slow booting after pc crash

[sajiudx]

My pc crashed 2 week ago, then it went into window repair...but the pc unable to complete repair.

So i had to cancelled it through force shutdown. Now it takes time to enter window.

Because of this, i unsure whether this is hardware or software problem, that why i required your assistance

Your help is much appreciated.

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7600.16385

BrowserJavaVersion: 10.7.2

Run by user at 11:54:17 on 2013-02-21

Microsoft Windows 7 Ultimate

6.1.7600.0.1252.1.1033.18.5609.4066 [GMT 8:00]

.

AV: Microsoft Security Essentials *Enabled/Updated*

{108DAC43-C256-20B7-BB05-914135DA5160}

AV: Bitdefender Antivirus Free Edition

*Disabled/Updated* {9B5F5313-CAF9-DD97-C460-

E778420237B4}

SP: Microsoft Security Essentials *Enabled/Updated*

{ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-

831F-4fae-9E44-DA132C1ACF46}

SP: Bitdefender Antivirus Free Edition

*Disabled/Updated* {203EB2F7-ECC3-D219-FED0-

DC0A39857D09}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\Bitdefender\Antivirus Free Edition

\gzserv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client

\Antimalware\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k

LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k

LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey

\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX

\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k

LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\ArcSoft

\Connection Service\Bin\ACService.exe

C:\Program Files (x86)\Bluetooth Suite

\adminservice.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Bluetooth Suite

\Ath_CoexAgent.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k

NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Bitdefender\Antivirus Free Edition

\gziface.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey

\HControl.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Internet Download Manager

\IDMan.exe

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey

\ATKOSD.exe

C:\Program Files (x86)\Internet Download Manager

\IEMonitor.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey

\WDC.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\ATK Package

\ATKOSD2\ATKOSD2.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k

LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k

LocalServicePeerNet

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Google\Chrome\Application

\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application

\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application

\chrome.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF

\PresentationFontCache.exe

C:\Program Files\Microsoft Security Client

\Antimalware\MpCmdRun.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://isearch.babylon.com/?

affID=116417&tt=4412_7&babsrc=HP_ss&mntrId=0ce2c0f300

0000000000446d571f31f1

mStart Page = about:blank

BHO: IDM integration (IDMIEHlprObj Class): {0055C089

-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files

(x86)\Internet Download Manager\IDMIECC.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596

-FA578C2EBDC3} - C:\Program Files (x86)\Common Files

\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-

B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft

Office\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-

462C-B6EB-D4DAF1D92D43} - C:\Program Files

(x86)\Java\jre7\bin\ssv.dll

BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-

11AC1FDF8126} - C:\Program Files (x86)\Bluetooth

Suite\IEPlugIn.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-

4959-BA22-42B3008E02FF} - C:\Program Files

(x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-

435b-BC74-9C25C1C588A9} - C:\Program Files

(x86)\Java\jre7\bin\jp2ssv.dll

uRun: [iDMan] C:\Program Files (x86)\Internet

Download Manager\IDMan.exe /onboot

uRun: [Media Finder] "C:\Program Files (x86)\Media

Finder\Media Finder.exe" /opentotray

uRun: [bitTorrent] "C:\Program Files

(x86)\BitTorrent\BitTorrent.exe" /MINIMIZED

mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO

\PWRISOVM.EXE -startup

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin =

dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows

\System32\GPhotos.scr/200

IE: Download all links with IDM - C:\Program Files

(x86)\Internet Download Manager\IEGetAll.htm

IE: Download with &Media Finder - C:\Program Files

(x86)\Media Finder\hook.html

IE: Download with IDM - C:\Program Files

(x86)\Internet Download Manager\IEExt.htm

IE: E&xport to Microsoft Excel - C:

\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:

\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} -

{48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program

Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} -

{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program

Files (x86)\Bluetooth Suite\IEPlugIn.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -

{FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program

Files (x86)\Microsoft Office

\Office14\ONBttnIELinkedNotes.dll

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{32498716-D209-4FE4-8C2B-

0F8472C19CBA} : DHCPNameServer = 203.92.128.151

203.92.128.189

TCP: Interfaces\{4CC444E9-7F75-4A72-A84A-

3CCE16D22D15} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{4CC444E9-7F75-4A72-A84A-

