asianmusicguy

I ask this question because i have gotten into te habit of ripping my discs to flac files for pc listening via foobar2000 but am worried about some discs i have and also older versions of album i may buy from amazon should i be concerned ?

which one would you recommend then all scans are clean btw

So i was looking for a software to watch blu rays on my PC and read a few places that recommended PowerDVD 15 Ultraso I went ahead and bought it from its offical link http://www.cyberlink.com/products/powerdvd-ultra/features_en_CA.htmlseemed to install fine actually eotkd smsxing well but also read tjhst im the past its been known tp be a source of adware and many faluse postibes so i wamted some trusted feedback on this software

Thamks I am running 2.1.6 my question was not as how to schedule it was more along the lines lines of recommenced settings such as the frequency

The title says it all mostly so how do i get them back or what are the most effective settings to maintain system security ?

log attached FRST.txt

Hi guys so over the last few day my cpu usage and temperature keeps staying at high levels even though i am doing basic things i always do staying at about 10/48% according yo process explore (which is not normal at all given my specs) and core temp monitor that i use is listing 55 degrees and above which is also not normal i anomaly sit at 35 degrees and lower I have already done a number of scans with Malwarebytes Pro Mslwarebytes Anti rootkit kaspersky all of which have come back with no result so i would like to know is thus a malware related issue or could it be a hardware issue or the result of a poorly configured windows update this past patch tuesday?

Message sent but if itts really to much trouble dont worry

I like the sort of Easter egg hunt but i kinda feel it should be a open sale and not limited to social media i knew about the change but honestly thpught id have more time but for lack of funds all i really need is 2 more life times not like i would horde them i just want my household covered

Thank you daledoc1 your always so helpful in reference to one "We’ll also be offering a few thousand more lifetime licenses at some point soon as a special offer, so keep an eye out!" taken from http://blog.malwarebytes.org/news/2014/03/malwarebytes-anti-malware-2-0/

first of all guys excellent job on 2.0 I recently made the jump to pr shortly before release lucky thing to though looking back I should have bought more so that brings me to my first question 1a. when will the sale for 1000 lifetime keys start? 1b, since only bought 1 life time at this time but i have myltipule pcs (I own several homwa) can i just deactive and activate on whatever pc im using whats the limit on that 2. should I activate self protection and rootkut scans as i heard there were issues in testing 3. notificationa sont seem tork all that well it only seems to tell me when database needs updateing but for things like blocks oe database secheld updates I have to look at logs 1.x used to tell me everything up front which was good

So today I fire up my computer and my backup solution failed to back up because it could not read a section in my harddrive windows forced a rest do to a critical error peer block (which i use for privacy) complained of a missing config file and a number of other things updated with logs dds.txt attach.txt

also blocking somthing markwd as Justice.gov at 204.83.71.242 I dont do anything like torrents ect im not even on any sites at the moment except making thia post

Dont know if this is related but i use peerblock strictly for pricy and protection amd today after looking into skype I was flooded with blocks both incoming and out going to 204.126.64.99

a few momentd ago I got a strange looking warning message with no idenifing marks is just said version somthing somthing I was unable to get a screenshot it may have been somthing legitimate because it has only appeard that one time all scans appear normal including MBAR added logs for refernce attach.txt dds.txt

