Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

suspecting virus : random start

This is a discussion on suspecting virus : random start within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.18698 Run by Trang at 11:50:46 on 2017-07-10 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.6540


Closed Thread
 
Thread Tools Search this Thread
Old 07-10-2017, 09:13 AM   #1
Registered Member
 
learnmore7's Avatar
 
Join Date: Jul 2017
Posts: 29
OS: windows 7 home premium



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18698
Run by Trang at 11:50:46 on 2017-07-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.6540 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
SP: Microsoft Security Essentials *Enabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Origin\OriginWebHelperService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://start.wow.com/?s_pt=source9&s_chn=y17w26&s_chn2=100&hp_uid=tDtDtByEtBtCtB0DtD0CtDzzyCyE0EtA2RtBtDtCyBtDyBtDzytBtCtBzyyDyDtAtDzy&s_gl=US
mWinlogon: Userinit = userinit.exe
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
mRun: [CTxfiHlp] CTXFIHLP.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{826FFC60-C6AD-4E4F-9ADD-8B286ED98D3E} : DHCPNameServer = 209.18.47.61 209.18.47.62
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Trang\AppData\Roaming\Mozilla\Firefox\Profiles\9lf1gh6k.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2016-8-25 295000]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-7-9 462968]
R2 Origin Web Helper Service;Origin Web Helper Service;C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-7-10 3149720]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2014-3-1 205080]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2014-3-1 1419544]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2014-3-1 97048]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2016-8-25 135928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2017-7-9 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2017-7-9 79360]
S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2014-3-1 205080]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2014-3-1 1419544]
S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2014-3-1 97048]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2017-7-10 116224]
S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2017-7-10 2169744]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2017-7-9 1255736]
.
=============== Created Last 30 ================
.
2017-07-10 15:19:30 -------- d-----w- C:\z-decay
2017-07-10 15:18:58 -------- d-----w- C:\Users\Trang\AppData\Roaming\GHISLER
2017-07-10 15:18:58 -------- d-----w- C:\Users\Trang\AppData\Local\GHISLER
2017-07-10 15:17:54 -------- d-----w- C:\wincmd
2017-07-10 08:25:32 -------- d-----w- C:\ProgramData\Electronic Arts
2017-07-10 08:25:17 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2017-07-10 07:50:18 -------- d-----w- C:\Program Files (x86)\Origin Games
2017-07-10 07:49:19 -------- d-----w- C:\Users\Trang\AppData\Roaming\Origin
2017-07-10 07:46:50 -------- d-----w- C:\Program Files (x86)\Origin
2017-07-10 07:45:22 -------- d-----w- C:\Users\Trang\.QtWebEngineProcess
2017-07-10 07:45:22 -------- d-----w- C:\Users\Trang\.Origin
2017-07-10 07:45:20 -------- d-----w- C:\ProgramData\Origin
2017-07-10 07:45:12 -------- d-----w- C:\Users\Trang\AppData\Local\Origin
2017-07-10 07:31:14 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2017-07-10 07:31:14 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2017-07-10 07:31:04 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2017-07-10 07:31:04 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2017-07-10 06:39:19 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2017-07-10 06:39:19 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2017-07-10 06:39:09 1424896 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2017-07-10 06:39:08 647680 ----a-w- C:\Windows\System32\d3d10level9.dll
2017-07-10 06:39:08 603648 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2017-07-10 06:39:08 1230848 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2017-07-10 06:38:57 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2017-07-10 06:38:57 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2017-07-10 01:52:59 508264 ----a-w- C:\Windows\System32\d3dx10_35.dll