3CCE16D22D15}\031343533393638343530457E6966696 :

DHCPNameServer = 192.168.0.1

TCP: Interfaces\{4CC444E9-7F75-4A72-A84A-

3CCE16D22D15}\036453238314 : DHCPNameServer =

122.255.99.228 122.255.99.236

TCP: Interfaces\{4CC444E9-7F75-4A72-A84A-

3CCE16D22D15}\16C616C69636166656 : DHCPNameServer =

192.168.0.1

TCP: Interfaces\{4CC444E9-7F75-4A72-A84A-

3CCE16D22D15}\84F4453505F445053423B41313 :

DHCPNameServer = 202.188.0.133 202.188.0.133

TCP: Interfaces\{DE8942EA-F55E-4E88-8361-

BC8A4972BCB1} : DHCPNameServer = 122.255.99.236

122.255.99.228

TCP: Interfaces\{F6B9B6F0-8C44-4552-A35E-

4A8BFBA60999} : DHCPNameServer = 192.168.0.1

Filter: text/xml - {807573E5-5146-11D5-A672-

00B0D022E945} - C:\Program Files (x86)\Common Files

\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6

-4420-B3BA-52453494E6CD} - C:\Program Files

(x86)\Microsoft Office\Office14\GROOVEEX.DLL

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} -

"C:\Program Files (x86)\Google\Chrome\Application

\24.0.1312.57\Installer\chrmstp.exe" --configure-

user-settings --verbose-logging --system-level --

multi-install --chrome

x64-mStart Page = about:blank

x64-BHO: IDM integration (IDMIEHlprObj Class):

{0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program

Files (x86)\Internet Download Manager\IDMIECC64.dll

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-

4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft

Office\Office14\GROOVEEX.DLL

x64-BHO: Office Document Cache Handler: {B4F3A835-

0E21-4959-BA22-42B3008E02FF} - C:\Program Files

\Microsoft Office\Office14\URLREDIR.DLL

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} -

{48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program

Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -

{FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program

Files\Microsoft Office

\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-

00B0D022E945} - C:\Program Files\Common Files

\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-

DDA6-4420-B3BA-52453494E6CD} - C:\Program Files

\Microsoft Office\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\user\AppData\Roaming

\Mozilla\Firefox\Profiles\3pizur87.default\

FF - prefs.js: browser.search.selectedEngine - Search

the web (Babylon)

FF - prefs.js: browser.startup.homepage -

hxxp://isearch.babylon.com/?

affID=116417&tt=4412_7&babsrc=HP_ss&mntrId=0ce2c0f300

0000000000446d571f31f1

FF - plugin: C:

\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:

\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Google

\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update

\1.3.21.124\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin

\plugin2\npjp2.dll

FF - plugin: C:\Users\user\AppData\Roaming\Mozilla

\Firefox\Profiles\3pizur87.default\extensions

\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\plugins\np-

mswmp.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash

\NPSWF32_11_5_502_146.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl -

hxxp://search.babylon.com/?

babsrc=TB_def&mntrId=0ce2c0f3000000000000446d571f31f1

&q=

FF - user.js: extensions.BabylonToolbar.id -

0ce2c0f3000000000000446d571f31f1

FF - user.js: extensions.BabylonToolbar.appId -

{BDB69379-802F-4eaf-B541-F8DE92DD98DB}

FF - user.js: extensions.BabylonToolbar.instlDay -

15647

FF - user.js: extensions.BabylonToolbar.vrsn -

1.8.3.8

FF - user.js: extensions.BabylonToolbar.vrsni -

1.8.3.8

FF - user.js: extensions.BabylonToolbar_i.vrsnTs -

1.8.3.82:15:43

FF - user.js: extensions.BabylonToolbar.prtnrId -

babylon

FF - user.js: extensions.BabylonToolbar.prdct -

BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp -

none

FF - user.js: extensions.BabylonToolbar.tlbrId - base

FF - user.js: extensions.BabylonToolbar.instlRef -

sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr -

false

FF - user.js: extensions.BabylonToolbar.admin - false

.