just a little bump to be seen

DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16483 Run by Branden at 11:58:35 on 2013-06-12 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.2814.1480 [GMT -2.5:30] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275} FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\HitmanPro\hmpsched.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\LSI SoftModem\agr64svc.exe C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Microsoft LifeCam\MSCamS64.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe C:\Windows\system32\taskeng.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\PeerBlock\peerblock.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\COMODO\COMODO Internet Security\cis.exe C:\Windows\system32\taskeng.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE C:\Windows\splwow64.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve mWinlogon: Userinit = userinit.exe BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe mRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" dRunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 TCP: NameServer = 24.222.0.94 24.222.0.95 TCP: Interfaces\{67FEBE72-D610-4A8D-B371-F8EE823A48FE} : DHCPNameServer = 24.222.0.94 24.222.0.95 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background x64-Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\66mx9q6i.default\ FF - plugin: C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll FF - plugin: C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Users\Branden\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - ExtSQL: 2013-05-08 00:24; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF FF - ExtSQL: 2013-05-08 01:04; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\66mx9q6i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-05-08 01:05; {73a6fe31-595d-460b-a920-fcc0f8843232}; C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\66mx9q6i.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF - ExtSQL: 2013-05-08 01:06; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\66mx9q6i.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-5-8 65336] R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-5-8 189936] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-5-8 1025808] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-5-8 378432] R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-4-15 23168] R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-4-15 706560] R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-4-15 48360] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-5-8 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-5-8 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-10 46808] R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-6-4 2095752] R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2013-5-8 109352] R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-5-8 239176] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-5-20 36720] R3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2013-5-8 24176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-4-15 158928] S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms [2009-9-17 23536] S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-8 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-8 1255736] . =============== File Associations =============== . FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [userChoice] . =============== Created Last 30 ================ . 2013-06-11 21:09:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-11 21:09:55 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-11 14:02:21 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D457CDEF-CEB6-4F50-BCC1-892EAFA6FB68}\mpengine.dll 2013-06-05 14:19:39 56072 ----a-w- C:\Windows\System32\certsentry.dll 2013-06-05 14:19:39 47368 ----a-w- C:\Windows\SysWow64\certsentry.dll 2013-06-04 19:48:35 -------- d-----w- C:\Users\Branden\AppData\Roaming\foobar2000 2013-06-04 19:48:19 -------- d-----w- C:\Program Files (x86)\foobar2000 2013-06-04 00:50:08 -------- d-----w- C:\Users\Branden\AppData\Local\Diagnostics 2013-05-29 16:18:17 -------- d-----w- C:\Users\Branden\AppData\Local\fontconfig 2013-05-29 16:18:14 -------- d-----w- C:\Users\Branden\AppData\Local\gegl-0.2 2013-05-29 16:18:14 -------- d-----w- C:\Users\Branden\.gimp-2.8 2013-05-29 16:13:27 -------- d-----w- C:\Program Files\GIMP 2 2013-05-28 18:56:08 -------- d-----w- C:\Music 2013-05-28 16:45:22 -------- d-----w- C:\Users\Branden\AppData\Roaming\DVD Flick 2013-05-28 16:44:30 40960 ----a-w- C:\Windows\SysWow64\ssubtmr6.dll 2013-05-28 16:44:29 662288 ----a-w- C:\Windows\SysWow64\mscomct2.ocx 2013-05-28 16:44:29 609824 ----a-w- C:\Windows\SysWow64\comctl32.ocx 2013-05-28 16:44:29 36864 ----a-w- C:\Windows\SysWow64\trayicon_handler.ocx 2013-05-28 16:44:29 28672 ----a-w- C:\Windows\SysWow64\mousewheel.ocx 2013-05-28 16:44:29 212240 ----a-w- C:\Windows\SysWow64\richtx32.ocx 2013-05-28 16:44:29 164144 ----a-w- C:\Windows\SysWow64\comct232.ocx 2013-05-28 16:44:29 1081616 ----a-w- C:\Windows\SysWow64\mscomctl.ocx 2013-05-28 16:44:28 -------- d-----w- C:\Program Files (x86)\DVD Flick 2013-05-26 21:08:16 -------- d-----w- C:\Program Files (x86)\BurnAware Free 2013-05-24 22:52:33 -------- d-----w- C:\Users\Branden\AppData\Roaming\SynthMaker 2013-05-24 22:52:26 -------- d-----w- C:\Users\Branden\AppData\Roaming\Acoustica 2013-05-24 22:50:30 -------- d-----w- C:\Program Files (x86)\VST 2013-05-24 22:49:53 -------- d-----w- C:\ProgramData\Acoustica 2013-05-24 22:49:53 -------- d-----w- C:\Program Files (x86)\Acoustica Mixcraft 6 2013-05-21 23:49:24 -------- d-----w- C:\Users\Branden\AppData\Roaming\Screaming Bee 2013-05-21 23:49:24 -------- d-----w- C:\Program Files (x86)\Common Files\Screaming Bee 2013-05-21 23:48:54 -------- d-----w- C:\ProgramData\Screaming