DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 8.0.7600.16385
Run by KKK at 20:21:45 on 2011-05-25
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.39.1033.18.4077.2807 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Alice ti aiuta\McciTrayApp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\notepad.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\KKK\Desktop\dds.scr
C:\Windows\SysWOW64\WSCRIPT.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [AliceRV_McciTrayApp] C:\Program Files (x86)\Alice ti aiuta\McciTrayApp.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\KKK\AppData\Roaming\Mozilla\Firefox\Profiles\j69kpwc0.default\
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
.
============= SERVICES / DRIVERS ===============
.
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-27 378472]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
.
=============== Created Last 30 ================
.
2011-05-25 21:28:10 -------- d-----w- C:\Windows\Panther
2011-05-25 18:07:28 98816 ----a-w- C:\Windows\sed.exe
2011-05-25 18:07:28 89088 ----a-w- C:\Windows\MBR.exe
2011-05-25 18:07:28 256512 ----a-w- C:\Windows\PEV.exe
2011-05-25 18:07:28 161792 ----a-w- C:\Windows\SWREG.exe
2011-05-25 17:33:06 -------- d-----w- C:\Users\KKK\AppData\Roaming\Malwarebytes
2011-05-25 17:33:04 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-25 17:33:04 -------- d-----w- C:\ProgramData\Malwarebytes
2011-05-25 17:33:01 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-05-25 17:33:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-05-25 17:19:48 -------- d-----w- C:\Program Files (x86)\osu!
2011-05-25 17:19:44 -------- d-----w- C:\Users\KKK\AppData\Roaming\Downloaded Installations
2011-05-25 16:49:10 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-05-25 16:49:10 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-25 16:42:24 388096 ----a-r- C:\Users\KKK\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-05-25 16:42:24 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-05-25 16:18:03 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
2011-05-25 16:18:03 1898376 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-05-25 16:13:45 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{84506EB5-8466-48ED-80AB-16F5D8DCF428}\mpengine.dll
2011-05-25 16:13:45 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-05-25 15:59:04 102912 --sha-r- C:\Windows\SysWow64\msvcrt204.dll
2011-05-25 15:27:28 -------- d-----w- C:\Windows\Roaming
2011-05-25 15:27:28 -------- d-----w- C:\Program Files (x86)\Common Files\Motive
2011-05-25 15:27:28 -------- d-----w- C:\Program Files (x86)\Common Files\AliceRV
2011-05-25 15:27:28 -------- d-----w- C:\Program Files (x86)\Alice ti aiuta
2011-05-25 15:24:51 -------- d-----w- C:\Program Files (x86)\Alice Messenger
2011-05-25 15:19:11 412776 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2011-05-25 15:19:10 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2011-05-25 15:19:10 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2011-05-25 15:19:07 -------- d-----w- C:\Program Files (x86)\Realtek
2011-05-25 14:54:07 -------- d-----w- C:\Users\KKK\AppData\Local\Diagnostics
2011-05-25 14:37:58 -------- d-----w- C:\Program Files (x86)\Telecom Italia
2011-05-25 14:37:51 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-05-25 14:37:51 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-05-25 14:37:51 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-05-25 14:37:51 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-05-25 12:43:18 -------- d-----w- C:\Users\KKK\AppData\Local\Microsoft Games
2011-05-25 11:56:03 29288 ----a-w- C:\Windows\System32\nvhdap64.dll
2011-05-25 11:56:03 155752 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2011-05-25 11:56:03 1359976 ----a-w- C:\Windows\System32\nvgenco64hda.dll
2011-05-25 11:54:58 12858472 ----a-w- C:\Windows\System32\nvd3dumx.dll
2011-05-25 11:48:23 -------- d-----w- C:\Recovery
.
==================== Find3M ====================
.
2011-05-25 15:55:21 833024 ----a-w- C:\Windows\SysWow64\user32.dll.old
2011-05-25 15:55:21 1008640 ----a-w- C:\Windows\System32\user32.dll.old
.
============= FINISH: 20:21:52,87 ===============
attach
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-05-19.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 25/05/2011 13:31:14
System Uptime: 25/05/2011 19:48:15 (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P8H67
Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz | LGA1155 | 3301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 244 GiB total, 226,042 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_1B21&DEV_1042&SUBSYS_84881043&REV_00\4&16B16BD2&0&00E7
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_1B21&DEV_1042&SUBSYS_84881043&REV_00\4&16B16BD2&0&00E7
Service:
.
Class GUID:
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_8086&DEV_1C3A&SUBSYS_844D1043&REV_04\3&11583659&0&B0
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_8086&DEV_1C3A&SUBSYS_844D1043&REV_04\3&11583659&0&B0
Service:
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_844D1043&REV_05\3&11583659&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_844D1043&REV_05\3&11583659&0&FB
Service:
.
==== System Restore Points ===================
.
RP1: 25/05/2011 14:11:30 - Windows Update
RP2: 25/05/2011 16:38:17 - Installato Installazione Guidata Alice
RP3: 25/05/2011 17:03:18 - Installato Installazione Guidata Alice
RP4: 25/05/2011 17:19:02 - Installato Realtek Ethernet Controller Driver
RP5: 25/05/2011 17:23:38 - Installato Installazione Guidata Alice
RP6: 25/05/2011 17:53:26 - Windows Modules Installer
RP7: 25/05/2011 17:55:02 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Alice Messenger
Alice ti aiuta
HiJackThis
Installazione Guidata Alice
Malwarebytes' Anti-Malware
Mozilla Firefox 4.0.1 (x86 it)
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
osu!
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
RTC Client API v1.3 msm
Spybot - Search & Destroy
.
==== Event Viewer Messages From Past Week ========
.
25/05/2011 20:09:06, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
25/05/2011 20:08:58, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
.
==== End Of File ===========================
help please