============= SERVICES / DRIVERS ===============

.

R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys

[2013-2-11 705552]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files

(x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

[2011-9-7 17536]

R1 bdfwfpf;bdfwfpf;C:\Program Files\BitDefender

\Antivirus Free Edition\bdfwfpf.sys [2013-2-11

107080]

R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys

[2013-2-11 147232]

R1 MpFilter;Microsoft Malware Protection Driver;C:

\Windows\System32\drivers\MpFilter.sys [2011-4-18

189440]

R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe

[2012-6-25 379520]

R2 AMD External Events Utility;AMD External Events

Utility;C:\Windows\System32\atiesrxx.exe [2012-6-12

235520]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK

Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 AtherosSvc;AtherosSvc;C:\Program Files

(x86)\Bluetooth Suite\AdminService.exe [2011-9-30

105120]

R2 gzserv;Bitdefender Antivirus Free Edition;C:

\Program Files\BitDefender\Antivirus Free Edition

\gzserv.exe [2013-2-11 30240]

R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers

\idmwfp.sys [2012-4-23 154272]

R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex

Agent;C:\Program Files (x86)\Bluetooth Suite

\Ath_CoexAgent.exe [2011-9-30 158880]

R3 AthBTPort;Atheros Virtual Bluetooth Class;C:

\Windows\System32\drivers\btath_flt.sys [2011-9-30

36000]

R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys

[2013-2-11 545064]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows

\System32\drivers\btath_a2dp.sys [2011-9-30 330912]

R3 btath_avdt;Atheros Bluetooth AVDT Service;C:

\Windows\System32\drivers\btath_avdt.sys [2011-9-30

110240]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows

\System32\drivers\btath_bus.sys [2011-9-30 30368]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:

\Windows\System32\drivers\btath_hcrp.sys [2011-9-30

167584]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows

\System32\drivers\btath_lwflt.sys [2011-9-30 68256]

R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows

\System32\drivers\btath_rcp.sys [2011-9-30 280992]

R3 BtFilter;BtFilter;C:\Windows\System32\drivers

\btfilter.sys [2011-9-30 519328]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows

\System32\drivers\Rt64win7.sys [2012-6-25 452200]

S2 MBAMScheduler;MBAMScheduler;C:\Program Files

(x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

[2013-2-14 398184]

S2 MBAMService;MBAMService;C:\Program Files

(x86)\Malwarebytes' Anti-Malware\mbamservice.exe

[2013-2-14 682344]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing

Service 64;C:\Program Files\Common Files\Macrovision

Shared\FLEXnet Publisher\FNPLicensingService64.exe

[2012-2-28 1030600]

S3 MBAMProtector;MBAMProtector;C:\Windows

\System32\drivers\mbam.sys [2013-2-14 24176]

S3 MpNWMon;Microsoft Malware Protection Network

Driver;C:\Windows\System32\drivers\MpNWMon.sys [2011

-4-18 40832]

S3 NisDrv;Microsoft Network Inspection System;C:

\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27

84864]

S3 NisSrv;Microsoft Network Inspection;C:\Program

Files\Microsoft Security Client\Antimalware

\NisSrv.exe [2011-4-27 288272]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:

\Windows\System32\drivers\RtsUStor.sys [2012-6-25

250984]

S3 SwitchBoard;SwitchBoard;C:\Program Files

(x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

[2010-2-19 517096]

S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows

\System32\drivers\taphss6.sys [2012-11-2 40712]

S3 tpfiltdev;TP-LINK USB Filter Device;C:\Windows

\System32\drivers\tpfiltdev.sys [2012-9-6 7424]

S3 tpusbnet;TP-LINK USB-NDIS miniport Driver;C:

\Windows\System32\drivers\tpusbnet.sys [2012-9-6

154112]

S3 tpusbser;TP-LINK USB Device for Legacy Serial

Communication Driver;C:\Windows\System32\drivers

\tpusbser.sys [2012-9-6 123648]

.

=============== File Associations ===============

.

FileExt: .scr: AutoCADScriptFile=C:\Windows

\System32\notepad.exe "%1"

ShellExec: dreamweaver.exe: Open="C:\Program Files

(x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe",

"%1"

.

