Jump to content

NickDiaz209

Members
  • Posts

    13
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Problem signature: Problem Event Name: BlueScreen OS Version: 6.1.7601.2.1.0.256.1 Locale ID: 1033 Additional information about the problem: BCCode: 9f BCP1: 0000000000000003 BCP2: FFFFFA800A4A6630 BCP3: FFFFF8000444E3D8 BCP4: FFFFFA800B77EC60 OS Version: 6_1_7601 Service Pack: 1_0 Product: 256_1 Files that help describe the problem: C:\Windows\Minidump\061113-7191-01.dmp C:\Users\Roman\AppData\Local\Temp\WER-10374-0.sysdata.xml Read our privacy statement online: http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409 If the online privacy statement is not available, please read our privacy statement offline: C:\Windows\system32\en-US\erofflps.txt
  2. <p>Kaspersky Virus removal is ongoing,</p> <p>however I had a question regarding this error that i now get when putting my computer into sleep mode</p> <p> </p> <div>Problem signature:</div> <div> Problem Event Name:<span class="Apple-tab-span" style="white-space:pre"> </span>BlueScreen</div> <div> OS Version:<span class="Apple-tab-span" style="white-space:pre"> </span>6.1.7601.2.1.0.256.1</div> <div> Locale ID:<span class="Apple-tab-span" style="white-space:pre"> </span>1033</div> <div> </div> <div>Additional information about the problem:</div> <div> BCCode:<span class="Apple-tab-span" style="white-space:pre"> </span>9f</div> <div> BCP1:<span class="Apple-tab-span" style="white-space:pre"> </span>0000000000000003</div> <div> BCP2:<span class="Apple-tab-span" style="white-space:pre"> </span>FFFFFA800A4A6630</div> <div> BCP3:<span class="Apple-tab-span" style="white-space:pre"> </span>FFFFF8000444E3D8</div> <div> BCP4:<span class="Apple-tab-span" style="white-space:pre"> </span>FFFFFA800B77EC60</div> <div> OS Version:<span class="Apple-tab-span" style="white-space:pre"> </span>6_1_7601</div> <div> Service Pack:<span class="Apple-tab-span" style="white-space:pre"> </span>1_0</div> <div> Product:<span class="Apple-tab-span" style="white-space:pre"> </span>256_1</div> <div> </div> <div>Files that help describe the problem:</div> <div> C:\Windows\Minidump\061113-7191-01.dmp</div> <div> C:\Users\Roman\AppData\Local\Temp\WER-10374-0.sysdata.xml</div> <div> </div> <div>Read our privacy statement online:</div> <div> http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409</div> <div> </div> <div>If the online privacy statement is not available, please read our privacy statement offline:</div> <div> C:\Windows\system32\en-US\erofflps.txt</div> <div> </div>
  3. ComboFix 13-06-08.02 - Roman 06/11/2013 3:52.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8143.4879 [GMT -4:00] Running from: c:\users\Roman\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\SysWow64\frapsvid.dll . . ((((((((((((((((((((((((( Files Created from 2013-05-11 to 2013-06-11 ))))))))))))))))))))))))))))))) . . 2013-06-11 07:54 . 2013-06-11 07:54 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-06-11 07:54 . 2013-06-11 07:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-06-11 06:56 . 2013-06-11 06:56 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A2C6D754-9C62-49FA-A96E-AE47D2B9D0E3}\offreg.dll 2013-06-10 19:12 . 2013-05-13 03:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A2C6D754-9C62-49FA-A96E-AE47D2B9D0E3}\mpengine.dll 2013-06-09 20:29 . 2013-06-09 20:29 -------- d-----w- c:\users\Roman\AppData\Local\Chromium 2013-06-09 20:29 . 2013-06-09 20:29 -------- d-----w- c:\programdata\Rockstar Games 2013-06-09 20:28 . 2013-06-09 20:28 -------- d-----w- c:\program files (x86)\Rockstar Games 2013-06-09 16:28 . 2013-05-13 03:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-06-07 06:04 . 2013-06-11 07:32 -------- d-----w- c:\users\Roman\AppData\Local\Spotify 2013-06-07 06:04 . 2013-06-11 06:45 -------- d-----w- c:\users\Roman\AppData\Roaming\Spotify 2013-06-03 06:23 . 2013-06-03 06:23 -------- d-----w- c:\windows\ERUNT 2013-06-03 06:18 . 2013-06-03 06:23 -------- d-----w- C:\JRT 2013-06-02 10:27 . 2013-06-02 10:27 -------- d-----w- c:\users\Roman\AppData\Roaming\Malwarebytes 2013-06-02 10:26 . 2013-06-02 10:26 -------- d-----w- c:\programdata\Malwarebytes 2013-06-02 10:26 . 2013-06-02 10:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-06-02 10:26 . 2013-04-04 18:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-02 07:53 . 2013-06-02 07:53 -------- d-----w- c:\program files (x86)\VS Revo Group 2013-06-02 07:43 . 2013-06-02 07:54 -------- d-----w- c:\users\Roman\AppData\Local\Sony 2013-06-02 07:43 . 2013-06-02 07:43 -------- d-----w- c:\windows\SysWow64\spool 2013-06-02 07:43 . 