Ian72
-
Posts
1 -
Joined
-
Last visited
This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
internet is slow
in Resolved Malware Removal Logs
Posted
Hi all,
I've a Windows 7 64bit pc with an i7 cpu and have fibre optic broadband and I usually get great speeds but a few weeks ago my internet went really slow,at first I thought it was my isp or the router so I contacted them an engineer was sent and checks made and everything was fine.
My next step was to check for viruses and I found a trojan that I didn't seem to be able to get rid off,so I formatted the hard drive and reinstalled windows.
Sorry but I can't remember the name of the trojan,but anyway after reinstalling windows everything was fine for a few weeks now the problems back!
I seem to have loads of connections running,I've tried running lots of different adware programs but I can't find the problem (also I bought Kaspersky and installed it as soon as I had installed windows again but it's found nothing)
Adwcleaner log
# AdwCleaner v2.104 - Logfile created 01/06/2013 at 12:14:17
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : ian - IAN-PC
# Boot Mode : Normal
# Running from : C:\Users\ian\Downloads\adwcleaner.exe
# Option [search]
***** [services] *****
***** [Files / Folders] *****
Folder Found : C:\Users\ian\AppData\Local\Wajam
***** [Registry] *****
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
***** [internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Registry is clean.
-\\ Google Chrome v23.0.1271.97
File : C:\Users\ian\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [884 octets] - [06/01/2013 11:59:36]
AdwCleaner[R2].txt - [816 octets] - [06/01/2013 12:14:18]
########## EOF - C:\AdwCleaner[R2].txt - [875 octets] ##########
malwarebytes
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.01.05.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
ian :: IAN-PC [administrator]
06/01/2013 12:15:48
mbam-log-2013-01-06 (12-15-48).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 228123
Time elapsed: 1 minute(s), 35 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
dds
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by ian at 12:20:22 on 2013-01-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8144.6085 [GMT 0:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\System32\svchost.exe -k secsvcs
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{FA5BF22E-0260-4B31-BEEE-79796DE08141} : DHCPNameServer = 192.168.1.254 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [CAHS1Sound] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CAHS1.dll,CMICtrlWnd
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2012-12-15 562456]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2012-12-15 23832]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54104]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178008]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-12-14 98208]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 356376]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-5-25 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-7-25 29528]
R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2012-11-19 13368]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-12-14 539240]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);C:\Windows\System32\drivers\rusb3hub.sys [2011-9-15 100352]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);C:\Windows\System32\drivers\rusb3xhc.sys [2011-9-15 216064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 CorsairCAHS1;CA-HS1 Interface;C:\Windows\System32\drivers\CAHS164.sys [2011-6-16 1308160]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-16 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-16 180736]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-17 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-17 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-17 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-17 1255736]
.
=============== Created Last 30 ================
.