Bee 2013-05-21 23:28:41 -------- d-----w- C:\Program Files (x86)\Audacity 2013-05-21 20:57:39 -------- d-----w- C:\Users\Branden\AppData\Roaming\Canneverbe Limited 2013-05-21 20:57:39 -------- d-----w- C:\ProgramData\Canneverbe Limited 2013-05-21 19:14:24 -------- d-----w- C:\cd images 2013-05-18 17:53:49 -------- d-----w- C:\Users\Branden\AppData\Local\TSVNCache 2013-05-17 17:01:07 -------- d-----w- C:\Users\Branden\AppData\Roaming\TortoiseSVN 2013-05-17 16:58:10 -------- d-----w- C:\work 2013-05-17 16:58:06 -------- d-----w- C:\Users\Branden\AppData\Roaming\Subversion 2013-05-17 16:53:24 -------- d-----w- C:\Program Files (x86)\Common Files\TortoiseOverlays 2013-05-17 16:53:19 -------- d-----w- C:\Program Files\TortoiseSVN 2013-05-17 16:53:19 -------- d-----w- C:\Program Files\Common Files\TortoiseOverlays 2013-05-17 16:51:36 -------- d-----w- C:\Users\Branden\AppData\Roaming\Unity 2013-05-17 15:16:24 -------- d-----w- C:\Users\Branden\AppData\Roaming\PACE Anti-Piracy 2013-05-17 15:16:24 -------- d-----w- C:\Users\Branden\AppData\Local\PACE Anti-Piracy 2013-05-17 15:16:24 -------- d-----w- C:\ProgramData\PACE Anti-Piracy 2013-05-17 15:09:45 -------- d-----w- C:\Users\Branden\AppData\Local\Unity 2013-05-17 15:02:33 -------- d-----w- C:\Program Files (x86)\Unity 2013-05-15 21:48:41 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-15 21:48:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-05-15 19:51:32 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-05-15 19:51:32 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-05-15 19:51:32 144384 ----a-w- C:\Windows\System32\cdd.dll 2013-05-15 19:51:05 1930752 ----a-w- C:\Windows\System32\authui.dll 2013-05-15 19:51:03 111448 ----a-w- C:\Windows\System32\consent.exe 2013-05-15 19:51:02 70144 ----a-w- C:\Windows\System32\appinfo.dll 2013-05-15 19:51:02 1796096 ----a-w- C:\Windows\SysWow64\authui.dll 2013-05-15 19:50:28 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll 2013-05-15 19:50:28 230400 ----a-w- C:\Windows\System32\wwansvc.dll 2013-05-15 19:50:25 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-05-14 19:21:05 -------- d--h--w- C:\VTRoot 2013-05-14 17:41:24 -------- d-----w- C:\ProgramData\Shared Space 2013-05-13 18:51:14 -------- d-----w- C:\Users\Branden\AppData\Local\ElevatedDiagnostics 2013-05-13 17:36:24 248320 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfpp70v.dll 2013-05-13 17:32:18 -------- d-----w- C:\Program Files (x86)\Common Files\HP 2013-05-13 17:32:01 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard 2013-05-13 17:31:30 136704 ----a-w- C:\Windows\System32\hpf3l70v.dll 2013-05-13 17:29:09 642360 ----a-w- C:\Windows\System32\hpzids40.dll 2013-05-13 17:29:09 551424 ----a-w- C:\Windows\System32\hppldcoi.dll 2013-05-13 17:29:08 880640 ----a-w- C:\Windows\System32\hposwia_d02c.dll 2013-05-13 17:29:08 748544 ----a-w- C:\Windows\System32\hpost_d02c.dll 2013-05-13 17:29:08 515072 ----a-w- C:\Windows\System32\hposc_d02a.dll . ==================== Find3M ==================== . 2013-05-11 01:08:06 18760 ----a-w- C:\Windows\SysWow64\QQVistaHelper.dll 2013-05-09 08:59:07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-05-09 08:59:07 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-05-09 08:59:07 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-05-09 08:59:07 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-05-09 08:59:06 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-05-09 08:58:37 41664 ----a-w- C:\Windows\avastSS.scr 2013-05-08 21:16:29 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2013-05-08 21:16:28 175616 ----a-w- C:\Windows\System32\msclmd.dll 2013-05-02 04:36:08 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-23 17:34:12 437176 ----a-w- C:\Windows\System32\guard64.dll 2013-04-23 17:34:12 348048 ----a-w- C:\Windows\SysWow64\guard32.dll 2013-04-15 21:08:54 48360 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys 2013-04-15 21:08:52 706560 ----a-w- C:\Windows\System32\drivers\cmdguard.sys 2013-04-15 21:08:52 23168 ----a-w- C:\Windows\System32\drivers\cmderd.sys 2013-04-15 21:08:40 43216 ----a-w- C:\Windows\System32\cmdcsr.dll 2013-04-15 21:08:30 45776 ----a-w- C:\Windows\System32\cmdkbd64.dll 2013-04-15 21:08:30 343760 ----a-w- C:\Windows\System32\cmdvrt64.dll 2013-04-15 21:08:26 40656 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll 2013-04-15 21:08:26 276688 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-05 01:08:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-04-05 01:00:30 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-04-05 00:59:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-04-05 00:56:16 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-04-05 00:55:47 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-04-04 22:11:34 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-04-04 22:02:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-04-04 22:02:17 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-04-04 21:58:51 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-04-04 21:57:45 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-04-04 17:20:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-30 00:12:42 3379272 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys 2013-03-29 20:34:04 21170176 ----a-w- C:\Windows\System32\RCoRes64.dat 2013-03-27 19:27:08 135240 ----a-w- C:\Windows\System32\RCoInstII64.dll 2013-03-26 19:36:30 2797128 ----a-w- C:\Windows\System32\RtPgEx64.dll 2013-03-26 19:34:40 2734624 ----a-w- C:\Windows\System32\FMAPO64.dll 2013-03-26 18:10:04 3693128 ----a-w- C:\Windows\System32\RtkAPO64.dll 2013-03-26 17:08:02 1659464 ----a-w- C:\Windows\System32\RTSnMg64.cpl 2013-03-23 06:13:22 208072 ----a-w- C:\Windows\System32\AERTAC64.dll 2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe . ============= FINISH: 12:00:22.07 ===============