2013-06-02 07:47 -------- d-----w- c:\users\Roman\AppData\Roaming\Sony 2013-06-02 07:31 . 2013-06-02 07:31 -------- d-----w- c:\users\Roman\AppData\Roaming\ImgBurn 2013-06-02 07:31 . 2013-06-02 07:31 -------- d-----w- c:\program files (x86)\ImgBurn 2013-06-02 06:43 . 2013-06-02 06:43 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BCDB775F-F05B-491B-84E6-E03606DC02A0}\gapaengine.dll 2013-06-02 06:42 . 2013-06-02 06:42 -------- d-----w- c:\program files (x86)\Microsoft Security Client 2013-06-02 06:42 . 2013-06-02 06:42 -------- d-----w- c:\program files\Microsoft Security Client 2013-06-02 06:39 . 2013-06-03 06:45 -------- d-----w- c:\users\Roman\AppData\Roaming\Aspah 2013-06-02 06:39 . 2013-06-03 06:35 -------- d-----w- c:\users\Roman\AppData\Roaming\tor 2013-06-02 06:39 . 2013-06-02 06:40 -------- d-----w- c:\users\Roman\AppData\Roaming\Oqto 2013-06-02 05:12 . 2013-06-02 05:12 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-05-31 06:48 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{415F202C-A0EA-4FD0-B9F8-2DE1AEAADEE8}\mpengine.dll 2013-05-30 16:40 . 2013-05-30 16:40 -------- d-----w- c:\users\Roman\AppData\Roaming\JasonRobitaille 2013-05-30 16:39 . 2013-05-30 16:39 -------- d-----w- c:\windows\system32\appmgmt 2013-05-30 16:09 . 2013-05-30 16:56 -------- d-----w- c:\program files\Palm, Inc 2013-05-30 16:09 . 2013-05-30 16:09 -------- d-----w- c:\program files\DIFX 2013-05-29 01:02 . 2013-05-29 01:02 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2013-05-29 01:02 . 2013-05-29 01:02 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2013-05-29 01:02 . 2013-05-29 01:02 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2013-05-29 01:02 . 2013-05-29 01:02 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2013-05-29 01:02 . 2013-05-29 01:02 -------- d-----w- c:\program files (x86)\OpenAL 2013-05-28 22:57 . 2013-06-02 06:57 -------- d-----w- c:\users\Roman\AppData\Roaming\NVIDIA 2013-05-26 23:19 . 2013-05-26 23:19 -------- d--h--w- c:\programdata\CanonBJ 2013-05-26 23:19 . 2006-09-13 00:00 80896 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP86.DLL 2013-05-26 23:19 . 2006-09-13 00:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD86.DLL 2013-05-26 23:19 . 2006-09-13 00:00 234496 ----a-w- c:\windows\system32\CNMLM86.DLL 2013-05-26 22:51 . 2013-05-26 22:51 -------- d-----w- c:\users\Roman\AppData\Local\ElevatedDiagnostics 2013-05-26 22:46 . 2013-05-26 22:46 -------- d-----r- c:\users\Roman\AppData\Roaming\Brother 2013-05-26 22:45 . 2013-05-26 22:45 -------- d-----w- c:\users\Roman\AppData\Roaming\PC-FAX TX 2013-05-26 22:41 . 2013-05-26 22:41 -------- d-----w- c:\programdata\Brother 2013-05-24 07:01 . 2013-05-24 07:01 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-05-24 07:00 . 2013-05-24 07:00 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-23 23:24 . 2013-05-23 23:24 -------- d-----w- c:\program files (x86)\Common Files\BioWare 2013-05-13 15:32 . 2013-05-13 15:32 -------- d-----w- C:\SearchProtect . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-10 00:59 . 2013-05-01 02:34 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2013-06-10 00:59 . 2013-04-28 17:32 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-06-10 00:59 . 2013-04-28 17:32 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2013-05-15 07:02 . 2013-03-13 04:15 75016696 ----a-w- c:\windows\system32\MRT.exe 2013-05-15 05:48 . 2013-04-24 20:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-15 05:48 . 2013-04-24 20:43 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-05-10 22:08 . 2009-08-18 16:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll 2013-05-10 22:08 . 2009-08-18 15:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-05-02 15:29 . 2013-03-10 06:57 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-05-01 02:44 . 2013-04-28 17:32 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2013-04-18 08:51 . 2013-04-27 18:12 127384 ----a-w- c:\windows\system32\drivers\scdemu.sys 2013-04-13 05:49 . 2013-05-15 03:40 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49 . 2013-05-15 03:40 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49 . 2013-05-15 03:40 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49 . 2013-05-15 03:40 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45 . 2013-05-15 03:40 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-04-13 04:45 . 2013-05-15 03:40 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-04-12 14:45 . 2013-04-24 08:27 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-04 09:35 . 