2013-01-06 11:55:23 -------- d-----w- C:\Program Files\CCleaner
2013-01-05 19:36:50 -------- d-sh--w- C:\$RECYCLE.BIN
2013-01-05 19:24:32 98816 ----a-w- C:\Windows\sed.exe
2013-01-05 19:24:32 256000 ----a-w- C:\Windows\PEV.exe
2013-01-05 19:24:32 208896 ----a-w- C:\Windows\MBR.exe
2013-01-05 19:24:29 -------- d-----w- C:\ComboFix
2013-01-05 15:58:42 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2013-01-05 15:55:46 -------- d-----w- C:\ProgramData\HitmanPro
2013-01-05 15:19:20 -------- d-----w- C:\Users\ian\AppData\Roaming\SUPERAntiSpyware.com
2013-01-05 15:19:15 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-01-05 15:19:15 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-01-05 13:03:20 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-01-05 13:03:20 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2013-01-05 12:31:14 -------- d-----w- C:\Users\ian\AppData\Local\Wajam
2013-01-05 11:30:35 -------- d-----w- C:\Windows\pss
2013-01-05 11:25:02 -------- d-----w- C:\Users\ian\AppData\Roaming\Malwarebytes
2013-01-05 11:24:56 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-01-05 11:24:56 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-05 11:24:56 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-05 11:24:45 -------- d-----w- C:\Users\ian\AppData\Local\Programs
2013-01-04 08:30:41 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CFCFD804-A8F6-4E3D-A8D1-71F6C7285212}\mpengine.dll
2013-01-02 16:24:15 -------- d-----w- C:\ProgramData\EA Core
2013-01-02 16:24:03 -------- d-----w- C:\ProgramData\EA Logs
2013-01-02 16:22:16 -------- d-----w- C:\Users\ian\AppData\Local\ESN Sonar
2013-01-02 16:04:42 -------- d-----w- C:\Users\ian\AppData\Local\ESN
2013-01-02 16:04:41 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins
2013-01-01 20:59:15 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2013-01-01 20:22:44 -------- d-----w- C:\Users\ian\AppData\Roaming\Origin
2013-01-01 20:22:43 -------- d-----w- C:\Program Files (x86)\Origin Games
2013-01-01 20:22:34 -------- d-----w- C:\Users\ian\AppData\Local\Origin
2013-01-01 20:21:53 -------- d-----w- C:\ProgramData\Origin
2013-01-01 20:21:52 -------- d-----w- C:\ProgramData\Electronic Arts
2013-01-01 20:21:43 -------- d-----w- C:\Program Files (x86)\Origin
2013-01-01 19:37:28 -------- d-----w- C:\Program Files\Speccy
2012-12-29 14:14:12 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2012-12-28 21:07:46 -------- d-----w- C:\Users\ian\AppData\Local\NBGI
2012-12-22 17:50:02 890216 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-12-22 17:50:02 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-12-22 17:50:02 6223208 ----a-w- C:\Windows\System32\nvcpl.dll
2012-12-22 17:50:02 3663213 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-12-22 17:50:02 3311464 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-12-22 17:50:02 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-12-22 17:50:02 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-12-22 17:46:30 -------- d-----w- C:\NVIDIA
2012-12-22 17:36:40 -------- d-----w- C:\Program Files (x86)\Phyxion.net
2012-12-22 01:22:09 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-22 01:22:09 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-22 01:22:08 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-22 01:22:07 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-21 19:06:37 -------- d-----w- C:\Users\ian\AppData\Local\My Games
2012-12-18 15:27:54 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-12-18 15:27:50 -------- d-----w- C:\Users\ian\AppData\Local\PunkBuster
2012-12-18 11:56:21 -------- d-----w- C:\Users\ian\AppData\Local\CrashRpt
2012-12-18 11:54:59 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-12-18 11:54:59 280792 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-12-18 11:54:58 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-12-17 21:47:47 -------- d-----w- C:\Users\ian\AppData\Roaming\Corsair
2012-12-17 21:47:46 8724480 ------w- C:\Windows\SysWow64\CAHS1.dll
2012-12-17 21:47:46 798208 ------w- C:\Windows\System32\CAHS1.exe
2012-12-17 21:47:46 401920 ------w- C:\Windows\System32\CAHS1.cpl
2012-12-17 21:47:46 200704 ------w- C:\Windows\SysWow64\cmpaHS1.dll
2012-12-17 21:47:46 143360 ------w- C:\Windows\VmixHS1.dll
2012-12-17 21:47:46 -------- d-----w- C:\Program Files\Corsair USB Headset
2012-12-17 21:47:43 354304 ------w- C:\Windows\System32\CmiInstallResAll64.dll
2012-12-17 18:58:30 -------- d-----w- C:\Users\ian\AppData\Local\ElevatedDiagnostics
2012-12-17 18:40:21 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-12-17 18:38:22 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
2012-12-17 17:01:57 -------- d-----w- C:\Users\ian\AppData\Local\SCE
2012-12-17 15:23:20 -------- d-----w- C:\Windows\SysWow64\directx
2012-12-17 15:22:56 -------- d-----w- C:\Program Files (x86)\MSI Afterburner
2012-12-17 08:13:13 -------- d-----w- C:\Windows\SysWow64\Wat
2012-12-17 08:13:12 -------- d-----w- C:\Windows\System32\Wat
2012-12-17 02:01:17 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-12-17 02:01:17 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-12-17 02:01:17 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-12-17 02:01:17 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-12-17 01:55:14 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2012-12-17 01:50:06 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-12-17 01:50:06 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-12-17 01:50:06 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-12-17 01:50:06 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-12-17 01:50:05 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-12-17 01:50:05 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-12-17 01:50:05 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-12-17 01:48:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-12-17 01:48:50 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-12-17 01:48:50 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-12-17 01:48:50 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-12-17 01:48:50 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-12-16 10:07:57 -------- d-----w- C:\Program Files (x86)\FinalWire