2017-07-10 01:49:41 -------- d-----w- C:\ProgramData\Package Cache
2017-07-10 01:41:48 -------- d-----w- C:\Users\Trang\AppData\Local\Thunderbird
2017-07-10 01:37:57 -------- d-----w- C:\Users\Trang\AppData\Local\Steam
2017-07-10 01:37:57 -------- d-----w- C:\Users\Trang\AppData\Local\CEF
2017-07-10 01:35:02 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2017-07-10 01:35:00 -------- d-----w- C:\Program Files (x86)\Steam
2017-07-10 01:30:40 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{23F9BFA1-4469-4D08-9DA0-DDDED101A6D4}\offreg.916.dll
2017-07-10 01:20:27 -------- d-----w- C:\Program Files\CCleaner
2017-07-10 01:20:04 -------- d-----w- C:\Users\Trang\AppData\Local\Google
2017-07-10 01:00:22 647872 ------w- C:\Windows\SysWow64\Mscomct2.ocx
2017-07-10 01:00:22 53248 ------w- C:\Windows\Ctregrun.exe
2017-07-10 00:52:29 7062 ----a-w- C:\Windows\SysWow64\audiopid.vxd
2017-07-10 00:51:41 -------- d--h--w- C:\Program Files (x86)\Creative Installation Information
2017-07-10 00:51:41 -------- d-----w- C:\Program Files (x86)\Common Files\Creative
2017-07-10 00:51:33 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared
2017-07-10 00:51:24 -------- d-----w- C:\Program Files\Creative
2017-07-10 00:50:41 102400 ----a-w- C:\Windows\SysWow64\cttele32.dll
2017-07-10 00:50:40 107008 ----a-w- C:\Windows\System32\cttele64.dll
2017-07-10 00:50:30 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2017-07-10 00:50:30 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2017-07-10 00:50:30 -------- d-----w- C:\Program Files (x86)\OpenAL
2017-07-10 00:50:29 89088 ----a-w- C:\Windows\System32\CmdRtr64.DLL
2017-07-10 00:50:29 73728 ----a-w- C:\Windows\SysWow64\CmdRtr.DLL
2017-07-10 00:50:29 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2017-07-10 00:50:29 190976 ----a-w- C:\Windows\System32\APOMgr64.DLL
2017-07-10 00:50:29 148480 ----a-w- C:\Windows\SysWow64\APOMngr.DLL
2017-07-10 00:50:29 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2017-07-10 00:49:11 12288 ----a-w- C:\Windows\System32\INRES.DLL
2017-07-10 00:49:11 11776 ----a-w- C:\Windows\SysWow64\INRES.DLL
2017-07-10 00:49:11 -------- d-----w- C:\Windows\SysWow64\Data
2017-07-10 00:49:11 -------- d-----w- C:\Windows\System32\Data
2017-07-10 00:49:09 -------- d-----w- C:\Program Files (x86)\Creative
2017-07-10 00:48:58 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2017-07-10 00:48:58 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2017-07-10 00:48:58 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2017-07-10 00:48:58 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2017-07-10 00:48:58 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2017-07-10 00:48:58 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2017-07-10 00:48:55 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2017-07-10 00:48:55 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2017-07-10 00:19:10 1078240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4505B277-E703-469D-94A1-7817D5B44540}\gapaengine.dll
2017-07-10 00:18:57 13120896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{23F9BFA1-4469-4D08-9DA0-DDDED101A6D4}\mpengine.dll
2017-07-10 00:17:58 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2017-07-10 00:17:56 -------- d-sh--w- C:\Windows\Installer
2017-07-10 00:17:56 -------- d-----w- C:\Program Files\Microsoft Security Client
2017-07-10 00:09:17 -------- d-----w- C:\Users\Trang\AppData\Local\Mozilla
2017-07-10 00:09:06 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-09 23:45:51 -------- d-----w- C:\Windows\SysWow64\Wat
2017-07-09 23:45:51 -------- d-----w- C:\Windows\System32\Wat
2017-07-09 23:25:00 124624 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2017-07-09 23:25:00 103120 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2017-07-09 23:19:01 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2017-07-09 23:16:26 859648 ----a-w- C:\Windows\System32\tdh.dll
2017-07-09 23:16:26 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2017-07-09 2315 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2017-07-09 2315 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2017-07-09 22:40:21 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2017-07-09 22:40:18 13120896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{377559BF-F43E-4A36-9F97-CE579149533F}\mpengine.dll
2017-07-09 22:35:36 -------- d-----w- C:\Windows\System32\MRT