2013-03-22 10:31 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-22 10:31 . 2013-03-22 10:31 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-03-22 10:31 . 2013-03-22 10:31 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-03-19 06:04 . 2013-04-11 03:26 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-03-19 05:46 . 2013-04-11 03:26 43520 ----a-w- c:\windows\system32\csrsrv.dll 2013-03-19 05:04 . 2013-04-11 03:26 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04 . 2013-04-11 03:26 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47 . 2013-04-11 03:26 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll 2013-03-19 03:06 . 2013-04-11 03:26 112640 ----a-w- c:\windows\system32\smss.exe 2013-03-15 05:53 . 2013-04-06 23:43 968408 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2013-03-15 05:53 . 2013-04-06 23:43 9414456 ----a-w- c:\windows\system32\nvcuda.dll 2013-03-15 05:53 . 2013-04-06 23:43 7959000 ----a-w- c:\windows\SysWow64\nvcuda.dll 2013-03-15 05:53 . 2013-04-06 23:43 7573816 ----a-w- c:\windows\system32\nvopencl.dll 2013-03-15 05:53 . 2013-04-06 23:43 6271872 ----a-w- c:\windows\SysWow64\nvopencl.dll 2013-03-15 05:53 . 2013-04-06 23:43 420128 ----a-w- c:\windows\system32\nvEncodeAPI64.dll 2013-03-15 05:53 . 2013-04-06 23:43 364832 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll 2013-03-15 05:53 . 2013-04-06 23:43 2913056 ----a-w- c:\windows\system32\nvcuvid.dll 2013-03-15 05:53 . 2013-04-06 23:43 2728736 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2013-03-15 05:53 . 2013-04-06 23:43 26956576 ----a-w- c:\windows\system32\nvoglv64.dll 2013-03-15 05:53 . 2013-04-06 23:43 25256736 ----a-w- c:\windows\system32\nvcompiler.dll 2013-03-15 05:53 . 2013-04-06 23:43 250504 ----a-w- c:\windows\system32\nvinitx.dll 2013-03-15 05:53 . 2013-04-06 23:43 2355488 ----a-w- c:\windows\system32\nvcuvenc.dll 2013-03-15 05:53 . 2013-04-06 23:43 20542752 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2013-03-15 05:53 . 2013-04-06 23:43 205184 ----a-w- c:\windows\SysWow64\nvinit.dll 2013-03-15 05:53 . 2013-04-06 23:43 1995552 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2013-03-15 05:53 . 2013-04-06 23:43 1807136 ----a-w- c:\windows\system32\nvdispco6431422.dll 2013-03-15 05:53 . 2013-04-06 23:43 17990800 ----a-w- c:\windows\system32\nvd3dumx.dll 2013-03-15 05:53 . 2013-04-06 23:43 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2013-03-15 05:53 . 2013-04-06 23:43 1510176 ----a-w- c:\windows\system32\nvdispgenco6431422.dll 2013-03-15 05:53 . 2013-04-06 23:43 13088000 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2013-03-15 05:53 . 2013-04-06 23:43 11048736 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2013-03-15 05:53 . 2012-10-11 01:23 2864144 ----a-w- c:\windows\system32\nvapi64.dll 2013-03-15 05:53 . 2012-10-11 01:23 1118776 ----a-w- c:\windows\system32\nvumdshimx.dll 2013-03-15 05:53 . 2012-10-11 01:23 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll 2013-03-15 05:53 . 2012-10-11 01:22 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll 2013-03-15 05:53 . 2012-10-11 01:22 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2013-03-15 04:16 . 2013-03-10 06:38 3477280 ----a-w- c:\windows\system32\nvsvc64.dll 2013-03-15 04:16 . 2013-03-10 06:38 6398240 ----a-w- c:\windows\system32\nvcpl.dll 2013-03-15 04:16 . 2013-03-10 06:38 877856 ----a-w- c:\windows\system32\nvvsvc.exe 2013-03-15 04:16 . 2013-03-10 06:38 63776 ----a-w- c:\windows\system32\nvshext.dll 2013-03-15 04:16 . 2013-03-10 06:38 237856 ----a-w- c:\windows\system32\nvmctray.dll 2013-03-15 02:07 . 2013-03-15 02:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2013-03-13 16:24 . 2013-03-10 06:38 3065455 ----a-w- c:\windows\system32\nvcoproc.bin . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "Spotify"="c:\users\Roman\AppData\Roaming\Spotify\Spotify.exe" [2013-06-07 4573184] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-04 291608] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x] S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x] S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x] S2 NovacomD;Palm Novacom;c:\program files\Palm, Inc\novacomd\amd64\novacomd.exe;c:\program files\Palm, Inc\novacomd\amd64\novacomd.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x] S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-06-06 23:12 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-06-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-24 05:48] . 2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-10 06:23] . 