=============== Created Last 30 ================

.

2013-02-21 03:45:15 76232 ----a-w- C:

\ProgramData\Microsoft\Microsoft Antimalware

\Definition Updates\{726C1190-3576-4CF5-A184-

27442DA2D78F}\offreg.dll

2013-02-14 16:37:46 972264 ----a-w- C:

\ProgramData\Microsoft\Microsoft Antimalware

\Definition Updates\{78A222D1-6C5B-418B-BC1E-

76BD6FC41387}\gapaengine.dll

2013-02-14 16:37:06 9161176 ----a-w- C:

\ProgramData\Microsoft\Microsoft Antimalware

\Definition Updates\{726C1190-3576-4CF5-A184-

27442DA2D78F}\mpengine.dll

2013-02-14 00:43:01 -------- d-----w-

C:\Users\user\AppData\Roaming\Malwarebytes

2013-02-14 00:42:34 -------- d-----w-

C:\ProgramData\Malwarebytes

2013-02-14 00:42:31 24176 ----a-w- C:

\Windows\System32\drivers\mbam.sys

2013-02-14 00:42:31 -------- d-----w-

C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-02-14 00:42:19 -------- d-----w-

C:\Users\user\AppData\Local\Programs

2013-02-12 09:15:22 -------- d-sh--w-

C:\$RECYCLE.BIN

2013-02-11 12:31:16 260544 ----a-w- C:

\Windows\System32\drivers\avchv.sys

2013-02-11 07:15:22 464917 ----a-w- C:

\ProgramData\1360549202.bdinstall.bin

2013-02-11 03:41:53 705552 ----a-w- C:

\Windows\System32\drivers\avc3.sys

2013-02-11 03:41:53 545064 ----a-w- C:

\Windows\System32\drivers\avckf.sys

2013-02-11 02:21:15 -------- d-----w-

C:\Users\user\AppData\Roaming\QuickScan

2013-02-11 02:20:36 350160 ----a-w- C:

\Windows\System32\drivers\trufos.sys

2013-02-11 02:20:34 147232 ----a-w- C:

\Windows\System32\drivers\gzflt.sys

2013-02-11 00:00:34 30727 ----a-w- C:

\ProgramData\1360540820.bdinstall.bin

2013-02-10 23:57:17 30860 ----a-w- C:

\ProgramData\1360540606.bdinstall.bin

2013-02-10 23:39:45 810 ----a-w- C:

\ProgramData\1360539568.4332.bin

2013-02-10 23:39:34 2053 ----a-w- C:

\ProgramData\1360539568.4108.bin

2013-02-10 23:39:28 29693 ----a-w- C:

\ProgramData\1360539568.3836.bin

2013-02-10 23:38:44 29551 ----a-w- C:

\ProgramData\1360539507.bdinstall.bin

2013-02-03 13:12:20 -------- d-----w-

C:\Program Files (x86)\Activision

2013-02-02 13:13:34 794408 ----a-w- C:

\Windows\SysWow64\pbsvc.exe

2013-01-29 15:17:13 -------- d-----w-

C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP

2013-01-26 15:03:05 -------- d-----w-

C:\Illusion

2013-01-24 19:32:35 -------- d-----w-

C:\Program Files (x86)\sb3

2013-01-24 18:32:04 -------- d-----w-

C:\data

2013-01-24 17:44:50 -------- d-----w-

C:\Program Files (x86)\NtreevSoft

2013-01-24 11:19:08 75064 ----a-w- C:

\Windows\SysWow64\PnkBstrA.exe

2013-01-24 11:19:00 183112 ----a-w- C:

\Windows\SysWow64\PnkBstrB.exe

2013-01-24 11:18:59 -------- d-----w-

C:\Users\user\AppData\Local\PunkBuster

2013-01-24 11:12:24 3526 ----a-w- C:

\Windows\SysWow64\ealregsnapshot1.reg

2013-01-24 11:01:17 -------- d-----w-

C:\Program Files (x86)\EA Games

.

==================== Find3M ====================

.