2017-07-09 22:35:29 -------- d-----w- C:\Windows\Panther
2017-07-09 22:14:13 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2017-07-09 22:14:13 5120 ----a-w- C:\Windows\System32\wmi.dll
2017-07-09 22:14:13 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2017-07-09 22:10:17 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2017-07-09 22:10:17 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2017-07-09 22:10:16 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2017-07-09 22:10:16 8856 ----a-w- C:\Windows\System32\icardres.dll
2017-07-09 22:10:16 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2017-07-09 22:10:16 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2017-07-09 22:10:10 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2017-07-09 22:10:10 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2017-07-09 22:07:55 52736 ----a-w- C:\Windows\System32\basesrv.dll
2017-07-09 2250 241152 ----a-w- C:\Windows\System32\pku2u.dll
2017-07-09 22:05:57 30720 ----a-w- C:\Windows\System32\seclogon.dll
2017-07-09 22:04:10 331776 ----a-w- C:\Windows\System32\oleacc.dll
2017-07-09 22:04:10 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2017-07-09 22:04:06 79360 ----a-w- C:\Windows\System32\clfsw32.dll
2017-07-09 22:04:06 58880 ----a-w- C:\Windows\SysWow64\clfsw32.dll
2017-07-09 21:53:13 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2017-07-09 21:53:13 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2017-07-09 21:53:13 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
.
==================== Find3M ====================
.
2017-07-09 23:08:18 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-06-02 08:28:21 2317824 ----a-w- C:\Windows\System32\tquery.dll
2017-06-02 08:28:14 99840 ----a-w- C:\Windows\System32\mssprxy.dll
2017-06-02 08:28:14 778240 ----a-w- C:\Windows\System32\mssvp.dll
2017-06-02 08:28:14 75264 ----a-w- C:\Windows\System32\msscntrs.dll
2017-06-02 08:28:14 491520 ----a-w- C:\Windows\System32\mssph.dll
2017-06-02 08:28:14 288256 ----a-w- C:\Windows\System32\mssphtb.dll
2017-06-02 08:28:14 2222080 ----a-w- C:\Windows\System32\mssrch.dll
2017-06-02 08:28:14 14336 ----a-w- C:\Windows\System32\msshooks.dll
2017-06-02 08:28:14 115200 ----a-w- C:\Windows\System32\mssitlb.dll
2017-06-02 08:11:17 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2017-06-02 08:11:17 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2017-06-02 08:10:16 733696 ----a-w- C:\Windows\HelpPane.exe
2017-06-02 08:10:11 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2017-06-02 08:09:56 1549824 ----a-w- C:\Windows\SysWow64\tquery.dll
2017-06-02 08:09:50 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll
2017-06-02 08:09:50 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2017-06-02 08:09:50 34816 ----a-w- C:\Windows\SysWow64\mssprxy.dll
2017-06-02 08:09:50 337408 ----a-w- C:\Windows\SysWow64\mssph.dll
2017-06-02 08:09:50 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll
2017-06-02 08:09:50 1400320 ----a-w- C:\Windows\SysWow64\mssrch.dll
2017-06-02 08:09:50 104448 ----a-w- C:\Windows\SysWow64\mssitlb.dll
2017-06-02 07:58:31 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2017-06-02 07:58:23 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
2017-06-02 07:57:42 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2017-06-02 07:57:31 9728 ----a-w- C:\Windows\SysWow64\msshooks.dll
2017-05-30 20:45:51 565416 ------w- C:\Windows\System32\MpSigStub.exe
2017-05-21 04:28:29 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2017-05-21 04:28:29 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2017-05-21 0434 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2017-05-21 03:55:25 64000 ----a-w- C:\Windows\System32\auditpol.exe
2017-05-21 03:48:54 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2017-05-21 03:48:19 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2017-05-21 03:48:17 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2017-05-21 03:47:36 30720 ----a-w- C:\Windows\System32\lsass.exe
2017-05-21 03:46:34 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2017-05-21 03:42:24 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2017-05-19 21:52:10 521624 ----a-w- C:\Windows\System32\OpenCL.dll
2017-05-19 21:52:08 427416 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2017-05-19 21:50:16 35357264 ----a-w- C:\Windows\System32\nvoglv64.dll
