GPU Usage at start-up is 99%, Normal sweep didn't work.

[OrangeBandit]

At start-up, an unknown process starts using upwards of 90% of my GPU. I got this figure from Process Explorer, and the offending process was called csrss.exe. I've ran sweeps with Malwarebytes, RogueKiller, adwcleaner, JRT, and Malwarebytes Anti-rootkit. 

After all of that, the problem persists, although now the process guilty for it is unmarked (pic related)

It seems that the problem goes away if I forcefully restart my graphics driver., but only for a while. It either comes back a few minutes later or at the next system restart. I need assistance with this, it's nearly impossible to use my PC when it acts up like this.

[AdvancedSetup]

Well first thing would probably be to rule out any type of infection and then go from there.

 

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

Thanks

[OrangeBandit]

Well first thing would probably be to rule out any type of infection and then go from there.

 

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

Thanks

I've followed the directions and have saved both of the log reports:

dds:

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2

Run by Lemon at 16:39:13 on 2013-12-11

Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.3567.2566 [GMT -8:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\IProsetMonitor.exe

C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\conhost.exe

C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\VLC Player GPU+\GPULog.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\VLC Player GPU+\GPUMonitor.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

c:\Program Files\Microsoft Security Client\MpCmdRun.exe

C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\system32\sppsvc.exe

C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k WerSvcGroup

.

============== Pseudo HJT Report ===============

.

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Nvtmru] "c:\program files\nvidia corporation\nvidia update core\nvtmru.exe"

mRun: [shadowPlay] c:\windows\system32\rundll32.exe c:\windows\system32\nvspcap.dll,ShadowPlayOnSystemStart

mRun: [AnyProtect] c:\program files\anyprotectex\AnyProtect.exe

mRun: [mobilegeni daemon] c:\program files\mobogenie\DaemonProcess.exe

mRun: [GPULoader] "c:\program files\vlc player gpu+\GPULog.exe"

mRun: [NvBackend] "c:\program files\nvidia corporation\update core\NvBackend.exe"

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{6D8D519D-18E0-46C0-8946-F0A92AD7AB23} : DHCPNameServer = 192.168.1.254

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [2013-7-30 133888]

R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 104768]

R2 NvNetworkService;NVIDIA Network Service;c:\program files\nvidia corporation\netservice\NvNetworkService.exe [2013-12-11 1370912]

R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe [2013-12-7 14657824]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2013-10-23 414496]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2013-12-7 2656280]

R3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2013-12-7 41088]

R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-12-11 34080]

S1 MpKsl5e7ef0f4;MpKsl5e7ef0f4;c:\programdata\microsoft\microsoft antimalware\definition updates\{a667a3d5-ff55-4829-a036-a9e2447b7ac3}\MpKsl5e7ef0f4.sys [2013-12-11 40392]

S1 MpKsl66025958;MpKsl66025958;c:\programdata\microsoft\microsoft antimalware\definition updates\{a667a3d5-ff55-4829-a036-a9e2447b7ac3}\MpKsl66025958.sys [2013-12-11 40392]

S1 MpKsl7f363af1;MpKsl7f363af1;c:\programdata\microsoft\microsoft antimalware\definition updates\{a667a3d5-ff55-4829-a036-a9e2447b7ac3}\MpKsl7f363af1.sys [2013-12-11 40392]

S1 MpKsle3c7b928;MpKsle3c7b928;c:\programdata\microsoft\microsoft antimalware\definition updates\{a667a3d5-ff55-4829-a036-a9e2447b7ac3}\MpKsle3c7b928.sys [2013-12-11 40392]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2012-7-8 104912]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2011-4-11 62464]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2013-12-11 108032]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2013-6-18 552080]

S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2011-4-11 77184]

S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2011-4-11 25600]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]

S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]

S3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2011-4-11 112640]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2013-12-9 1343400]

.

=============== Created Last 30 ================

.

2013-12-11 23:52:07 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)

2013-12-11 23:52:05 104664 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2013-12-11 23:51:02 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-12-11 23:47:13 -------- d-----w- c:\users\lemon\appdata\roaming\eCyber