2013-02-14 18:52:30 697712 ----a-w- C:

\Windows\SysWow64\FlashPlayerApp.exe

2013-02-14 18:52:29 74096 ----a-w- C:

\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-02-10 23:40:22 81984 ----a-w- C:

\Windows\System32\bdod.bin

2012-12-10 08:47:33 178800 ----a-w- C:

\Windows\SysWow64\CmdLineExt_x64.dll

.

============= FINISH: 11:55:30.50 ===============

[Maniac]

Hello sajiudx and ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
  

This log file is formatted poorly. Please attach it and don't forget about Attach.txt.

[sajiudx]

Actually it is my second time to post this...3 days ago but no reply so i try to send it again...

My pc crashed 2 week ago, then it went into window repair...but the pc unable to complete repair.

So i had to cancelled it through force shutdown. Now it takes time to enter window.

Because of this, i unsure whether this is hardware or software problem, that why i required your assistance

Your help is much appreciated.

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.7.2

Run by user at 11:54:17 on 2013-02-21

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.5609.4066 [GMT 8:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

AV: Bitdefender Antivirus Free Edition *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Bitdefender Antivirus Free Edition *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Internet Download Manager\IDMan.exe

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://isearch.babylon.com/?affID=116417&tt=4412_7&babsrc=HP_ss&mntrId=0ce2c0f3000000000000446d571f31f1

mStart Page = about:blank

BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot

uRun: [Media Finder] "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray

uRun: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED

mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html

IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{32498716-D209-4FE4-8C2B-0F8472C19CBA} : DHCPNameServer = 203.92.128.151 203.92.128.189

TCP: Interfaces\{4CC444E9-7F75-4A72-A84A-3CCE16D22D15} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{4CC444E9-7F75-4A72-A84A-3CCE16D22D15}\031343533393638343530457E6966696 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{4CC444E9-7F75-4A72-A84A-3CCE16D22D15}\036453238314 : DHCPNameServer = 122.255.99.228 122.255.99.236

TCP: Interfaces\{4CC444E9-7F75-4A72-A84A-3CCE16D22D15}\16C616C69636166656 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{4CC444E9-7F75-4A72-A84A-3CCE16D22D15}\84F4453505F445053423B41313 : DHCPNameServer = 202.188.0.133 202.188.0.133

TCP: Interfaces\{DE8942EA-F55E-4E88-8361-BC8A4972BCB1} : DHCPNameServer = 122.255.99.236 122.255.99.228

TCP: Interfaces\{F6B9B6F0-8C44-4552-A35E-4A8BFBA60999} : DHCPNameServer = 192.168.0.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = about:blank

x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3pizur87.default\

FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)

FF - prefs.js: browser.startup.homepage - hxxp://isearch.babylon.com/?affID=116417&tt=4412_7&babsrc=HP_ss&mntrId=0ce2c0f3000000000000446d571f31f1

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3pizur87.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\plugins\np-mswmp.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=0ce2c0f3000000000000446d571f31f1&q=

FF - user.js: extensions.BabylonToolbar.id - 0ce2c0f3000000000000446d571f31f1

FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}

FF - user.js: extensions.BabylonToolbar.instlDay - 15647

FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8

FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.82:15:43

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - base

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

.

============= SERVICES / DRIVERS ===============

.

R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-2-11 705552]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]

R1 bdfwfpf;bdfwfpf;C:\Program Files\BitDefender\Antivirus Free Edition\bdfwfpf.sys [2013-2-11 107080]

R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-2-11 147232]

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2011-4-18 189440]

R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2012-6-25 379520]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-6-12 235520]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-9-30 105120]

R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\BitDefender\Antivirus Free Edition\gzserv.exe [2013-2-11 30240]

R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2012-4-23 154272]

R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-9-30 158880]

R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-9-30 36000]

R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-2-11 545064]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-9-30 330912]

R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2011-9-30 110240]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-9-30 30368]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-9-30 167584]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-9-30 68256]

R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-9-30 280992]

R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-9-30 519328]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-25 452200]

S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-14 398184]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-14 682344]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-2-28 1030600]

S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-14 24176]

S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2011-4-18 40832]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 84864]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-6-25 250984]

S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2012-11-2 40712]

S3 tpfiltdev;TP-LINK USB Filter Device;C:\Windows\System32\drivers\tpfiltdev.sys [2012-9-6 7424]

S3 tpusbnet;TP-LINK USB-NDIS miniport Driver;C:\Windows\System32\drivers\tpusbnet.sys [2012-9-6 154112]

S3 tpusbser;TP-LINK USB Device for Legacy Serial Communication Driver;C:\Windows\System32\drivers\tpusbser.sys [2012-9-6 123648]

.