2012-12-16 06:42:57 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-16 06:40:56 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-12-16 06:39:46 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2012-12-16 06:38:58 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-12-16 06:38:58 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-12-16 06:38:55 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-12-16 06:38:55 67072 ----a-w- C:\Windows\splwow64.exe
2012-12-16 06:38:55 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-12-16 06:38:55 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-12-16 06:38:48 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-12-16 06:38:48 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2012-12-16 06:38:48 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-12-16 06:38:47 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-12-16 06:38:47 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-12-16 06:38:47 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-12-16 06:35:38 77312 ----a-w- C:\Windows\System32\packager.dll
2012-12-16 06:35:38 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-12-16 06:34:01 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-12-15 14:15:06 -------- d-----w- C:\Users\ian\AppData\Roaming\.minecraft
2012-12-15 14:13:36 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-12-15 14:13:35 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-12-15 14:13:31 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-12-15 14:08:10 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-12-15 14:08:10 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-12-15 14:08:06 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-15 03:43:36 -------- d-----w- C:\Windows\Panther
2012-12-15 03:43:04 -------- d-----w- C:\Windows\System32\OEM
2012-12-15 03:43:04 -------- d-----w- C:\Hotfix
2012-12-15 03:43:04 -------- d-----w- C:\Drivers
2012-12-15 03:27:06 562456 ----a-w- C:\Windows\System32\drivers\iaStorA.sys
2012-12-15 03:27:06 23832 ----a-w- C:\Windows\System32\drivers\iaStorF.sys
2012-12-14 23:35:58 508264 ----a-w- C:\Windows\System32\d3dx10_36.dll
2012-12-14 23:34:51 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2012-12-14 23:34:51 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2012-12-14 23:34:51 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2012-12-14 23:34:19 -------- d-----w- C:\Windows\SysWow64\xlive
2012-12-14 23:34:15 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2012-12-14 22:52:56 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2012-12-14 22:52:55 -------- d-----w- C:\Program Files (x86)\Steam
2012-12-14 21:54:05 -------- d-----r- C:\Program Files (x86)\Skype
2012-12-14 21:48:29 -------- d-----w- C:\Users\ian\AppData\Local\Google
2012-12-14 21:48:21 -------- d-----w- C:\Users\ian\AppData\Local\Deployment
2012-12-14 21:48:21 -------- d-----w- C:\Users\ian\AppData\Local\Apps
2012-12-14 21:43:28 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2012-12-14 21:43:14 56600 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2012-12-14 21:33:24 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2012-12-14 21:33:14 -------- d-----w- C:\Intel
2012-12-14 21:16:34 60776 ----a-w- C:\Windows\System32\OpenCL.dll
2012-12-14 21:16:34 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-12-14 21:16:18 64856 ----a-w- C:\Windows\System32\klfphc.dll
2012-12-14 21:15:54 -------- d-----w- C:\Windows\ELAMBKUP
2012-12-14 21:15:50 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-12-14 21:15:50 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2012-12-14 21:15:44 89432 ----a-w- C:\Windows\System32\drivers\klflt.sys
2012-12-14 21:15:09 -------- d-----w- C:\Program Files\NVIDIA Corporation
2012-12-14 21:15:09 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-12-14 21:12:48 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-12-14 21:12:48 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-12-14 21:12:48 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-12-14 21:09:27 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-12-14 21:09:23 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-12-14 21:09:19 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-12-14 21:09:19 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-12-14 21:08:34 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-12-14 21:08:34 539240 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-12-14 21:08:34 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-12-14 20:58:59 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2012-12-14 20:58:59 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2012-12-14 20:58:59 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-12-14 20:58:59 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2012-12-14 20:58:59 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2012-12-14 20:58:59 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2012-12-14 20:19:02 -------- d-----w- C:\Users\ian\AppData\Local\Diagnostics
2012-12-14 19:55:08 -------- d-----w- C:\dell
.
==================== Find3M ====================
.
2012-12-14 21:32:02 54104 ----a-w- C:\Windows\System32\drivers\kltdi.sys
2012-12-14 21:32:02 29528 ----a-w- C:\Windows\System32\drivers\klmouflt.sys
2012-12-14 21:32:02 29016 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys
2012-11-30 22:43:52 438632 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
.
============= FINISH: 12:20:52.39 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 14/12/2012 19:50:44
System Uptime: 06/01/2013 12:02:25 (0 hours ago)
.
Motherboard: Alienware | | 07JNH0
Processor: Intel® Core i7-3930K CPU @ 3.20GHz | CPU 1 | 3201/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 820.549 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
AIDA64 Extreme Edition v2.70
Batman: Arkham City™
Battlefield 3™
Battlelog Web Plugins
CCleaner
Corsair USB Headset
Dark Souls: Prepare to Die Edition
Dota 2
Driver Sweeper version 3.2.0
ESN Sonar
Garry's Mod
Google Chrome
Google Update Helper
Intel® Management Engine Components
Java 7 Update 9
Java 7 Update 9 (64-bit)
Java Auto Updater
Kaspersky Internet Security 2013
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 4 Client Profile
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MSI Afterburner 2.3.0
NVIDIA 3D Vision Controller Driver 310.70
NVIDIA 3D Vision Driver 310.70
NVIDIA Control Panel 310.70
NVIDIA Graphics Driver 310.70
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.11.3
NVIDIA Update Components
Origin
PlanetSide 2
PunkBuster Services
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Red Orchestra 2: Heroes of Stalingrad
Renesas Electronics USB 3.0 Host Controller Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Sid Meier's Civilization V
Skype™ 6.0
Speccy
Steam
SUPERAntiSpyware
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Windows Live ID Sign-in Assistant
WinRAR 4.20 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
05/01/2013 19:48:54, Error: bowser [8003] - The master browser has received a server announcement from the computer ADHARRY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{FA5BF22E-0260-4B31-BEEE-79796DE08141}. The master browser is stopping or an election is being forced.
05/01/2013 19:28:35, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
05/01/2013 19:28:33, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
05/01/2013 19:28:09, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
05/01/2013 19:24:33, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
05/01/2013 18:33:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
05/01/2013 18:33:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
05/01/2013 18:33:37, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
05/01/2013 18:33:28, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
05/01/2013 18:33:23, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache KLIF kneps SASDIFSV SASKUTIL spldr Wanarpv6
05/01/2013 15:40:08, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
05/01/2013 15:40:08, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
05/01/2013 14:31:23, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service gupdatem with arguments "/comsvc" in order to run the server: {9465B4B4-5216-4042-9A2C-754D3BCDC410}
05/01/2013 14:31:23, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
05/01/2013 13:42:37, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache KLIF kneps spldr Wanarpv6
04/01/2013 11:35:28, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
.
==== End Of File ===========================
Hijack this
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:45:42, on 06/01/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
O4 - HKUS\S-1-5-21-2940810599-3561592805-2472969296-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2940810599-3561592805-2472969296-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9353 bytes