2013-12-11 23:46:10 -------- d-----w- c:\users\lemon\appdata\roaming\iSafe

2013-12-11 23:33:48 -------- d-----w- c:\windows\ERUNT

2013-12-11 23:28:51 -------- d-----w- C:\AdwCleaner

2013-12-11 22:25:58 -------- d-----w- c:\users\lemon\appdata\roaming\NVIDIA

2013-12-11 22:23:32 664352 ----a-w- c:\windows\system32\nvvsvc.exe

2013-12-11 22:23:32 62752 ----a-w- c:\windows\system32\nvshext.dll

2013-12-11 22:23:32 4318496 ----a-w- c:\windows\system32\nvcpl.dll

2013-12-11 22:23:32 3426956 ----a-w- c:\windows\system32\nvcoproc.bin

2013-12-11 22:23:32 3036448 ----a-w- c:\windows\system32\nvsvc.dll

2013-12-11 22:23:32 209184 ----a-w- c:\windows\system32\nvmctray.dll

2013-12-11 22:23:23 53024 ----a-w- c:\windows\system32\OpenCL.dll

2013-12-11 20:28:07 -------- d--h--w- c:\windows\msdownld.tmp

2013-12-11 20:28:07 -------- d-----w- c:\windows\system32\directx

2013-12-11 20:27:23 -------- d-----w- c:\program files\MSI Afterburner

2013-12-11 19:42:19 -------- d-----w- c:\program files\SpeedFan

2013-12-11 19:23:02 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a667a3d5-ff55-4829-a036-a9e2447b7ac3}\mpengine.dll

2013-12-11 19:17:13 -------- d-----w- c:\users\lemon\appdata\local\NVIDIA Corporation

2013-12-11 19:16:32 34080 ----a-w- c:\windows\system32\drivers\nvvad32v.sys

2013-12-11 06:23:44 159232 ----a-w- c:\windows\system32\imagehlp.dll

2013-12-11 06:23:43 163840 ----a-w- c:\windows\system32\scrrun.dll

2013-12-11 06:23:43 141824 ----a-w- c:\windows\system32\wscript.exe

2013-12-11 06:23:43 126976 ----a-w- c:\windows\system32\cscript.exe

2013-12-11 06:23:43 121856 ----a-w- c:\windows\system32\wshom.ocx

2013-12-11 06:23:42 2048 ----a-w- c:\windows\system32\tzres.dll

2013-12-11 06:23:41 2357248 ----a-w- c:\windows\system32\win32k.sys

2013-12-11 06:23:40 81408 ----a-w- c:\windows\system32\drivers\drmk.sys

2013-12-11 06:23:40 177152 ----a-w- c:\windows\system32\drivers\portcls.sys

2013-12-10 18:09:25 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-12-09 23:54:56 -------- d-----w- c:\users\lemon\appdata\local\Chromium

2013-12-09 23:50:35 -------- d-----w- c:\users\lemon\appdata\roaming\The Creative Assembly

2013-12-09 11:29:22 -------- d-----w- c:\windows\system32\Wat

2013-12-09 11:02:58 338944 ----a-w- c:\windows\system32\drivers\afd.sys

2013-12-09 11:02:58 240576 ----a-w- c:\windows\system32\drivers\netio.sys

2013-12-09 11:02:58 231424 ----a-w- c:\windows\system32\mswsock.dll

2013-12-09 11:02:58 187840 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2013-12-09 11:02:58 1309120 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-12-09 03:50:54 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2013-12-09 03:50:54 6016 ----a-w- c:\windows\system32\drivers\usbd.sys

2013-12-09 03:50:54 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys

2013-12-09 03:50:54 284672 ----a-w- c:\windows\system32\drivers\usbport.sys

2013-12-09 03:50:54 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys

2013-12-09 03:50:54 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2013-12-09 03:50:54 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys

2013-12-09 03:43:37 -------- d-----w- c:\users\lemon\appdata\roaming\RIFT

2013-12-09 03:43:35 -------- d-----w- c:\program files\RIFT

2013-12-09 01:39:36 -------- d-----w- c:\program files\VideoLAN

2013-12-08 22:25:20 -------- d-----w- c:\users\lemon\appdata\local\The Witcher 2

2013-12-08 11:59:40 175104 ----a-w- c:\windows\system32\wintrust.dll

2013-12-08 11:58:45 530432 ----a-w- c:\windows\system32\comctl32.dll

2013-12-08 11:58:43 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys

2013-12-08 11:58:43 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys

2013-12-08 11:58:39 652800 ----a-w- c:\windows\system32\rpcrt4.dll

2013-12-08 11:56:13 99840 ----a-w- c:\windows\system32\sspicli.dll

2013-12-08 11:56:13 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2013-12-08 11:56:13 369848 ----a-w- c:\windows\system32\drivers\cng.sys

2013-12-08 11:56:13 247808 ----a-w- c:\windows\system32\schannel.dll

2013-12-08 11:56:13 220160 ----a-w- c:\windows\system32\ncrypt.dll

2013-12-08 11:56:13 22016 ----a-w- c:\windows\system32\secur32.dll

2013-12-08 11:56:13 22016 ----a-w- c:\windows\system32\lsass.exe

2013-12-08 11:56:13 15872 ----a-w- c:\windows\system32\sspisrv.dll

2013-12-08 11:56:13 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2013-12-08 11:56:13 1039872 ----a-w- c:\windows\system32\lsasrv.dll