=============== File Associations ===============

.

FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"

ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2013-02-21 03:45:15 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{726C1190-3576-4CF5-A184-27442DA2D78F}\offreg.dll

2013-02-14 16:37:46 972264 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{78A222D1-6C5B-418B-BC1E-76BD6FC41387}\gapaengine.dll

2013-02-14 16:37:06 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{726C1190-3576-4CF5-A184-27442DA2D78F}\mpengine.dll

2013-02-14 00:43:01 -------- d-----w- C:\Users\user\AppData\Roaming\Malwarebytes

2013-02-14 00:42:34 -------- d-----w- C:\ProgramData\Malwarebytes

2013-02-14 00:42:31 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-02-14 00:42:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-02-14 00:42:19 -------- d-----w- C:\Users\user\AppData\Local\Programs

2013-02-12 09:15:22 -------- d-sh--w- C:\$RECYCLE.BIN

2013-02-11 12:31:16 260544 ----a-w- C:\Windows\System32\drivers\avchv.sys

2013-02-11 07:15:22 464917 ----a-w- C:\ProgramData\1360549202.bdinstall.bin

2013-02-11 03:41:53 705552 ----a-w- C:\Windows\System32\drivers\avc3.sys

2013-02-11 03:41:53 545064 ----a-w- C:\Windows\System32\drivers\avckf.sys

2013-02-11 02:21:15 -------- d-----w- C:\Users\user\AppData\Roaming\QuickScan

2013-02-11 02:20:36 350160 ----a-w- C:\Windows\System32\drivers\trufos.sys

2013-02-11 02:20:34 147232 ----a-w- C:\Windows\System32\drivers\gzflt.sys

2013-02-11 00:00:34 30727 ----a-w- C:\ProgramData\1360540820.bdinstall.bin

2013-02-10 23:57:17 30860 ----a-w- C:\ProgramData\1360540606.bdinstall.bin

2013-02-10 23:39:45 810 ----a-w- C:\ProgramData\1360539568.4332.bin

2013-02-10 23:39:34 2053 ----a-w- C:\ProgramData\1360539568.4108.bin

2013-02-10 23:39:28 29693 ----a-w- C:\ProgramData\1360539568.3836.bin

2013-02-10 23:38:44 29551 ----a-w- C:\ProgramData\1360539507.bdinstall.bin

2013-02-03 13:12:20 -------- d-----w- C:\Program Files (x86)\Activision

2013-02-02 13:13:34 794408 ----a-w- C:\Windows\SysWow64\pbsvc.exe

2013-01-29 15:17:13 -------- d-----w- C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP

2013-01-26 15:03:05 -------- d-----w- C:\Illusion

2013-01-24 19:32:35 -------- d-----w- C:\Program Files (x86)\sb3

2013-01-24 18:32:04 -------- d-----w- C:\data

2013-01-24 17:44:50 -------- d-----w- C:\Program Files (x86)\NtreevSoft

2013-01-24 11:19:08 75064 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2013-01-24 11:19:00 183112 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2013-01-24 11:18:59 -------- d-----w- C:\Users\user\AppData\Local\PunkBuster

2013-01-24 11:12:24 3526 ----a-w- C:\Windows\SysWow64\ealregsnapshot1.reg

2013-01-24 11:01:17 -------- d-----w- C:\Program Files (x86)\EA Games

.

==================== Find3M ====================

.

2013-02-14 18:52:30 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-02-14 18:52:29 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-02-10 23:40:22 81984 ----a-w- C:\Windows\System32\bdod.bin

2012-12-10 08:47:33 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll

.

============= FINISH: 11:55:30.50 ===============

[Maniac]

Hello sajiudx! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
  

Please post the content of Attach.txt too.

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!