2017-05-19 21:50:10 28601424 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
2017-05-19 21:49:52 14278736 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2017-05-19 21:49:30 969624 ----a-w- C:\Windows\System32\NvIFR64.dll
2017-05-19 21:49:28 920664 ----a-w- C:\Windows\SysWow64\NvIFR.dll
2017-05-19 21:48:50 54680 ----a-w- C:\Windows\System32\nvhdap64.dll
2017-05-19 21:48:46 1609232 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2017-05-19 21:48:42 226712 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2017-05-19 21:48:30 999832 ----a-w- C:\Windows\SysWow64\NvFBC.dll
2017-05-19 21:48:30 1062488 ----a-w- C:\Windows\System32\NvFBC64.dll
2017-05-19 21:48:22 1996696 ----a-w- C:\Windows\System32\nvdispco6438205.dll
2017-05-19 21:48:22 1598360 ----a-w- C:\Windows\System32\nvdispgenco6438205.dll
2017-05-19 21:48:10 3441560 ----a-w- C:\Windows\System32\nvcuvid.dll
2017-05-19 21:48:06 3020696 ----a-w- C:\Windows\SysWow64\nvcuvid.dll
2017-05-19 21:47:50 40210520 ----a-w- C:\Windows\System32\nvcompiler.dll
2017-05-19 21:47:42 35290200 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2017-05-19 21:45:34 20248040 ----a-w- C:\Windows\System32\nvwgf2umx.dll
2017-05-19 21:45:28 17584440 ----a-w- C:\Windows\SysWow64\nvwgf2um.dll
2017-05-19 21:45:24 504208 ----a-w- C:\Windows\System32\nvumdshimx.dll
2017-05-19 21:45:22 419168 ----a-w- C:\Windows\SysWow64\nvumdshim.dll
2017-05-19 21:45:18 11161992 ----a-w- C:\Windows\System32\nvptxJitCompiler.dll
2017-05-19 21:45:14 9102480 ----a-w- C:\Windows\SysWow64\nvptxJitCompiler.dll
2017-05-19 21:45:10 10648696 ----a-w- C:\Windows\System32\nvopencl.dll
2017-05-19 21:45:08 8891344 ----a-w- C:\Windows\SysWow64\nvopencl.dll
2017-05-19 21:45:06 163600 ----a-w- C:\Windows\System32\nvoglshim64.dll
2017-05-19 21:45:02 141736 ----a-w- C:\Windows\SysWow64\nvoglshim32.dll
2017-05-19 21:44:58 180736 ----a-w- C:\Windows\System32\nvinitx.dll
2017-05-19 21:44:58 158176 ----a-w- C:\Windows\SysWow64\nvinit.dll
2017-05-19 21:44:56 703880 ----a-w- C:\Windows\System32\nvfatbinaryLoader.dll
2017-05-19 21:44:56 591672 ----a-w- C:\Windows\SysWow64\nvfatbinaryLoader.dll
2017-05-19 21:44:44 16587184 ----a-w- C:\Windows\System32\nvd3dumx.dll
2017-05-19 21:44:40 13527280 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2017-05-19 21:44:32 11129704 ----a-w- C:\Windows\System32\nvcuda.dll
2017-05-19 21:44:30 9335336 ----a-w- C:\Windows\SysWow64\nvcuda.dll
2017-05-19 21:44:28 4120440 ----a-w- C:\Windows\System32\nvapi64.dll
2017-05-19 21:44:26 3632536 ----a-w- C:\Windows\SysWow64\nvapi.dll
2017-05-14 20:46:52 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2017-05-14 20:46:38 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2017-05-14 20:28:46 66560 ----a-w- C:\Windows\System32\iesetup.dll
2017-05-14 20:27:37 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2017-05-14 20:27:27 417792 ----a-w- C:\Windows\System32\html.iec
2017-05-14 20:27:02 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2017-05-14 20:26:51 576512 ----a-w- C:\Windows\System32\vbscript.dll
2017-05-14 20:10:55 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2017-05-14 20:10:54 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2017-05-14 20:10:34 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2017-05-14 20:01:39 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2017-05-14 19:55:35 5975040 ----a-w- C:\Windows\System32\jscript9.dll
2017-05-14 19:48:14 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2017-05-14 19:47:32 87552 ----a-w- C:\Windows\System32\tdc.ocx
2017-05-14 19:37:40 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2017-05-14 19:23:12 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2017-05-14 19:22:36 499200 ----a-w- C:\Windows\SysWow64\vbscript.dll
2017-05-14 19:22:26 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2017-05-14 19:22:10 341504 ----a-w- C:\Windows\SysWow64\html.iec
2017-05-14 19:21:04 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2017-05-14 19:18:33 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2017-05-14 19:17:59 2132992 ----a-w- C:\Windows\System32\inetcpl.cpl
2017-05-14 19:11:03 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2017-05-14 19:10:43 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2017-05-14 18:57:57 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
.
============= FINISH: 11:51:21.31 ===============