# AdwCleaner v2.303 - Logfile created 06/12/2013 at 11:40:23 # Updated 08/06/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Branden - BRANDEN-PC # Boot Mode : Normal # Running from : C:\Users\Branden\Downloads\AdwCleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk Folder Found : C:\Program Files (x86)\Common Files\Tencent Folder Found : C:\Program Files (x86)\Tencent Folder Found : C:\Users\Branden\AppData\Roaming\Tencent ***** [Registry] ***** Key Found : HKCU\Software\APN PIP Key Found : HKCU\Software\TENCENT Key Found : HKLM\Software\PIP Key Found : HKLM\Software\TENCENT ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16483 [OK] Registry is clean. -\\ Mozilla Firefox v21.0 (en-US) File : C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\66mx9q6i.default\prefs.js [OK] File is clean. ************************* AdwCleaner[R2].txt - [1053 octets] - [12/06/2013 11:40:23] ########## EOF - C:\AdwCleaner[R2].txt - [1113 octets] ########## NOTE: i know about tencent ir ia in relaction to QQ internatiol a program I use to chat with friends overseas but I am consired about the others

to be clear nonr of my regular scans are detecting anything put on a whim today i ran a adwclearner snd it found this APN PIP on the registry any ideas? let me know if we should run the cleaning process and i will post logs

DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.13.2 Run by Branden at 11:42:36 on 2013-02-10 Microsoft Windows 7 Professional 6.1.7601.1.1252.2.1033.18.16334.13520 [GMT -7:00] . AV: Kaspersky PURE 2.0 *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984} SP: Kaspersky PURE 2.0 *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky PURE 2.0 *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\HitmanPro\hmpsched.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe C:\Program Files\Microsoft LifeCam\MSCamS64.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files\Core Temp\Core Temp.exe C:\Program Files\PeerBlock\peerblock.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Skype\Phone\Skype.exe C:\work based software\unity\Unity.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe uRun: [Power2GoExpress] NA uRun: [Google Update] "C:\Users\Branden\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe" mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{E4C4F02E-E845-4536-B6EB-A83806C78A51} : DHCPNameServer = 192.168.0.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome IFEO: taskmgr.exe - "C:\PROGRAM FILES\PROCESSEXPLORER\PROCEXP.EXE" x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll x64-BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" x64-Run: [intelliType Pro] "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" x64-Run: [intelliPoint] "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: klogon - C:\Windows\System32\klogon.dll x64-SSODL: WebCheck - <orphaned> x64-IFEO: taskmgr.exe - "C:\PROGRAM FILES\PROCESSEXPLORER\PROCEXP.EXE" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\gehetauq.default-1360188354900\ FF - plugin: C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll FF - plugin: C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Users\Branden\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: C:\Users\Branden\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Users\Branden\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Branden\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-02-06 15:09; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\gehetauq.default-1360188354900\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-02-06 15:10; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\gehetauq.default-1360188354900\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - ExtSQL: 2013-02-06 15:10; {73a6fe31-595d-460b-a920-fcc0f8843232}; C:\Users\Branden\AppData\Roaming\Mozilla\Firefox\Profiles\gehetauq.default-1360188354900\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi . ============= SERVICES / DRIVERS =============== . R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\drivers\CSCrySec.sys [2012-9-7 85048] R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2012-9-8 155272] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-5-20 19264] R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2012-9-8 1093256] R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2012-9-8 228488] R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2012-9-8 166024] R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\drivers\CSVirtualDiskDrv.sys [2012-9-7 66104] R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2011-10-20 13616] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2011-3-10 29488] R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-9-8 3696632] R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-9-8 920736] R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-9-8 951936] R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-9-8 149120] R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [2011-12-24 202296] R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992] R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-9-8 233328] R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2012-9-8 108904] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-9-8 13632] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416] R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-8-18 7017888] R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2012-9-8 367200] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752] R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-5-20 357184] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-5-20 789824] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-12-13 36720] R3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2012-9-8 24176] R3 RTCore64;RTCore64;C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [2012-6-29 15176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-12 19456] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-12 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-12 30208] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-8 1255736] . =============== Created Last 30 ================ . 2013-02-09 00:07:48 -------- d-----w- C:\Program Files (x86)\Infamous Quests 2013-02-08 20:10:27 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D77C0501-9CA2-48A9-82D1-AE20B628CF24}\mpengine.dll 2013-02-05 20:13:29 -------- d-----w- C:\Program Files (x86)\LibreOffice 3.6 2013-02-05 19:27:06 -------- d-----r- C:\Program Files (x86)\Skype 2013-02-04 20:49:26 61440 ----a-r- C:\Users\Branden\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut2_E88611396FF84AFCB2EE5C1594058E02.exe 2013-02-04 20:49:26 61440 ----a-r- C:\Users\Branden\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\ARPPRODUCTICON.exe 2013-02-04 20:49:26 106496 ----a-r- C:\Users\Branden\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut311_0951773981FA4AB2BC21B7DCEC95892A.exe 2013-02-04 20:49:26 106496 ----a-r- C:\Users\Branden\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut1_EDD4ABB1C1B34A9D84CE33FBFB5D3639.exe 2013-02-04 20:49:24 -------- d-----w- C:\Program Files (x86)\Tencent 2013-02-04 20:36:56 -------- d-----w- C:\Users\Branden\AppData\Roaming\Tencent 2013-02-03 20:11:59 -------- d-----w- C:\Users\Branden\Doctor Web 2013-02-01 23:42:52 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-01-11 20:31:52 -------- d-----w- C:\Users\Branden\.MakeMKV 2013-01-11 20:31:45 -------- d-----w- C:\Program Files (x86)\MakeMKV . ==================== Find3M ==================== . 