dispell
2011-06-29, 05:24
Hi,
I'm new here.
Lately my laptop has been shutting down due to bugchecks when i leave it on alone. Most of the time its blue-screening giving IRQL not less or equal or page fault in nonpaged area errors. Any ideas on how to go from here?
.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24
Run by Eric at 10:42:27 on 2011-06-29
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.60.1033.18.3884.2480 [GMT 8:00]
.
AV: AntiVir Desktop *Enabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
D:\Program Files (x86)\i2p\I2Psvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\SysWOW64\java.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uInternet Settings,ProxyServer = http=127.0.0.1:4444;https=127.0.0.1:4445
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Rainlendar2] D:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
uRun: [AdobeBridge]
mRun: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
Trusted Zone: 111222.cn\list1
Trusted Zone: pps.tv\kan
Trusted Zone: pps.tv\list1
Trusted Zone: pps.tv\tvguide
Trusted Zone: pps.tv\vodguide
Trusted Zone: ppstream.com\list1
Trusted Zone: ppstream.com\notice
Trusted Zone: ppstream.com\xml1
Trusted Zone: ppstream.com\xml2
Trusted Zone: ppstream.com\xml3
Trusted Zone: ppstream.net\list1
Trusted Zone: ppstv.com\list1
Trusted Zone: ppstv.net\list1
Trusted Zone: security_PPStream.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04}\2456C6B696E6E233241333 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04}\358414B42514A4 : DhcpNameServer = 58.71.136.10 58.71.132.10
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04}\45D23405250225F626F647963637 : DhcpNameServer = 202.188.0.133 202.188.1.5 10.99.72.10
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04}\63437373 : NameServer = 208.67.220.220,208.67.222.222
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04}\63437373 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04}\8696F6E6767657F6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{65C4AC78-AF4C-474E-B74A-DB8B4D946CDB} : DhcpNameServer = 178.32.51.4 76.73.18.50
TCP: Interfaces\{E34D4CE9-9847-4AEA-BAA9-A14C9521EB78} : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\4bgjvrja.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-GB.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-GB:official
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 4444
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 4445
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Eric\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Users\Eric\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll
FF - plugin: D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: British English Dictionary: http://forums.spybot.info/misc.php?do=email_dev&email=ZW4tR0JAZGljdGlvbmFyaWVzLmFkZG9ucy5tb3ppbGxhLm9yZw== - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: Flash Video Resources Downloader: http://forums.spybot.info/misc.php?do=email_dev&email=bWF4QHN1YmZpZ2h0ZXIuY29t - %profile%\extensions\max@subfighter.com
FF - Ext: Screengrab: {02450954-cdd9-410f-b1da-db804e18c671} - %profile%\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - %profile%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
FF - Ext: FoxyProxy Standard: http://forums.spybot.info/misc.php?do=email_dev&email=Zm94eXByb3h5QGVyaWMuaC5qdW5n - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: FoxyProxy Basic: http://forums.spybot.info/misc.php?do=email_dev&email=Zm94eXByb3h5QGVyaWMuaC5qdW5n - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Ghostery: http://forums.spybot.info/misc.php?do=email_dev&email=ZmlyZWZveEBnaG9zdGVyeS5jb20= - %profile%\extensions\firefox@ghostery.com
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-8-25 136360]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-8-25 269480]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 cpuz134;cpuz134;\??\C:\Windows\system32\drivers\cpuz134_x64.sys --> C:\Windows\system32\drivers\cpuz134_x64.sys [?]
R2 i2p;I2P Service;D:\Program Files (x86)\i2p\I2Psvc.exe [2011-6-16 126976]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-8-25 1620584]
R2 Sentinel64;Sentinel64;C:\Windows\system32\Drivers\Sentinel64.sys --> C:\Windows\system32\Drivers\Sentinel64.sys [?]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-6-9 2314240]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 copperhd;Razer Copperhead Driver;C:\Windows\system32\drivers\copperhd.sys --> C:\Windows\system32\drivers\copperhd.sys [?]
S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 niemrkw;niemrkw;C:\Windows\system32\DRIVERS\niemrkw.sys --> C:\Windows\system32\DRIVERS\niemrkw.sys [?]
S3 p2pfilter;p2pfilter;D:\Program Files (x86)\p2pover\p2pfilter.sys [2005-5-10 4524]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-8-7 118672]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 nidevldu;NI Device Loader;C:\Windows\SysWOW64\nipalsm.exe --> C:\Windows\SysWOW64\nipalsm.exe [?]