I have windows home premium x64 DVD.

random start happened when I played games. It is annoying almost impossible. I did a clean reinstall, it helps at the beginning but it comes back.
What else do you need to know ?
BTW, I keep all the old passwords, is it seriously harmful ?
Attached Files
File Type: txt attach.txt (6.3 KB, 199 views)
learnmore7 is offline  
Sponsored Links
Advertisement
 
Old 07-10-2017, 04:06 PM   #2
Registered Member
 
learnmore7's Avatar
 
Join Date: Jul 2017
Posts: 29
OS: windows 7 home premium



The random restarts when I played games is very serious. It happened every 10-20 minutes or less.
learnmore7 is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Urgent help needed to remove multiple virus :win64/patched.A and Trojan.
Dear tech guru, I got hit by the FBI virus a day and a half ago and later more viruses came in unexpected. Here are the details of my computer and the viruses. I have already backed up my system, and ran the tdsskiller and otl. I would like to completely get rid of the viruses. Your help is...
deesw8 Resolved HJT Threads 52 11-05-2012 09:56 AM
I scanned =o
Hi. I was redirected from this thread and told to virus scan and stuff. So here it is! Dds: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.0.0 Run by Pojo at 11:59:08 on 2012-09-28 Microsoft Windows 7 Home Premium ...
Paranite Resolved HJT Threads 18 10-21-2012 07:25 AM
computer freezes redirects to different sites on google
Please help. My computer has been running slow and many times when I upload a page it says it is not responding. The other issue is that when I do a search on google and click on the correct search,it directs me to another soliciting site. I have tried to run GMER both ways and it just will not...
lubo1 Inactive Malware Help Topics 8 02-21-2011 09:28 PM
Need some help. Virus/malware Thanks!
:upset: Tons of popup windows saying this file is infected and that file is infected, do I want to open up my security software (and this isn't my CA security suite doing this). Even if I'm using Firefox random windows in IE will open with (******.com/porno.com/adult.com). Hardly any...
R_Willis Inactive Malware Help Topics 7 01-20-2011 09:50 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 01:10 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts