 39424 ----a-w- C:\Windows\System32\drivers\avgHwid.sys
2017-10-19 18:18:12 355856 ----a-w- C:\Windows\System32\drivers\avgVmm.sys
2017-10-19 18:18:12 193768 ----a-w- C:\Windows\System32\drivers\avgStm.sys
2017-10-19 18:18:12 140192 ----a-w- C:\Windows\System32\drivers\avgMonFlt.sys
2017-10-19 18:18:12 102792 ----a-w- C:\Windows\System32\drivers\avgRdr2.sys
2017-10-19 18:18:02 1012952 ----a-w- C:\Windows\System32\drivers\avgSnx.sys
2017-10-19 18:17:56 51336 ----a-w- C:\Windows\System32\drivers\avgbuniva.sys
2017-10-19 18:17:56 336896 ----a-w- C:\Windows\System32\drivers\avgbloga.sys
2017-10-19 18:17:56 314640 ----a-w- C:\Windows\System32\drivers\avgbidsdrivera.sys
2017-10-19 18:17:56 192584 ----a-w- C:\Windows\System32\drivers\avgbidsha.sys
2017-10-19 18:17:56 166624 ----a-w- C:\Windows\System32\drivers\avgbdiska.sys
2017-10-09 21:05:47 2211784 ----a-w- C:\Windows\System32\Wintab32.dll
2017-10-09 21:05:46 2380744 ----a-w- C:\Windows\System32\Wacom_Tablet.dll
2017-10-09 21:05:46 2373576 ----a-w- C:\Windows\System32\Wacom_Touch_Tablet.dll
2017-10-09 21:05:46 2273224 ----a-w- C:\Windows\System32\WacomMT.dll
2017-10-09 21:05:44 1865672 ----a-w- C:\Windows\SysWow64\Wacom_Touch_Tablet.dll
2017-10-09 21:05:44 1712072 ----a-w- C:\Windows\SysWow64\Wintab32.dll
2017-10-09 21:05:43 1872840 ----a-w- C:\Windows\SysWow64\Wacom_Tablet.dll
2017-10-09 21:05:43 1750984 ----a-w- C:\Windows\SysWow64\WacomMT.dll
2017-10-08 18:38:57 1804680 ----a-w- C:\Windows\System32\wdfcoinstaller01011.dll
2017-10-08 18:38:57 17912 ----a-w- C:\Windows\System32\drivers\wacomrouterfilter.sys
2017-10-08 18:38:57 115192 ----a-w- C:\Windows\System32\drivers\wachidrouter.sys
2017-09-30 22:04:19 25432 ----a-w- C:\Windows\System32\drivers\iLokDrvr.sys
2017-09-30 17:38:38 803328 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2017-09-30 17:38:38 144896 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2017-09-20 19:11:35 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2017-09-20 19:11:35 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2017-09-20 19:11:35 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2017-09-20 19:11:35 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2017-09-13 15:33:50 631176 ----a-w- C:\Windows\System32\winresume.efi
2017-09-13 15:32:36 706792 ----a-w- C:\Windows\System32\winload.efi
2017-09-13 15:32:35 5547752 ----a-w- C:\Windows\System32\ntoskrnl.exe
2017-09-13 15:32:33 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2017-09-13 15:32:33 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2017-09-13 15:31:56 1732864 ----a-w- C:\Windows\System32\ntdll.dll
2017-09-13 15:27:59 731648 ----a-w- C:\Windows\System32\kerberos.dll
2017-09-13 15:13:35 4001512 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2017-09-13 15:13:35 3945704 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2017-09-13 15:10:46 1314112 ----a-w- C:\Windows\SysWow64\ntdll.dll
2017-09-13 15:08:59 554496 ----a-w- C:\Windows\SysWow64\kerberos.dll
2017-09-13 15:05:20 324608 ----a-w- C:\Windows\System32\drivers\nwifi.sys
2017-09-13 15:00:54 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2017-09-13 15:00:50 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2017-09-13 15:00:50 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2017-09-13 15:00:10 64000 ----a-w- C:\Windows\System32\auditpol.exe
2017-09-13 14:57:12 338432 ----a-w- C:\Windows\System32\conhost.exe
2017-09-13 14:56:20 296960 ----a-w- C:\Windows\System32\rstrui.exe
2017-09-13 14:53:40 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2017-09-13 14:53:06 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2017-09-13 14:53:04 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2017-09-13 14:52:23 30720 ----a-w- C:\Windows\System32\lsass.exe
2017-09-13 14:52:20 112640 ----a-w- C:\Windows\System32\smss.exe
2017-09-13 14:50:26 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2017-09-13 14:47:00 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2017-09-13 14:46:59 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2017-09-13 14:46:59 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2017-09-13 14:46:58 2048 ----a-w- C:\Windows\SysWow64\user.exe
2017-09-13 14:46:13 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2017-09-13 14:46:06 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2017-09-13 14:46:06 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 14:46:06 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 14:46:06 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2017-09-08 15:34:37 1680616 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2017-09-08 15:30:58 2319872 ----a-w- C:\Windows\System32\tquery.dll
2017-09-08 15:30:58 149504 ----a-w- C:\Windows\System32\t2embed.dll
2017-09-08 15:30:53 2058240 ----a-w- C:\Windows\System32\Query.dll
2017-09-08 15:30:48 99840 ----a-w- C:\Windows\System32\mssprxy.dll
2017-09-08 15:30:48 778240 ----a-w- C:\Windows\System32\mssvp.dll
2017-09-08 15:30:48 75264 ----a-w- C:\Windows\System32\msscntrs.dll
2017-09-08 15:30:48 491520 ----a-w- C:\Windows\System32\mssph.dll
2017-09-08 15:30:48 288256 ----a-w- C:\Windows\System32\mssphtb.dll
2017-09-08 15:30:48 2222080 ----a-w- C:\Windows\System32\mssrch.dll
2017-09-08 15:30:48 14336 ----a-w- C:\Windows\System32\msshooks.dll
2017-09-08 15:30:48 115200 ----a-w- C:\Windows\System32\mssitlb.dll
2017-09-08 15:30:44 405504 ----a-w- C:\Windows\System32\gdi32.dll
2017-09-08 15:14:08 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2017-09-08 15:13:47 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2017-09-08 15:13:17 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2017-09-08 15:10:06 312832 ----a-w- C:\Windows\SysWow64\gdi32.dll
2017-09-08 15:10:05 1549824 ----a-w- C:\Windows\SysWow64\tquery.dll
2017-09-08 15:10:04 109568 ----a-w- C:\Windows\SysWow64\t2embed.dll
2017-09-08 15:10:01 1363968 ----a-w- C:\Windows\SysWow64\Query.dll
2017-09-08 15:09:57 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll
2017-09-08 15:09:57 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2017-09-08 15:09:57 34816 ----a-w- C:\Windows\SysWow64\mssprxy.dll
2017-09-08 15:09:57 337408 ----a-w- C:\Windows\SysWow64\mssph.dll
2017-09-08 15:09:57 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll
2017-09-08 15:09:57 1400320 ----a-w- C:\Windows\SysWow64\mssrch.dll
2017-09-08 15:09:57 104448 ----a-w- C:\Windows\SysWow64\mssitlb.dll
2017-09-08 15:00:25 3222016 ----a-w- C:\Windows\System32\win32k.sys
2017-09-08 15:00:05 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2017-09-08 15:00:01 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
2017-09-08 14:59:28 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2017-09-08 14:59:17 9728 ----a-w- C:\Windows\SysWow64\msshooks.dll
2017-09-08 14:20:51 8704 ----a-w- C:\Windows\SysWow64\msjint40.dll
2017-09-08 14:20:51 640512 ----a-w- C:\Windows\SysWow64\mswstr10.dll
2017-09-08 14:20:50 345088 ----a-w- C:\Windows\SysWow64\msexcl40.dll
.
============= FINISH: 14:27:20.41 ===============
Attached Files
File Type: txt attach.txt (7.9 KB, 6 views)
AlienBorn is offline  
Sponsored Links
Advertisement
 
Old 10-24-2017, 03:13 AM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Check for additional security risks:
  • Please download CKScanner© by askey127 and save it to your desktop.
  • Double-click on CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File. You will be prompted, just click OK.
  • Post the contents of ckfiles.txt in your next reply. It is located on your desktop.
------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan
  • Once the Scan is done, select Clean
  • Once done it will ask to reboot, please allow the reboot.
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[C#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • It also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 11-26-2017, 12:27 PM   #3
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

IMPORTANT - Read This Before Posting For Malware Removal Help

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Notepad Error
I have been using Vista on several computers since it was first available. I'm just now having this particular problem. I open Notepad and type (or paste) something I want to keep in a Documents sub folder. I click 'Save'. Next, a window opens for me to give the file a name. 50% of the time,...
likekinds Windows 7 , Windows Vista Support 9 08-07-2013 06:18 PM
Open notepad to a specific directory
Usually when I open notepad it opens up from my c:\docs folder even after I re-boot my computer.. Recently something has changed and always open up to My Documents folder even If I didn't save anything on that directory. How to do I change it so that whever I re-boot and open notepad it...
zhong Windows XP Support 2 02-15-2013 08:44 AM
Halpz! Left clicking opens new tabs O_O
Today, something weird started happening. Everytime that I left click anywhere on my firefox window, a new tab opens with a "Dummy test" advertisement. This means that when I try to close the tab with another left click, a new tab opens... and this is pretty much an endless process :P It looks...
halpzor Resolved HJT Threads 1 01-19-2013 06:11 PM
EXE. Files cannot be opened and have tried EVERYTHING!
I have : tried running the regedit thing when creating a file and naming it reg with the correct coading as found online tried downloading an exe xp file found online to correct problem tried manually opening with but have no idea the correct exe file to open it with there are thousands in...
an10ny Windows 7 , Windows Vista Support 9 02-10-2011 12:02 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 08:22 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts