DDS (Ver_09-11-29.01) - NTFSX64 Run by Tommy at 16:50:47,72 on 30.11.2009 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_16 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.47.1033.18.4095.2648 [GMT 1:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Fraps\fraps.exe C:\Program Files (x86)\RegCure\RegCure.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\SysWOW64\PnkBstrB.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe C:\Windows\System32\rundll32.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\Program Files (x86)\CoreTemp64\Core Temp.exe C:\Windows\system32\taskhost.exe C:\Users\Tommy\AppData\Local\Microsoft\Windows\CTSysVol.exe C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Fraps\fraps64.dat C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe C:\Program Files (x86)\Logitech\G35\G35.exe C:\Program Files (x86)\Java\jre6\bin\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Windows Media Player\WMPSideShowGadget.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files (x86)\Steam\Steam.exe C:\Windows\system32\taskhost.exe c:\program files\windows defender\MpCmdRun.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Tommy\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll BHO: Påloggingshjelp for Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll uRun: [Core Temp] "c:\program files (x86)\coretemp64\Core Temp.exe" uRun: [CTSysVol.exe] "c:\users\tommy\appdata\local\microsoft\windows\CTSysVol.exe" uRun: [S60 PC Suite Tray] "c:\program files (x86)\samsung\samsung pc studio 7\PCSuite.exe" -onlytray mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe" mRun: [GrooveMonitor] "c:\program files (x86)\microsoft office\office12\GrooveMonitor.exe" mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Logitech G35] c:\program files (x86)\logitech\g35\G35.exe mRun: [SunJavaUpdateSched] "c:\program files (x86)\java\jre6\bin\jusched.exe" mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe" dRun: [Samsung.PCSync] "c:\program files (x86)\samsung\samsung pc studio 7\PcSync2.exe" /NoDialog StartupFolder: c:\users\tommy\appdata\roaming\micros~1\windows\startm~1\programs\startup\reguser.lnk - c:\windows\syswow64\reguser.exe StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~2\micros~2\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office12\REFIEBAR.DLL LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvLsp.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe -s mRun-x64: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe" mRun-x64: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe" mRun-x64: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-10-11 89680] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-10-11 22096] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-10-11 65616] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-11-29 138680] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-11-29 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-11-29 352920] R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\drivers\ladfDHP2amd64.sys [2009-5-28 61712] R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\drivers\ladfSBVMamd64.sys [2009-5-28 376848] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-7-14 22408] S3 nmwcdsacjx64;Samsung USB Port;c:\windows\system32\drivers\nmwcdsacjx64.sys [2007-5-2 17408] S3 nmwcdsacmx64;Samsung USB Modem;c:\windows\system32\drivers\nmwcdsacmx64.sys [2007-5-2 17408] S3 nmwcdsacx64;Samsung USB Generic;c:\windows\system32\drivers\nmwcdsacx64.sys [2007-5-2 12288] S3 nmwcdsax64;Samsung USB Phone Parent;c:\windows\system32\drivers\nmwcdsax64.sys [2007-5-2 171008] =============== Created Last 30 ================ 2009-11-26 16:43:37 0 d-----w- c:\program files\WinRAR 2009-11-25 19:15:44 2048 ----a-w- c:\windows\syswow64\tzres.dll 2009-11-25 19:15:44 2048 ----a-w- c:\windows\system32\tzres.dll 2009-11-25 19:15:31 0 d-----w- c:\program files (x86)\MSXML 4.0 2009-11-25 18:28:47 0 d-----w- c:\programdata\RegCure 2009-11-24 14:50:58 0 d-----w- c:\programdata\SUPERAntiSpyware.com 2009-11-24 14:42:47 0 d-----w- c:\users\tommy\appdata\roaming\SUPERAntiSpyware.com 2009-11-23 20:29:54 0 d-----w- c:\program files (x86)\CCleaner 2009-11-20 20:31:00 886376 ----a-w- c:\windows\system32\nvsvc64.dll 2009-11-20 20:31:00 151144 ----a-w- c:\windows\system32\nvvsvc.exe 2009-11-20 20:31:00 13825128 ----a-w- c:\windows\system32\nvcpl.dll 2009-11-20 20:31:00 115816 ----a-w- c:\windows\system32\nvmctray.dll 2009-11-20 20:30:56 64882 ----a-w- c:\windows\system32\NvwsApps.xml 2009-11-20 20:30:56 272278 ----a-w- c:\windows\system32\NvApps.xml 2009-11-19 14:37:22 42 ----a-w- c:\windows\syswow64\RegistryEasy.lie 2009-11-08 21:28:20 0 d-----w- c:\program files (x86)\Ventrilo Mix 2009-11-06 18:36:28 0 d-----w- c:\program files (x86)\Need for Speed SHIFT Crack 2009-11-06 18:35:54 90112 ----a-w- c:\windows\syswow64\reguser.exe 2009-11-06 18:35:52 8815648 ----a-w- c:\users\tommy\Need for Speed SHIFT Crack.rar 2009-11-06 14:50:05 0 d-----w- C:\Fraps 2009-11-06 14:13:19 0 d-----w- c:\program files (x86)\CoreTemp64 2009-11-06 09:59:54 15406728 ----a-w- c:\windows\syswow64\xlive.dll 2009-11-06 09:59:54 13642888 ----a-w- c:\windows\syswow64\xlivefnt.dll 2009-11-06 09:58:04 178975 ----a-w- c:\windows\syswow64\xlive.dll.cat 2009-11-04 10:25:43 5958656 ----a-w- c:\windows\syswow64\mshtml.dll 2009-11-02 20:06:38 0 d-----w- c:\program files\NVIDIA Corporation 2009-11-02 17:05:36 167064 ----a-w- c:\windows\syswow64\xliveinstall.dll 2009-11-02 17:05:34 71832 ----a-w- c:\windows\syswow64\xliveinstallhost.exe 2009-10-31 23:13:32 0 d-----w- c:\program files\iTunes 2009-10-31 23:13:32 0 d-----w- c:\program files\iPod 2009-10-31 23:13:32 0 d-----w- c:\program files (x86)\iTunes ==================== Find3M ==================== 2009-11-29 12:23:12 78250 ----a-w- c:\windows\system32\perfc014.dat 2009-11-29 12:23:12 456276 ----a-w- c:\windows\system32\perfh014.dat 2009-11-24 23:54:29 1280480 ----a-w- c:\windows\syswow64\aswBoot.exe 2009-11-24 23:49:56 65616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2009-11-24 21:12:32 215104 ----a-w- c:\windows\syswow64\PnkBstrB.exe 2009-11-20 18:18:00 4990056 ----a-w- c:\windows\syswow64\NVStWiz.exe 2009-11-19 20:43:02 645736 ----a-w- c:\windows\system32\nvuninst.exe 2009-11-02 19:42:06 226688 ------w- c:\windows\system32\MpSigStub.exe 2009-10-27 13:02:01 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01007.Wdf 2009-10-26 23:41:58 178800 ----a-w- c:\windows\syswow64\CmdLineExt_x64.dll 2009-10-26 23:00:06 669184 ----a-w- c:\windows\syswow64\pbsvc.exe 2009-10-22 11:55:01 411368 ----a-w- c:\windows\syswow64\deploytk.dll 2009-10-22 11:55:01 149280 ----a-w- c:\windows\syswow64\javaws.exe 2009-10-22 11:55:01 145184 ----a-w- c:\windows\syswow64\javaw.exe 2009-10-22 11:55:01 145184 ----a-w- c:\windows\syswow64\java.exe 2009-10-21 19:23:21 75064 ----a-w- c:\windows\syswow64\PnkBstrA.exe 2009-10-16 16:33:51 419840 ----a-w- c:\windows\system32\wrap_oal.dll 2009-10-16 16:33:51 413696 ----a-w- c:\windows\syswow64\wrap_oal.dll 2009-10-16 16:33:51 133632 ----a-w- c:\windows\system32\OpenAL32.dll 2009-10-16 16:33:51 110592 ----a-w- c:\windows\syswow64\OpenAL32.dll 2009-10-15 10:41:48 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2009-10-15 00:01:24 27536 ----a-w- c:\windows\system32\xfcodec64.dll 2009-10-14 20:48:30 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf 2009-10-14 20:48:30 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf 2009-10-14 20:39:48 0 ---ha-w- c:\windows\system32\drivers\Msft_User_lgSSBW_01_00_00.Wdf 2009-10-14 20:39:45 0 ---ha-w- c:\windows\system32\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf 2009-10-11 12:04:35 36156 ----a-w- c:\windows\system32\perfd014.dat 2009-10-11 12:04:35 36156 ----a-w- c:\windows\inf\perflib\0414\perfd.dat 2009-10-11 12:04:35 36156 ----a-w- c:\windows\inf\perflib\0414\perfc.dat 2009-10-11 12:04:35 298300 ----a-w- c:\windows\system32\perfi014.dat 2009-10-11 12:04:35 298300 ----a-w- c:\windows\inf\perflib\0414\perfi.dat 2009-10-11 12:04:35 298300 ----a-w- c:\windows\inf\perflib\0414\perfh.dat 2009-10-02 04:32:07 982600 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2009-09-27 17:23:00 4546152 ----a-w- c:\windows\system32\nvvitvs.dll 2009-09-27 17:23:00 3746920 ----a-w- c:\windows\system32\nvwss.dll 2009-09-27 17:23:00 289896 ----a-w- c:\windows\system32\nvmccss.dll 2009-09-27 17:23:00 1647720 ----a-w- c:\windows\system32\nvmobls.dll 2009-09-27 17:23:00 1646696 ----a-w- c:\windows\system32\nvsvs.dll 2009-09-27 17:22:00 5426792 ----a-w- c:\windows\system32\nvdisps.dll 2009-09-27 17:22:00 5208168 ----a-w- c:\windows\system32\nvgames.dll 2009-09-27 16:24:22 3778664 ----a-w- c:\windows\system32\nvcplui.exe 2009-09-27 16:22:00 244840 ----a-w- c:\windows\system32\nvshext.dll 2009-09-27 14:12:22 930272 ----a-w- c:\windows\system32\dpinst.exe 2009-09-27 14:12:22 183912 ----a-w- c:\windows\system32\nvcod167.dll 2009-09-22 19:14:32 436768 ----a-w- c:\windows\system32\RtkApi64.dll 2009-09-22 19:14:32 1671200 ----a-w- c:\windows\system32\RtkAPO64.dll 2009-09-22 19:14:26 64032 ----a-w- c:\windows\system32\RCoInst64.dll 2009-09-22 19:14:26 1178656 ----a-w- c:\windows\system32\RTCOM64.dll 2009-09-22 19:14:24 332320 ----a-w- c:\windows\system32\RtlCPAPI64.dll 2009-09-22 19:14:24 149536 ----a-w- c:\windows\system32\RtkCfg64.dll 2009-09-22 19:14:24 1483296 ----a-w- c:\windows\system32\RtPgEx64.dll 2009-09-10 17:06:06 307200 ----a-w- c:\windows\system32\FMAPO64.dll 2009-09-10 06:28:22 311808 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 05:52:05 257024 ----a-w- c:\windows\syswow64\msv1_0.dll 2009-09-05 05:56:22 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll 2009-09-04 16:44:42 73544 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2009-09-04 16:44:40 69464 ----a-w- c:\windows\syswow64\XAPOFX1_3.dll 2009-09-04 16:44:40 517960 ----a-w- c:\windows\system32\XAudio2_5.dll 2009-09-04 16:44:40 515416 ----a-w- c:\windows\syswow64\XAudio2_5.dll 2009-09-04 16:44:40 238936 ----a-w- c:\windows\syswow64\xactengine3_5.dll 2009-09-04 16:44:40 176968 ----a-w- c:\windows\system32\xactengine3_5.dll 2009-09-04 16:29:34 453456 ----a-w- c:\windows\syswow64\d3dx10_42.dll 2009-09-04 16:29:34 235344 ----a-w- c:\windows\syswow64\d3dx11_42.dll 2009-09-04 16:29:32 5501792 ----a-w- c:\windows\syswow64\d3dcsx_42.dll 2009-09-04 16:29:32 1974616 ----a-w- c:\windows\syswow64\D3DCompiler_42.dll 2009-09-04 16:29:30 1892184 ----a-w- c:\windows\syswow64\D3DX9_42.dll 2009-09-04 16:29:24 5554512 ----a-w- c:\windows\system32\d3dcsx_42.dll 2009-09-04 16:29:24 523088 ----a-w- c:\windows\system32\d3dx10_42.dll 2009-09-04 16:29:24 285024 ----a-w- c:\windows\system32\d3dx11_42.dll 2009-09-04 16:29:22 2582888 ----a-w- c:\windows\system32\D3DCompiler_42.dll 2009-09-04 16:29:20 2475352 ----a-w- c:\windows\system32\D3DX9_42.dll 2009-09-03 07:36:39 1975296 ----a-w- c:\windows\system32\CertEnroll.dll 2009-09-03 07:04:15 1320960 ----a-w- c:\windows\syswow64\CertEnroll.dll 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini 2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 05:12:52 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat 2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 16:51:28,00 ===============