2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-10 06:23] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-02-10 6463592] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKU-Default-Run-SearchProtect - \SearchProtect\bin\cltmng.exe AddRemove-BattlEye for A2 - d:\programs\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2318815334-1083360927-2397050128-1000\Software\SecuROM\License information*] "datasecu"=hex:51,8a,9f,d6,03,3f,48,ab,21,9f,c9,19,1d,65,29,f7,4c,23,94,d0,09, cf,26,7b,de,2b,ee,b7,6e,c4,f1,76,00,db,79,15,db,f5,6a,97,a0,5c,f0,73,de,08,\ "rkeysecu"=hex:cf,7e,9c,ac,70,b6,e0,61,16,b9,37,7b,a8,a3,de,97 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-06-11 03:55:14 ComboFix-quarantined-files.txt 2013-06-11 07:55 . Pre-Run: 35,470,811,136 bytes free Post-Run: 36,452,384,768 bytes free . - - End Of File - - 953B846347D2FED10EB11BED945DD1C4 D41D8CD98F00B204E9800998ECF8427E
  4. # AdwCleaner v2.301 - Logfile created 06/03/2013 at 05:09:53 # Updated 16/05/2013 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits) # User : Roman - ROMAN-PC # Boot Mode : Normal # Running from : C:\Users\Roman\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\Users\Roman\AppData\Local\Temp\Uninstall.exe Folder Deleted : C:\Users\Roman\AppData\Local\PackageAware ***** [Registry] ***** Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\SearchProtect Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\Software\SearchProtect Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16576 [OK] Registry is clean. -\\ Google Chrome v27.0.1453.94 File : C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [2046 octets] - [03/06/2013 02:58:01] AdwCleaner[R2].txt - [2106 octets] - [03/06/2013 02:59:35] AdwCleaner[s1].txt - [2071 octets] - [03/06/2013 05:09:53] ########## EOF - C:\AdwCleaner[s1].txt - [2131 octets] ##########
  5. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.21.2 Run by Roman at 3:04:45 on 2013-06-03 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8143.6442 [GMT -4:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Windows\system32\IProsetMonitor.exe C:\Windows\system32\PrintIsolationHost.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\notepad.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com mWinlogon: Userinit = userinit.exe, BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" dRun: [searchProtect] \SearchProtect\bin\cltmng.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 TCP: NameServer = 192.168.1.1 TCP: Interfaces\{41A13EF4-47C8-4E6E-935B-F60F4A593D9F} : DHCPNameServer = 192.168.1.1 SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-3-10 16152] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-3-10 13592] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-3-10 178344] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-3-10 161560] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008] R2 NovacomD;Palm Novacom;C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe [2011-6-24 72192] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264] R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-4-2 3560288] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-3-10 363800] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752] R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-3-10 355096] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-3-10 786200] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-4-22 49152] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-10 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-11 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-11 1255736] . =============== Created Last 30 ================ . 2013-06-03 06:57:06 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{61B690A9-F6C0-4038-B34C-E7E6FD36534A}\mpengine.dll 2013-06-03 06:23:28 -------- d-----w- C:\Windows\ERUNT 2013-06-03 06:18:31 -------- d-----w- C:\JRT 2013-06-02 10:27:09 -------- d-----w- C:\Users\Roman\AppData\Roaming\Malwarebytes 2013-06-02 10:26:55 -------- d-----w- C:\ProgramData\Malwarebytes 2013-06-02 10:26:54 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-06-02 10:26:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-06-02 07:53:31 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2013-06-02 07:43:56 -------- d-----w- C:\Windows\SysWow64\spool 2013-06-02 07:43:56 -------- d-----w- C:\Users\Roman\AppData\Local\Sony 2013-06-02 06:43:38 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BCDB775F-F05B-491B-84E6-E03606DC02A0}\gapaengine.dll 2013-06-02 06:43:36 9460464 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-06-02 06:42:36 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2013-06-02 06:42:35 -------- d-----w- C:\Program Files\Microsoft Security Client 2013-06-02 06:39:30 -------- d-----w- C:\Users\Roman\AppData\Roaming\tor 2013-06-02 06:39:30 -------- d-----w- C:\Users\Roman\AppData\Roaming\Oqto 2013-06-02 06:39:30 -------- d-----w- C:\Users\Roman\AppData\Roaming\Aspah 2013-05-31 06:48:58 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{415F202C-A0EA-4FD0-B9F8-2DE1AEAADEE8}\mpengine.dll 2013-05-30 16:40:56 -------- d-----w- C:\Users\Roman\AppData\Roaming\JasonRobitaille 2013-05-30 16:39:00 -------- d-----w- C:\Windows\System32\appmgmt 2013-05-30 16:09:44 -------- d-----w- C:\Program Files\Palm, Inc 2013-05-29 01:02:54 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2013-05-29 01:02:54 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2013-05-29 01:02:54 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2013-05-29 01:02:54 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll 2013-05-29 01:02:54 -------- d-----w- C:\Program Files (x86)\OpenAL 2013-05-28 22:57:50 -------- d-----w- C:\Users\Roman\AppData\Roaming\NVIDIA 2013-05-27 14:53:53 -------- d-----w- C:\Windows\pss 2013-05-26 23:19:10 80896 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPP86.DLL 2013-05-26 23:19:10 27136 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPD86.DLL 2013-05-26 23:19:09 234496 ----a-w- C:\Windows\System32\CNMLM86.DLL 2013-05-26 22:51:10 -------- d-----w- C:\Users\Roman\AppData\Local\ElevatedDiagnostics 2013-05-26 22:46:02 -------- d-----r- C:\Users\Roman\AppData\Roaming\Brother 2013-05-26 22:45:22 -------- d-----w- C:\Users\Roman\AppData\Roaming\PC-FAX TX 2013-05-26 22:41:43 -------- d-----w- C:\ProgramData\Brother 2013-05-24 07:00:57 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-23 23:24:09 -------- d-----w- C:\Program Files (x86)\Common Files\BioWare 2013-05-13 15:32:05 -------- d-----w- C:\SearchProtect 2013-05-08 07:47:49 -------- d-----w- C:\Users\Roman\AppData\Roaming\LoneSurvivor 2013-05-04 20:20:42 -------- d-----w- C:\Users\Roman\AppData\Local\Ubisoft Game Launcher . ==================== Find3M ==================== . 2013-06-03 05:07:38 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2013-06-03 05:07:38 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-06-03 05:07:28 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2013-05-24 07:00:57 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-15 05:48:20 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-15 05:48:20 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-05-01 02:44:16 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2013-04-18 08:51:02 127384 ----a-w- C:\Windows\System32\drivers\scdemu.sys 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll 2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-04-04 09:35:05 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-22 10:31:19 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-03-22 10:31:19 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll 2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll 2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe 2013-03-15 04:16:18 3477280 ----a-w- C:\Windows\System32\nvsvc64.dll 2013-03-15 04:16:17 6398240 ----a-w- C:\Windows\System32\nvcpl.dll 2013-03-15 04:16:10 877856 ----a-w- C:\Windows\System32\nvvsvc.exe 2013-03-15 04:16:10 63776 ----a-w- C:\Windows\System32\nvshext.dll 2013-03-15 04:16:10 237856 ----a-w- C:\Windows\System32\nvmctray.dll 2013-03-15 02:07:52 559904 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2013-03-13 16:24:01 3065455 ----a-w- C:\Windows\System32\nvcoproc.bin 2013-03-13 04:15:22 175616 ----a-w- C:\Windows\System32\msclmd.dll 2013-03-13 04:15:22 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll . ============= FINISH: 3:04:53.47 ===============
  6. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 7 Ultimate x64 Ran by Roman on Mon 06/03/2013 at 2:23:29.38 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] cltmngsvc Successfully deleted: [service] cltmngsvc ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotect Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotectall Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2318815334-1083360927-2397050128-1000\Software\Microsoft\Internet Explorer\Main\\Start Page ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopes Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3289075 Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4C125AC9-077D-4DF6-A034-55B6F9F908D4} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Roman\AppData\Roaming\searchprotect" Successfully deleted: [Folder] "C:\Users\Roman\appdata\local\conduit" Successfully deleted: [Folder] "C:\Users\Roman\appdata\locallow\conduit" Successfully deleted: [Folder] "C:\Program Files (x86)\conduit" Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Mon 06/03/2013 at 2:25:01.63 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.06.03.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16576 Roman :: ROMAN-PC [administrator] 6/3/2013 2:44:14 AM mbam-log-2013-06-03 (02-44-14).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 233971 Time elapsed: 1 minute(s), 19 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{1A4FFB6D-4BDD-5CE7-E30D-51DDBE546F76} (Trojan.Kryptik) -> Data: C:\Users\Roman\AppData\Roaming\Aspah\raufo.exe -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\Roman\AppData\Roaming\Aspah\raufo.exe (Trojan.Kryptik) -> Quarantined and deleted successfully. (end) # AdwCleaner v2.301 - Logfile created 06/03/2013 at 02:58:01 # Updated 16/05/2013 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits) # User : Roman - ROMAN-PC # Boot Mode : Normal # Running from : C:\Users\Roman\Downloads\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Users\Roman\AppData\Local\Temp\Uninstall.exe Folder Found : C:\Users\Roman\AppData\Local\PackageAware ***** [Registry] ***** Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\SearchProtect Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\Software\SearchProtect Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16576 [OK] Registry is clean. -\\ Google Chrome v27.0.1453.94 File : C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [1921 octets] - [03/06/2013 02:58:01] ########## EOF - C:\AdwCleaner[R1].txt - [1981 octets] ########## RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Roman [Admin rights] Mode : Scan -- Date : 06/03/2013 03:00:49 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤ [HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: SanDisk SDSSDX240GG25 +++++ --- User --- [MBR] ff524bc80346d33f06aeab07ed379bf5 [bSP] 10f38be670bf446d8b09bae76765bd0c : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 228934 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: M4-CT128M4SSD2 +++++ --- User --- [MBR] b3d93e08254cf8842e4cd0f2304eaf91 [bSP] df7cc0dd3b599420f2b770746b4c8ad7 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 122102 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2]_S_06032013_02d0300.txt >> RKreport[1]_S_06022013_02d0401.txt ; RKreport[2]_S_06032013_02d0300.txt
  7. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume2 Install Date: 3/10/2013 2:20:18 AM System Uptime: 5/29/2013 3:06:09 PM (87 hours ago) . Motherboard: ASUSTeK COMPUTER INC. | | SABERTOOTH Z77 Processor: Intel® Core i5-3570K CPU @ 3.40GHz | LGA1155 | 3401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 119 GiB total, 12.333 GiB free. D: is FIXED (NTFS) - 224 GiB total, 65.828 GiB free. E: is CDROM () F: is CDROM () H: is CDROM () I: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP66: 5/26/2013 6:42:33 PM - Installed MFL-Pro Suite RP67: 5/26/2013 6:42:46 PM - Device Driver Package Install: Brother Imaging devices RP68: 5/26/2013 6:42:58 PM - Device Driver Package Install: Brother Printers RP69: 5/28/2013 1:41:24 PM - Windows Update RP70: 5/30/2013 12:09:33 PM - Installed Novacomd RP71: 5/30/2013 12:38:56 PM - Removed Novacomd RP72: 5/30/2013 12:40:49 PM - Installed Novacomd RP73: 6/2/2013 1:10:25 AM - Installed Java 7 Update 21 RP74: 6/2/2013 2:43:28 AM - Windows Update RP75: 6/2/2013 3:53:50 AM - Revo Uninstaller's restore point - Vegas Pro 11.0 RP76: 6/2/2013 3:53:56 AM - Removed Vegas Pro 11.0 RP77: 6/2/2013 4:24:47 AM - Revo Uninstaller's restore point - SABnzbd 0.7.11 RP78: 6/2/2013 4:26:52 AM - Revo Uninstaller's restore point - µTorrent . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Reader XI (11.0.03) Air Playit 2.0.0 Arma 2 Arma 2: British Armed Forces ARMA 2: British Armed Forces - Data cache removal Arma 2: DayZ Mod Arma 2: Operation Arrowhead Arma 2: Operation Arrowhead Beta Arma 2: Private Military Company ARMA 2: Private Military Company - Data cache removal Asmedia ASM104x USB 3.0 Host Controller Driver Asmedia ASM106x SATA Host Controller Driver AVG SafeGuard toolbar Bastion Battlefield 3™ Battlelog Web Plugins BattlEye for OA Uninstall BattlEye Uninstall BioShock 2 BioShock Infinite Bonjour Brother MFL-Pro Suite MFC-685CW Company of Heroes (New Steam Version) Darksiders DarksidersInstaller DayZ Commander Dead Island ESN Sonar Far Cry 3 Blood Dragon Fraps Google Chrome Google Update Helper Hotline Miami ImgBurn Intel® Control Center Intel® Management Engine Components Intel® Network Connections 16.6.126.0 Intel® Rapid Storage Technology Intel® USB 3.0 eXtensible Host Controller Driver Intel® Trusted Connect Service Client Java 7 Update 21 Java Auto Updater League of Legends Lone Survivor Malwarebytes Anti-Malware version 1.75.0.1300 Mass Effect Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft XNA Framework Redistributable 3.1 Microsoft XNA Framework Redistributable 4.0 MSVCRT Redists Novacomd NVIDIA 3D Vision Controller Driver 314.22 NVIDIA 3D Vision Driver 314.22 NVIDIA Control Panel 314.22 NVIDIA Graphics Driver 314.22 NVIDIA HD Audio Driver 1.3.23.1 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.12.12 NVIDIA Update Components OpenAL Origin Portal Portal 2 PowerISO Proteus PS3 Media Server PunkBuster Services Realtek High Definition Audio Driver Revo Uninstaller 1.94 Search Protect by conduit Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Sleeping Dogs™ Steam TeamSpeak 3 Client TeamViewer 8 Terraria The Walking Dead Tomb Raider Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Uplay VLC media player 2.0.6 Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1) Windows Live ID Sign-in Assistant XSplit . ==== Event Viewer Messages From Past Week ======== . 5/26/2013 6:46:38 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 5/26/2013 6:46:38 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. . ==== End Of File ===========================
  8. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.21.2 Run by Roman at 6:27:54 on 2013-06-02 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8143.4523 [GMT -4:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.EXE D:\Programs\Origin\Origin.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe C:\Users\Roman\Downloads\RogueKillerX64.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\PnkBstrB.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\Roman\Downloads\mbam-setup-1.75.0.1300 (1).exe C:\Users\Roman\AppData\Local\Temp\is-CA506.tmp\mbam-setup-1.75.0.1300 (1).tmp C:\Users\Roman\Downloads\mbam-setup-1.75.0.1300 (1).exe C:\Users\Roman\AppData\Local\Temp\is-FI8P6.tmp\mbam-setup-1.75.0.1300 (1).tmp C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.conduit.com/?ctid=CT3289075&octid=CT3289075&SearchSource=61&CUI=UN14241543831393717&UM=2&UP=SPD2803DFE-A446-4E8A-A048-F6C9CF02657D mWinlogon: Userinit = userinit.exe BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file> TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [searchProtect] C:\Users\Roman\AppData\Roaming\SearchProtect\bin\cltmng.exe uRun: [{1A4FFB6D-4BDD-5CE7-E30D-51DDBE546F76}] C:\Users\Roman\AppData\Roaming\Aspah\raufo.exe mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent dRun: [searchProtect] \SearchProtect\bin\cltmng.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 TCP: NameServer = 192.168.1.1 TCP: Interfaces\{41A13EF4-47C8-4E6E-935B-F60F4A593D9F} : DHCPNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-3-10 16152] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-4-27 45856] R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-4-11 93984] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-3-10 13592] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-3-10 178344] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-3-10 161560] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008] R2 NovacomD;Palm Novacom;C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe [2011-6-24 72192] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264] R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-4-2 3560288] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-3-10 363800] R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-5-21 1015984] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752] R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-3-10 355096] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-3-10 786200] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-4-22 49152] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-10 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-11 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-11 1255736] . =============== Created Last 30 ================ . 2013-06-02 10:27:09 -------- d-----w- C:\Users\Roman\AppData\Roaming\Malwarebytes 2013-06-02 10:26:55 -------- d-----w- C:\ProgramData\Malwarebytes 2013-06-02 10:26:54 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-06-02 10:26:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-06-02 07:53:31 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2013-06-02 07:43:56 -------- d-----w- C:\Windows\SysWow64\spool 2013-06-02 07:43:56 -------- d-----w- C:\Users\Roman\AppData\Local\Sony 2013-06-02 07:09:12 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E5C7C901-7B08-4F71-AD13-1FBC3FBA8CE6}\offreg.dll 2013-06-02 06:43:38 964552 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BCDB775F-F05B-491B-84E6-E03606DC02A0}\gapaengine.dll 2013-06-02 06:43:36 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E5C7C901-7B08-4F71-AD13-1FBC3FBA8CE6}\mpengine.dll 2013-06-02 06:42:36 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2013-06-02 06:42:35 -------- d-----w- C:\Program Files\Microsoft Security Client 2013-06-02 06:39:30 -------- d-----w- C:\Users\Roman\AppData\Roaming\tor 2013-06-02 06:39:30 -------- d-----w- C:\Users\Roman\AppData\Roaming\Oqto 2013-06-02 06:39:30 -------- d-----w- C:\Users\Roman\AppData\Roaming\Aspah 2013-05-31 06:48:58 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{415F202C-A0EA-4FD0-B9F8-2DE1AEAADEE8}\mpengine.dll 2013-05-30 16:40:56 -------- d-----w- C:\Users\Roman\AppData\Roaming\JasonRobitaille 2013-05-30 16:39:00 -------- d-----w- C:\Windows\System32\appmgmt 2013-05-30 16:09:44 -------- d-----w- C:\Program Files\Palm, Inc 2013-05-29 01:02:54 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2013-05-29 01:02:54 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2013-05-29 01:02:54 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2013-05-29 01:02:54 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll 2013-05-29 01:02:54 -------- d-----w- C:\Program Files (x86)\OpenAL 2013-05-28 22:57:50 -------- d-----w- C:\Users\Roman\AppData\Roaming\NVIDIA 2013-05-27 14:53:53 -------- d-----w- C:\Windows\pss 2013-05-26 23:19:10 80896 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPP86.DLL 2013-05-26 23:19:10 27136 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPD86.DLL 2013-05-26 23:19:09 234496 ----a-w- C:\Windows\System32\CNMLM86.DLL 2013-05-26 22:51:10 -------- d-----w- C:\Users\Roman\AppData\Local\ElevatedDiagnostics 2013-05-26 22:46:02 -------- d-----r- C:\Users\Roman\AppData\Roaming\Brother 2013-05-26 22:45:22 -------- d-----w- C:\Users\Roman\AppData\Roaming\PC-FAX TX 2013-05-26 22:41:43 -------- d-----w- C:\ProgramData\Brother 2013-05-24 07:00:57 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-23 23:24:09 -------- d-----w- C:\Program Files (x86)\Common Files\BioWare 2013-05-13 15:32:05 -------- d-----w- C:\SearchProtect 2013-05-08 07:47:49 -------- d-----w- C:\Users\Roman\AppData\Roaming\LoneSurvivor 2013-05-04 20:20:42 -------- d-----w- C:\Users\Roman\AppData\Local\Ubisoft Game Launcher . ==================== Find3M ==================== . 2013-06-02 08:37:55 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2013-06-02 08:37:55 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-06-02 08:37:29 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2013-05-24 07:00:57 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-21 05:55:03 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys 2013-05-15 05:48:20 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-15 05:48:20 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-05-01 02:44:16 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2013-04-18 08:51:02 127384 ----a-w- C:\Windows\System32\drivers\scdemu.sys 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll 2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-04-04 09:35:05 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-22 10:31:19 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-03-22 10:31:19 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll 2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll 2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe 2013-03-15 04:16:18 3477280 ----a-w- C:\Windows\System32\nvsvc64.dll 2013-03-15 04:16:17 6398240 ----a-w- C:\Windows\System32\nvcpl.dll 2013-03-15 04:16:10 877856 ----a-w- C:\Windows\System32\nvvsvc.exe 2013-03-15 04:16:10 63776 ----a-w- C:\Windows\System32\nvshext.dll 2013-03-15 04:16:10 237856 ----a-w- C:\Windows\System32\nvmctray.dll 2013-03-15 02:07:52 559904 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2013-03-13 16:24:01 3065455 ----a-w- C:\Windows\System32\nvcoproc.bin 2013-03-13 04:15:22 175616 ----a-w- C:\Windows\System32\msclmd.dll 2013-03-13 04:15:22 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll . ============= FINISH: 6:28:01.19 ===============
  9. I noticed this when my GPU began crashing while playing games, as well as my CPU performance was getting hogged. Can someone please help me out?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.