2013-02-07 23:27:16 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-07 23:27:16 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-04 20:36:53 18760 ----a-w- C:\Windows\SysWow64\QQVistaHelper.dll 2013-02-01 23:42:50 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-02-01 23:42:50 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-01-17 08:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe 2012-12-29 09:54:24 550328 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-12-29 08:40:27 6382008 ----a-w- C:\Windows\System32\nvcpl.dll 2012-12-29 08:40:27 3455416 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-12-29 08:40:11 2923201 ----a-w- C:\Windows\System32\nvcoproc.bin 2012-12-29 08:40:09 884152 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-12-29 08:40:09 63928 ----a-w- C:\Windows\System32\nvshext.dll 2012-12-29 08:40:09 118712 ----a-w- C:\Windows\System32\nvmctray.dll 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-14 23:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll 2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll 2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll 2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs 2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs 2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs 2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs 2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs 2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs 2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs 2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs 2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs 2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs 2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs 2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs 2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs 2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs 2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll 2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe 2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys 2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe 2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll 2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll 2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 11:42:48.15 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 07/09/2012 7:57:31 AM System Uptime: 10/02/2013 11:00:36 AM (0 hours ago) . Motherboard: ASUSTeK COMPUTER INC. | | P8Z77-V PRO/THUNDERBOLT Processor: Intel® Core i7-3770K CPU @ 3.50GHz | LGA1155 | 3501/103mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 223 GiB total, 34.653 GiB free. D: is CDROM () E: is FIXED (NTFS) - 149 GiB total, 110.996 GiB free. F: is FIXED (NTFS) - 932 GiB total, 547.684 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Atheros AR9485 Wireless Network Adapter Device ID: PCI\VEN_168C&DEV_0032&SUBSYS_850D1043&REV_01\4&3927C719&0&00E7 Manufacturer: Atheros Communications Inc. Name: Atheros AR9485 Wireless Network Adapter PNP Device ID: PCI\VEN_168C&DEV_0032&SUBSYS_850D1043&REV_01\4&3927C719&0&00E7 Service: athr . ==== System Restore Points =================== . RP128: 01/02/2013 4:42:41 PM - Installed Java 7 Update 13 RP129: 05/02/2013 12:10:26 PM - Windows Update RP130: 05/02/2013 12:23:27 PM - Removed Skype™ 6.1 RP131: 05/02/2013 1:12:04 PM - Installed LibreOffice 3.6 RP132: 08/02/2013 1:10:21 PM - Windows Update . ==== Installed Programs ====================== . Acoustica Mixcraft 6 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin AI Suite II Apple Application Support Apple Mobile Device Support Apple Software Update Asmedia ASM104x USB 3.0 Host Controller Driver Blackwell Deception version 1.0 Blackwell Legacy v1.4 Blackwell Unbound Bonjour Broken Sword - Director's Cut Broken Sword - The Angel of Death Broken Sword - The Sleeping Dragon CCleaner CDBurnerXP Cognition - Episode 1 version 1 Combined Community Codec Pack 2012-12-30 Core Temp 1.0 RC3 CyberLink Power2Go Dreamfall - The Longest Journey DVD Shrink 3.2 EVGA Precision X 3.0.3 FileZilla Client 3.6.0.2 foobar2000 v1.1.18 FormatFactory 3.0.1 Foxit Reader Fraps (remove only) GIMP 2.8.2 GOG.com Downloader version 3.3.5 Google Chrome Google Talk Plugin Google Update Helper Gray Matter 1.0 HitmanPro 3.7 ImgBurn Intel® Network Connections 17.0.200.2 Intel® Rapid Storage Technology Intel® USB 3.0 eXtensible Host Controller Driver iTunes Java 7 Update 13 Java Auto Updater Kaspersky PURE 2.0 King's Quest 4+5+6 King's Quest 7-8 LibreOffice 3.6 MakeMKV v1.7.10 Malwarebytes Anti-Malware version 1.70.0.1100 Max Payne 3 Microsoft .NET Compact Framework 2.0 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Corporation Microsoft LifeCam Microsoft Mouse and Keyboard Center Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Movie Maker 6.0 for Windows 7 (64-bit) Mozilla Firefox 18.0.2 (x86 en-US) Mozilla Maintenance Service Mozilla Thunderbird 17.0.2 (x86 en-US) NVIDIA 3D Vision Controller Driver 310.90 NVIDIA 3D Vision Driver 310.90 NVIDIA Control Panel 310.90 NVIDIA Graphics Driver 310.90 NVIDIA HD Audio Driver 1.3.18.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components OpenAL PeerBlock 1.1 (r518) Police Quest 1+2+3+4 Qualcomm Atheros WiFi Driver Installation Quest for Glory Pack Quest for Infamy Demo 2 Realtek High Definition Audio Driver Resonance version 1.0 Revo Uninstaller 1.94 Rockstar Games Social Club ScummVM 1.5.0 Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Skype™ 6.1 Steam Still Life Still Life 2 Syberia Syberia 2 Tencent QQ The Elder Scrolls V: Skyrim The Last Express The Longest Journey The Silver Lining The Whispered World TortoiseSVN 1.7.9.23248 (64 bit) Trillian True Image 2013 Unity Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) v1.0 VLC media player 2.0.5 Wing Commander 1 and 2 Wing Commander III - Heart of the Tiger Wing Commander IV Wing Commander Privateer Wing Commander Saga 1.0.2.7795 Wing Commander Saga 1.1.0.7822 WinRAR 4.20 (64-bit) XnView 1.99.6 . ==== Event Viewer Messages From Past Week ======== . 10/02/2013 10:12:07 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 10/02/2013 10:11:37 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 10/02/2013 10:11:37 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. . ==== End Of File =========================== also had help here http://forums.malwarebytes.org/index.php?showtopic=122099&st=0&p=642805entry642805 may be related not sure can somone please help?

alsomy internet connection stoped for a moment refreshed and came back may just be unrelated but peerblock which i useas another layer of protection i relize its commonly asscoied with torrents but can be a very helpful as i firewall aswell it came up with a bloxked ip of 38.113.165.83 im i beig parnoid or what

I ddontt think that program workd still have C:\JRT and a few logs laying arould can i manually delete and what else should i look for?

should i run anympre scans? just to note my drive is a SSD and i ran a java update check that is the most recent update

esults of screen317's Security Check version 0.99.57 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! Kaspersky PURE 2.0 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Java 7 Update 13 Java version out of Date! Adobe Flash Player 11.5.502.146 Mozilla Firefox (18.0.1) Mozilla Thunderbird (17.0.2) Google Chrome 24.0.1312.52 Google Chrome 24.0.1312.57 ````````Process Check: objlist.exe by Laurent```````` Kaspersky Lab Kaspersky PURE 2.0 avp.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 22% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log`````````````````````` seems pk now i can acess google just fine atm

SETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=8 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6889 # api_version=3.0.2 # EOSSerial=a36b9c1817a44947a34462f60cd280e9 # end=finished # remove_checked=false # archives_checked=false # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-02-05 01:34:28 # local_time=2013-02-04 06:34:28 (-0700, Mountain Standard Time) # country="Canada" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776573 100 94 0 111571518 0 0 # scanned=316554 # found=0 # cleaned=0 # scan_time=1318