S4 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-6-5 1153368]
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
VBEFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-06-27 17:28:28 -------- d-sh--w- C:\$RECYCLE.BIN
2011-06-23 13:21:20 -------- d-----w- C:\Users\Eric\AppData\Local\{DEB34CCF-B18D-4C38-8534-72F61F977247}
2011-06-22 14:10:54 -------- d-----w- C:\Users\Eric\AppData\Local\{84623AAB-8899-4423-9E37-AF7570D3B1A5}
2011-06-18 08:14:19 -------- d-----w- C:\Users\Eric\AppData\Roaming\cYo
2011-06-18 08:14:19 -------- d-----w- C:\Users\Eric\AppData\Local\cYo
2011-06-16 19:10:02 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys
2011-06-16 19:07:10 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-16 19:07:09 499712 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-06-16 19:06:51 759296 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2011-06-16 19:06:51 1110528 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-06-16 19:06:25 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-06-16 19:06:24 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-06-16 19:06:24 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-06-16 19:05:12 3133952 ----a-w- C:\Windows\System32\win32k.sys
2011-06-16 19:04:00 696592 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2011-06-16 19:04:00 673040 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2011-06-16 19:04:00 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-06-16 19:04:00 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-06-16 19:02:58 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-06-16 19:02:58 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-06-16 07:06:13 -------- d-----w- C:\Users\Eric\AppData\Local\{EF461956-775E-4BB2-BD08-D76BE78A0062}
2011-06-15 17:13:52 -------- d-----w- C:\Users\Eric\AppData\Roaming\i2p
2011-06-15 16:33:57 -------- d-----w- C:\Users\Eric\AppData\Roaming\mIRC
2011-06-14 14:57:05 -------- d-----w- C:\Users\Eric\AppData\Local\{144629BE-67D8-4641-90EC-BA23C700D320}
2011-06-12 13:04:21 -------- d-----w- C:\Users\Eric\AppData\Local\{7D2F0E85-581E-470C-B412-C7330D9CDF16}
2011-06-09 17:28:08 -------- d-----w- C:\Users\Eric\AppData\Roaming\PowerSHAPE
2011-06-09 16:50:54 102400 ----a-w- C:\Windows\SysWow64\tsccvid.dll
2011-06-09 16:50:52 -------- d-----w- C:\Program Files (x86)\Common Files\Delcam
2011-06-09 16:48:33 145448 ----a-w- C:\Windows\System32\drivers\sentinel64.sys
2011-06-09 16:48:28 -------- d-----w- C:\Program Files (x86)\Common Files\SafeNet Sentinel
2011-06-08 16:53:48 -------- d-----w- C:\Users\Eric\AppData\Local\{E69BD3A8-CD87-4FE4-872A-AAB3390B3371}
2011-06-08 04:53:03 -------- d-----w- C:\Users\Eric\AppData\Local\{6712B749-6F5D-45D5-B643-28B2E0E815F7}
2011-06-07 16:07:07 -------- d-----w- C:\Users\Eric\AppData\Local\{BD8FB1C7-F43C-45BD-A3FC-9ABE2976072F}
2011-06-05 14:57:36 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-06-05 14:57:36 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-06-05 14:17:59 -------- d-----w- C:\Program Files\Speccy
2011-06-05 14:16:22 -------- d-----w- C:\Program Files\CCleaner
2011-06-05 08:37:19 -------- d-----w- C:\Users\Eric\AppData\Roaming\Malwarebytes
2011-06-05 08:37:14 39984 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-05 08:37:11 -------- d-----w- C:\ProgramData\Malwarebytes
2011-06-05 08:37:08 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-06-05 08:37:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-05 08:11:32 -------- d-----w- C:\symbols
2011-06-05 08:08:29 -------- d-----w- C:\WinDDK
2011-06-04 15:04:15 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys
2011-06-04 15:04:14 109056 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2011-06-04 14:34:30 -------- d-----w- C:\Program Files (x86)\MagicISO
2011-06-04 14:23:02 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-06-04 14:23:02 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-05-30 04:56:48 -------- d-----w- C:\Users\Eric\AppData\Local\{3465EE07-CC3C-4191-887C-C776A1463DDA}
.
==================== Find3M ====================
.
2011-04-29 03:13:10 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-04-29 03:12:54 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-04-29 03:12:37 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-04-22 20:18:47 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-04-22 20:18:28 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-04-22 20:14:08 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-04-22 19:31:50 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-04-22 19:31:26 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-04-22 18:49:57 482816 ----a-w- C:\Windows\System32\html.iec
2011-04-22 18:23:59 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-04-09 06:58:56 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-04-09 06:45:48 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-04-09 06:13:06 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13:06 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56:38 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2003-06-19 03:05:04 431888 --s-a-w- C:\Program Files (x86)\Common Files\riched20.dll
.
============= FINISH: 10:43:26.30 ===============
I'm new here.
Lately my laptop has been shutting down due to bugchecks when i leave it on alone. Most of the time its blue-screening giving IRQL not less or equal or page fault in nonpaged area errors. Any ideas on how to go from here?
.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24
Run by Eric at 10:42:27 on 2011-06-29
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.60.1033.18.3884.2480 [GMT 8:00]
.
AV: AntiVir Desktop *Enabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
D:\Program Files (x86)\i2p\I2Psvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\SysWOW64\java.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uInternet Settings,ProxyServer = http=127.0.0.1:4444;https=127.0.0.1:4445
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Rainlendar2] D:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
uRun: [AdobeBridge]
mRun: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
Trusted Zone: 111222.cn\list1
Trusted Zone: pps.tv\kan
Trusted Zone: pps.tv\list1
Trusted Zone: pps.tv\tvguide
Trusted Zone: pps.tv\vodguide
Trusted Zone: ppstream.com\list1
Trusted Zone: ppstream.com\notice
Trusted Zone: ppstream.com\xml1
Trusted Zone: ppstream.com\xml2
Trusted Zone: ppstream.com\xml3
Trusted Zone: ppstream.net\list1
Trusted Zone: ppstv.com\list1
Trusted Zone: ppstv.net\list1
Trusted Zone: security_PPStream.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04}\2456C6B696E6E233241333 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04}\358414B42514A4 : DhcpNameServer = 58.71.136.10 58.71.132.10
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04}\45D23405250225F626F647963637 : DhcpNameServer = 202.188.0.133 202.188.1.5 10.99.72.10
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04}\63437373 : NameServer = 208.67.220.220,208.67.222.222
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04}\63437373 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{59CF59F4-29A2-4918-93B6-C4C3C1481E04}\8696F6E6767657F6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{65C4AC78-AF4C-474E-B74A-DB8B4D946CDB} : DhcpNameServer = 178.32.51.4 76.73.18.50
TCP: Interfaces\{E34D4CE9-9847-4AEA-BAA9-A14C9521EB78} : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\4bgjvrja.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-GB.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-GB:official
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 4444
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 4445
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Eric\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Users\Eric\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll
FF - plugin: D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: British English Dictionary: http://forums.spybot.info/misc.php?do=email_dev&email=ZW4tR0JAZGljdGlvbmFyaWVzLmFkZG9ucy5tb3ppbGxhLm9yZw== - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org
FF - Ext: Flash Video Resources Downloader: http://forums.spybot.info/misc.php?do=email_dev&email=bWF4QHN1YmZpZ2h0ZXIuY29t - %profile%\extensions\max@subfighter.com
FF - Ext: Screengrab: {02450954-cdd9-410f-b1da-db804e18c671} - %profile%\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - %profile%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
FF - Ext: FoxyProxy Standard: http://forums.spybot.info/misc.php?do=email_dev&email=Zm94eXByb3h5QGVyaWMuaC5qdW5n - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: FoxyProxy Basic: http://forums.spybot.info/misc.php?do=email_dev&email=Zm94eXByb3h5QGVyaWMuaC5qdW5n - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Ghostery: http://forums.spybot.info/misc.php?do=email_dev&email=ZmlyZWZveEBnaG9zdGVyeS5jb20= - %profile%\extensions\firefox@ghostery.com
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-8-25 136360]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-8-25 269480]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 cpuz134;cpuz134;\??\C:\Windows\system32\drivers\cpuz134_x64.sys --> C:\Windows\system32\drivers\cpuz134_x64.sys [?]
R2 i2p;I2P Service;D:\Program Files (x86)\i2p\I2Psvc.exe [2011-6-16 126976]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-8-25 1620584]
R2 Sentinel64;Sentinel64;C:\Windows\system32\Drivers\Sentinel64.sys --> C:\Windows\system32\Drivers\Sentinel64.sys [?]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-6-9 2314240]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 copperhd;Razer Copperhead Driver;C:\Windows\system32\drivers\copperhd.sys --> C:\Windows\system32\drivers\copperhd.sys [?]
S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 niemrkw;niemrkw;C:\Windows\system32\DRIVERS\niemrkw.sys --> C:\Windows\system32\DRIVERS\niemrkw.sys [?]
S3 p2pfilter;p2pfilter;D:\Program Files (x86)\p2pover\p2pfilter.sys [2005-5-10 4524]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-8-7 118672]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 nidevldu;NI Device Loader;C:\Windows\SysWOW64\nipalsm.exe --> C:\Windows\SysWOW64\nipalsm.exe [?]
S4 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-6-5 1153368]
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
VBEFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-06-27 17:28:28 -------- d-sh--w- C:\$RECYCLE.BIN
2011-06-23 13:21:20 -------- d-----w- C:\Users\Eric\AppData\Local\{DEB34CCF-B18D-4C38-8534-72F61F977247}
2011-06-22 14:10:54 -------- d-----w- C:\Users\Eric\AppData\Local\{84623AAB-8899-4423-9E37-AF7570D3B1A5}
2011-06-18 08:14:19 -------- d-----w- C:\Users\Eric\AppData\Roaming\cYo
2011-06-18 08:14:19 -------- d-----w- C:\Users\Eric\AppData\Local\cYo
2011-06-16 19:10:02 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys
2011-06-16 19:07:10 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-16 19:07:09 499712 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-06-16 19:06:51 759296 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2011-06-16 19:06:51 1110528 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-06-16 19:06:25 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-06-16 19:06:24 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-06-16 19:06:24 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-06-16 19:05:12 3133952 ----a-w- C:\Windows\System32\win32k.sys
2011-06-16 19:04:00 696592 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2011-06-16 19:04:00 673040 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2011-06-16 19:04:00 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-06-16 19:04:00 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-06-16 19:02:58 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-06-16 19:02:58 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-06-16 07:06:13 -------- d-----w- C:\Users\Eric\AppData\Local\{EF461956-775E-4BB2-BD08-D76BE78A0062}
2011-06-15 17:13:52 -------- d-----w- C:\Users\Eric\AppData\Roaming\i2p
2011-06-15 16:33:57 -------- d-----w- C:\Users\Eric\AppData\Roaming\mIRC
2011-06-14 14:57:05 -------- d-----w- C:\Users\Eric\AppData\Local\{144629BE-67D8-4641-90EC-BA23C700D320}
2011-06-12 13:04:21 -------- d-----w- C:\Users\Eric\AppData\Local\{7D2F0E85-581E-470C-B412-C7330D9CDF16}
2011-06-09 17:28:08 -------- d-----w- C:\Users\Eric\AppData\Roaming\PowerSHAPE
2011-06-09 16:50:54 102400 ----a-w- C:\Windows\SysWow64\tsccvid.dll
2011-06-09 16:50:52 -------- d-----w- C:\Program Files (x86)\Common Files\Delcam
2011-06-09 16:48:33 145448 ----a-w- C:\Windows\System32\drivers\sentinel64.sys
2011-06-09 16:48:28 -------- d-----w- C:\Program Files (x86)\Common Files\SafeNet Sentinel
2011-06-08 16:53:48 -------- d-----w- C:\Users\Eric\AppData\Local\{E69BD3A8-CD87-4FE4-872A-AAB3390B3371}
2011-06-08 04:53:03 -------- d-----w- C:\Users\Eric\AppData\Local\{6712B749-6F5D-45D5-B643-28B2E0E815F7}
2011-06-07 16:07:07 -------- d-----w- C:\Users\Eric\AppData\Local\{BD8FB1C7-F43C-45BD-A3FC-9ABE2976072F}
2011-06-05 14:57:36 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-06-05 14:57:36 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-06-05 14:17:59 -------- d-----w- C:\Program Files\Speccy
2011-06-05 14:16:22 -------- d-----w- C:\Program Files\CCleaner
2011-06-05 08:37:19 -------- d-----w- C:\Users\Eric\AppData\Roaming\Malwarebytes
2011-06-05 08:37:14 39984 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-05 08:37:11 -------- d-----w- C:\ProgramData\Malwarebytes
2011-06-05 08:37:08 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-06-05 08:37:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-05 08:11:32 -------- d-----w- C:\symbols
2011-06-05 08:08:29 -------- d-----w- C:\WinDDK
2011-06-04 15:04:15 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys
2011-06-04 15:04:14 109056 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2011-06-04 14:34:30 -------- d-----w- C:\Program Files (x86)\MagicISO
2011-06-04 14:23:02 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-06-04 14:23:02 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-05-30 04:56:48 -------- d-----w- C:\Users\Eric\AppData\Local\{3465EE07-CC3C-4191-887C-C776A1463DDA}
.
==================== Find3M ====================
.
2011-04-29 03:13:10 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-04-29 03:12:54 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-04-29 03:12:37 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-04-22 20:18:47 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-04-22 20:18:28 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-04-22 20:14:08 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-04-22 19:31:50 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-04-22 19:31:26 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-04-22 18:49:57 482816 ----a-w- C:\Windows\System32\html.iec
2011-04-22 18:23:59 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-04-09 06:58:56 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-04-09 06:45:48 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-04-09 06:13:06 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13:06 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56:38 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2003-06-19 03:05:04 431888 --s-a-w- C:\Program Files (x86)\Common Files\riched20.dll
.
============= FINISH: 10:43:26.30 ===============