Jump to content

Ian72

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Ian72
    Hi all, I've a Windows 7 64bit pc with an i7 cpu and have fibre optic broadband and I usually get great speeds but a few weeks ago my internet went really slow,at first I thought it was my isp or the router so I contacted them an engineer was sent and checks made and everything was fine. My next step was to check for viruses and I found a trojan that I didn't seem to be able to get rid off,so I formatted the hard drive and reinstalled windows. Sorry but I can't remember the name of the trojan,but anyway after reinstalling windows everything was fine for a few weeks now the problems back! I seem to have loads of connections running,I've tried running lots of different adware programs but I can't find the problem (also I bought Kaspersky and installed it as soon as I had installed windows again but it's found nothing) Adwcleaner log # AdwCleaner v2.104 - Logfile created 01/06/2013 at 12:14:17 # Updated 29/12/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : ian - IAN-PC # Boot Mode : Normal # Running from : C:\Users\ian\Downloads\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\ian\AppData\Local\Wajam ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Crossrider ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Registry is clean. -\\ Google Chrome v23.0.1271.97 File : C:\Users\ian\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [884 octets] - [06/01/2013 11:59:36] AdwCleaner[R2].txt - [816 octets] - [06/01/2013 12:14:18] ########## EOF - C:\AdwCleaner[R2].txt - [875 octets] ########## malwarebytes Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.01.05.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ian :: IAN-PC [administrator] 06/01/2013 12:15:48 mbam-log-2013-01-06 (12-15-48).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 228123 Time elapsed: 1 minute(s), 35 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) dds DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2 Run by ian at 12:20:22 on 2013-01-06 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8144.6085 [GMT 0:00] . AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\System32\svchost.exe -k secsvcs c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab TCP: NameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{FA5BF22E-0260-4B31-BEEE-79796DE08141} : DHCPNameServer = 192.168.1.254 192.168.1.254 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll x64-Run: [CAHS1Sound] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CAHS1.dll,CMICtrlWnd x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4 x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2012-12-15 562456] R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2012-12-15 23832] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504] R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54104] R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178008] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-12-14 98208] R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 356376] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824] R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-5-25 29016] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-7-25 29528] R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2012-11-19 13368] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-12-14 539240] R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);C:\Windows\System32\drivers\rusb3hub.sys [2011-9-15 100352] R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);C:\Windows\System32\drivers\rusb3xhc.sys [2011-9-15 216064] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944] S3 CorsairCAHS1;CA-HS1 Interface;C:\Windows\System32\drivers\CAHS164.sys [2011-6-16 1308160] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-16 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-16 180736] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-17 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-17 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-17 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-17 1255736] . =============== Created Last 30 ================ . 2013-01-06 11:55:23 -------- d-----w- C:\Program Files\CCleaner 2013-01-05 19:36:50 -------- d-sh--w- C:\$RECYCLE.BIN 2013-01-05 19:24:32 98816 ----a-w- C:\Windows\sed.exe 2013-01-05 19:24:32 256000 ----a-w- C:\Windows\PEV.exe 2013-01-05 19:24:32 208896 ----a-w- C:\Windows\MBR.exe 2013-01-05 19:24:29 -------- d-----w- C:\ComboFix 2013-01-05 15:58:42 12872 ----a-w- C:\Windows\System32\bootdelete.exe 2013-01-05 15:55:46 -------- d-----w- C:\ProgramData\HitmanPro 2013-01-05 15:19:20 -------- d-----w- C:\Users\ian\AppData\Roaming\SUPERAntiSpyware.com 2013-01-05 15:19:15 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2013-01-05 15:19:15 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2013-01-05 13:03:20 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-01-05 13:03:20 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2013-01-05 12:31:14 -------- d-----w- C:\Users\ian\AppData\Local\Wajam 2013-01-05 11:30:35 -------- d-----w- C:\Windows\pss 2013-01-05 11:25:02 -------- d-----w- C:\Users\ian\AppData\Roaming\Malwarebytes 2013-01-05 11:24:56 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-01-05 11:24:56 -------- d-----w- C:\ProgramData\Malwarebytes 2013-01-05 11:24:56 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-01-05 11:24:45 -------- d-----w- C:\Users\ian\AppData\Local\Programs 2013-01-04 08:30:41 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CFCFD804-A8F6-4E3D-A8D1-71F6C7285212}\mpengine.dll 2013-01-02 16:24:15 -------- d-----w- C:\ProgramData\EA Core 2013-01-02 16:24:03 -------- d-----w- C:\ProgramData\EA Logs 2013-01-02 16:22:16 -------- d-----w- C:\Users\ian\AppData\Local\ESN Sonar 2013-01-02 16:04:42 -------- d-----w- C:\Users\ian\AppData\Local\ESN 2013-01-02 16:04:41 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins 2013-01-01 20:59:15 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller 2013-01-01 20:22:44 -------- d-----w- C:\Users\ian\AppData\Roaming\Origin 2013-01-01 20:22:43 -------- d-----w- C:\Program Files (x86)\Origin Games 2013-01-01 20:22:34 -------- d-----w- C:\Users\ian\AppData\Local\Origin 2013-01-01 20:21:53 -------- d-----w- C:\ProgramData\Origin 2013-01-01 20:21:52 -------- d-----w- C:\ProgramData\Electronic Arts 2013-01-01 20:21:43 -------- d-----w- C:\Program Files (x86)\Origin 2013-01-01 19:37:28 -------- d-----w- C:\Program Files\Speccy 2012-12-29 14:14:12 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2012-12-28 21:07:46 -------- d-----w- C:\Users\ian\AppData\Local\NBGI 2012-12-22 17:50:02 890216 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-12-22 17:50:02 63336 ----a-w- C:\Windows\System32\nvshext.dll 2012-12-22 17:50:02 6223208 ----a-w- C:\Windows\System32\nvcpl.dll 2012-12-22 17:50:02 3663213 ----a-w- C:\Windows\System32\nvcoproc.bin 2012-12-22 17:50:02 3311464 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-12-22 17:50:02 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll 2012-12-22 17:50:02 118120 ----a-w- C:\Windows\System32\nvmctray.dll 2012-12-22 17:46:30 -------- d-----w- C:\NVIDIA 2012-12-22 17:36:40 -------- d-----w- C:\Program Files (x86)\Phyxion.net 2012-12-22 01:22:09 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-22 01:22:09 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-22 01:22:08 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-22 01:22:07 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-21 19:06:37 -------- d-----w- C:\Users\ian\AppData\Local\My Games 2012-12-18 15:27:54 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-12-18 15:27:50 -------- d-----w- C:\Users\ian\AppData\Local\PunkBuster 2012-12-18 11:56:21 -------- d-----w- C:\Users\ian\AppData\Local\CrashRpt 2012-12-18 11:54:59 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-12-18 11:54:59 280792 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2012-12-18 11:54:58 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2012-12-17 21:47:47 -------- d-----w- C:\Users\ian\AppData\Roaming\Corsair 2012-12-17 21:47:46 8724480 ------w- C:\Windows\SysWow64\CAHS1.dll 2012-12-17 21:47:46 798208 ------w- C:\Windows\System32\CAHS1.exe 2012-12-17 21:47:46 401920 ------w- C:\Windows\System32\CAHS1.cpl 2012-12-17 21:47:46 200704 ------w- C:\Windows\SysWow64\cmpaHS1.dll 2012-12-17 21:47:46 143360 ------w- C:\Windows\VmixHS1.dll 2012-12-17 21:47:46 -------- d-----w- C:\Program Files\Corsair USB Headset 2012-12-17 21:47:43 354304 ------w- C:\Windows\System32\CmiInstallResAll64.dll 2012-12-17 18:58:30 -------- d-----w- C:\Users\ian\AppData\Local\ElevatedDiagnostics 2012-12-17 18:40:21 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-12-17 18:38:22 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls 2012-12-17 17:01:57 -------- d-----w- C:\Users\ian\AppData\Local\SCE 2012-12-17 15:23:20 -------- d-----w- C:\Windows\SysWow64\directx 2012-12-17 15:22:56 -------- d-----w- C:\Program Files (x86)\MSI Afterburner 2012-12-17 08:13:13 -------- d-----w- C:\Windows\SysWow64\Wat 2012-12-17 08:13:12 -------- d-----w- C:\Windows\System32\Wat 2012-12-17 02:01:17 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2012-12-17 02:01:17 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2012-12-17 02:01:17 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2012-12-17 02:01:17 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2012-12-17 01:55:14 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2012-12-17 01:50:06 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2012-12-17 01:50:06 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2012-12-17 01:50:06 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2012-12-17 01:50:06 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2012-12-17 01:50:05 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2012-12-17 01:50:05 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2012-12-17 01:50:05 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2012-12-17 01:48:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-12-17 01:48:50 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-12-17 01:48:50 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-12-17 01:48:50 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-12-17 01:48:50 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-12-16 10:07:57 -------- d-----w- C:\Program Files (x86)\FinalWire 2012-12-16 06:42:57 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-12-16 06:40:56 478208 ----a-w- C:\Windows\System32\dpnet.dll 2012-12-16 06:39:46 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2012-12-16 06:38:58 1731920 ----a-w- C:\Windows\System32\ntdll.dll 2012-12-16 06:38:58 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-12-16 06:38:55 751104 ----a-w- C:\Windows\System32\win32spl.dll 2012-12-16 06:38:55 67072 ----a-w- C:\Windows\splwow64.exe 2012-12-16 06:38:55 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2012-12-16 06:38:55 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll 2012-12-16 06:38:48 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-12-16 06:38:48 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2012-12-16 06:38:48 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-12-16 06:38:47 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-12-16 06:38:47 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-12-16 06:38:47 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-12-16 06:35:38 77312 ----a-w- C:\Windows\System32\packager.dll 2012-12-16 06:35:38 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-12-16 06:34:01 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2012-12-15 14:15:06 -------- d-----w- C:\Users\ian\AppData\Roaming\.minecraft 2012-12-15 14:13:36 916456 ----a-w- C:\Windows\System32\deployJava1.dll 2012-12-15 14:13:35 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll 2012-12-15 14:13:31 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2012-12-15 14:08:10 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-12-15 14:08:10 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-12-15 14:08:06 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-12-15 03:43:36 -------- d-----w- C:\Windows\Panther 2012-12-15 03:43:04 -------- d-----w- C:\Windows\System32\OEM 2012-12-15 03:43:04 -------- d-----w- C:\Hotfix 2012-12-15 03:43:04 -------- d-----w- C:\Drivers 2012-12-15 03:27:06 562456 ----a-w- C:\Windows\System32\drivers\iaStorA.sys 2012-12-15 03:27:06 23832 ----a-w- C:\Windows\System32\drivers\iaStorF.sys 2012-12-14 23:35:58 508264 ----a-w- C:\Windows\System32\d3dx10_36.dll 2012-12-14 23:34:51 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll 2012-12-14 23:34:51 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll 2012-12-14 23:34:51 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll 2012-12-14 23:34:19 -------- d-----w- C:\Windows\SysWow64\xlive 2012-12-14 23:34:15 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2012-12-14 22:52:56 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2012-12-14 22:52:55 -------- d-----w- C:\Program Files (x86)\Steam 2012-12-14 21:54:05 -------- d-----r- C:\Program Files (x86)\Skype 2012-12-14 21:48:29 -------- d-----w- C:\Users\ian\AppData\Local\Google 2012-12-14 21:48:21 -------- d-----w- C:\Users\ian\AppData\Local\Deployment 2012-12-14 21:48:21 -------- d-----w- C:\Users\ian\AppData\Local\Apps 2012-12-14 21:43:28 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll 2012-12-14 21:43:14 56600 ----a-w- C:\Windows\System32\drivers\HECIx64.sys 2012-12-14 21:33:24 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll 2012-12-14 21:33:14 -------- d-----w- C:\Intel 2012-12-14 21:16:34 60776 ----a-w- C:\Windows\System32\OpenCL.dll 2012-12-14 21:16:34 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll 2012-12-14 21:16:18 64856 ----a-w- C:\Windows\System32\klfphc.dll 2012-12-14 21:15:54 -------- d-----w- C:\Windows\ELAMBKUP 2012-12-14 21:15:50 -------- d-----w- C:\ProgramData\Kaspersky Lab 2012-12-14 21:15:50 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab 2012-12-14 21:15:44 89432 ----a-w- C:\Windows\System32\drivers\klflt.sys 2012-12-14 21:15:09 -------- d-----w- C:\Program Files\NVIDIA Corporation 2012-12-14 21:15:09 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation 2012-12-14 21:12:48 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-12-14 21:12:48 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-12-14 21:12:48 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-12-14 21:09:27 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-12-14 21:09:23 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-12-14 21:09:19 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-12-14 21:09:19 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-12-14 21:08:34 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll 2012-12-14 21:08:34 539240 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys 2012-12-14 21:08:34 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll 2012-12-14 20:58:59 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll 2012-12-14 20:58:59 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll 2012-12-14 20:58:59 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe 2012-12-14 20:58:59 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll 2012-12-14 20:58:59 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll 2012-12-14 20:58:59 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll 2012-12-14 20:19:02 -------- d-----w- C:\Users\ian\AppData\Local\Diagnostics 2012-12-14 19:55:08 -------- d-----w- C:\dell . ==================== Find3M ==================== . 2012-12-14 21:32:02 54104 ----a-w- C:\Windows\System32\drivers\kltdi.sys 2012-12-14 21:32:02 29528 ----a-w- C:\Windows\System32\drivers\klmouflt.sys 2012-12-14 21:32:02 29016 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys 2012-11-30 22:43:52 438632 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys 2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll 2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll 2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll 2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll 2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll 2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll . ============= FINISH: 12:20:52.39 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 14/12/2012 19:50:44 System Uptime: 06/01/2013 12:02:25 (0 hours ago) . Motherboard: Alienware | | 07JNH0 Processor: Intel® Core i7-3930K CPU @ 3.20GHz | CPU 1 | 3201/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 931 GiB total, 820.549 GiB free. D: is CDROM () E: is Removable F: is Removable G: is Removable H: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . AIDA64 Extreme Edition v2.70 Batman: Arkham City™ Battlefield 3™ Battlelog Web Plugins CCleaner Corsair USB Headset Dark Souls: Prepare to Die Edition Dota 2 Driver Sweeper version 3.2.0 ESN Sonar Garry's Mod Google Chrome Google Update Helper Intel® Management Engine Components Java 7 Update 9 Java 7 Update 9 (64-bit) Java Auto Updater Kaspersky Internet Security 2013 Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4 Client Profile Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) Microsoft Games for Windows - LIVE Redistributable Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSI Afterburner 2.3.0 NVIDIA 3D Vision Controller Driver 310.70 NVIDIA 3D Vision Driver 310.70 NVIDIA Control Panel 310.70 NVIDIA Graphics Driver 310.70 NVIDIA HD Audio Driver 1.3.18.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components Origin PlanetSide 2 PunkBuster Services Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Red Orchestra 2: Heroes of Stalingrad Renesas Electronics USB 3.0 Host Controller Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Sid Meier's Civilization V Skype™ 6.0 Speccy Steam SUPERAntiSpyware Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Windows Live ID Sign-in Assistant WinRAR 4.20 (64-bit) . ==== Event Viewer Messages From Past Week ======== . 05/01/2013 19:48:54, Error: bowser [8003] - The master browser has received a server announcement from the computer ADHARRY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{FA5BF22E-0260-4B31-BEEE-79796DE08141}. The master browser is stopping or an election is being forced. 05/01/2013 19:28:35, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 05/01/2013 19:28:33, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 05/01/2013 19:28:09, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 05/01/2013 19:24:33, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} 05/01/2013 18:33:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 05/01/2013 18:33:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 05/01/2013 18:33:37, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 05/01/2013 18:33:28, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 05/01/2013 18:33:23, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache KLIF kneps SASDIFSV SASKUTIL spldr Wanarpv6 05/01/2013 15:40:08, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 05/01/2013 15:40:08, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} 05/01/2013 14:31:23, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service gupdatem with arguments "/comsvc" in order to run the server: {9465B4B4-5216-4042-9A2C-754D3BCDC410} 05/01/2013 14:31:23, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69} 05/01/2013 13:42:37, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache KLIF kneps spldr Wanarpv6 04/01/2013 11:35:28, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. . ==== End Of File =========================== Hijack this ogfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:45:42, on 06/01/2013 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" O4 - HKUS\S-1-5-21-2940810599-3561592805-2472969296-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2940810599-3561592805-2472969296-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9353 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.