2013-12-08 11:55:38 729024 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-12-08 11:55:37 1247744 ----a-w- c:\windows\system32\DWrite.dll

2013-12-08 11:55:22 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-12-08 11:55:20 70656 ----a-w- c:\windows\system32\fontsub.dll

2013-12-08 11:55:20 34304 ----a-w- c:\windows\system32\atmlib.dll

2013-12-08 11:55:20 295424 ----a-w- c:\windows\system32\atmfd.dll

2013-12-08 11:55:20 26112 ----a-w- c:\windows\system32\lpk.dll

2013-12-08 11:55:20 10240 ----a-w- c:\windows\system32\dciman32.dll

2013-12-08 11:54:02 509440 ----a-w- c:\windows\system32\qedit.dll

2013-12-08 11:52:55 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys

2013-12-08 08:50:07 -------- d-----w- c:\program files\uTorrent

2013-12-08 08:49:25 -------- d-----w- c:\users\lemon\appdata\roaming\uTorrent

2013-12-08 08:47:28 -------- d-----w- c:\users\lemon\appdata\local\4A Games

2013-12-08 05:21:14 -------- d-----w- c:\program files\VLC Player GPU+

2013-12-08 05:20:20 -------- d-----w- c:\users\lemon\appdata\local\cache

2013-12-08 05:20:19 -------- d-----w- c:\users\lemon\appdata\local\Mobogenie

2013-12-08 05:20:13 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-12-08 05:20:13 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-12-08 05:19:45 -------- d-----w- c:\program files\Mobogenie

2013-12-08 05:19:22 765744 ----a-w- c:\users\lemon\appdata\local\AnyProtectScannerSetup.exe

2013-12-08 05:07:40 -------- d-----w- c:\users\lemon\appdata\roaming\Malwarebytes

2013-12-08 05:07:27 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-12-08 05:07:27 -------- d-----w- c:\programdata\Malwarebytes

2013-12-08 05:07:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-12-08 05:07:16 -------- d-----w- c:\users\lemon\appdata\local\Programs

2013-12-08 05:06:17 -------- d-----w- c:\program files\common files\Steam

2013-12-08 05:06:16 -------- d-----w- c:\program files\Steam

2013-12-08 04:58:46 -------- d-----w- c:\users\lemon\appdata\local\Google

2013-12-08 04:58:32 -------- d-----w- c:\users\lemon\appdata\local\Deployment

2013-12-08 04:58:32 -------- d-----w- c:\users\lemon\appdata\local\Apps

2013-12-08 04:45:08 -------- d-----w- c:\users\lemon\appdata\local\NVIDIA

2013-12-08 04:45:02 979744 ----a-w- c:\windows\system32\nvspcap.dll

2013-12-08 04:43:09 -------- d-----w- c:\programdata\NVIDIA Corporation

2013-12-08 04:42:53 32544 ----a-w- c:\windows\system32\nvaudcap32v.dll

2013-12-08 04:42:32 -------- d-----w- c:\program files\NVIDIA Corporation

2013-12-08 04:02:28 -------- d-----w- C:\NVIDIA

2013-12-08 03:58:36 -------- d-----w- c:\programdata\Oracle

2013-12-08 03:58:22 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-12-08 03:52:27 315904 ----a-w- c:\windows\system32\Difx40c7.rra

2013-12-08 03:52:27 -------- d-----w- C:\RaidTool

2013-12-08 03:52:23 104024 ----a-w- c:\windows\system32\drivers\jraid.sys

2013-12-08 03:52:21 -------- d-----w- c:\windows\RaidTool

2013-12-08 03:52:11 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll

2013-12-08 03:52:11 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe

2013-12-08 03:52:11 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll

2013-12-08 03:52:11 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll

2013-12-08 03:52:10 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll

2013-12-08 03:52:10 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll

2013-12-08 03:52:10 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll

2013-12-08 03:51:58 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll

2013-12-08 03:51:53 -------- d-----w- c:\program files\common files\postureAgent

2013-12-08 03:51:43 41088 ----a-w- c:\windows\system32\drivers\HECI.sys

2013-12-08 03:51:34 16896 ----a-w- c:\windows\AsTaskSched.dll

2013-12-08 03:50:52 3789416 ----a-w- c:\windows\system32\RtkAPO.dll

2013-12-08 03:50:32 -------- d--h--w- c:\program files\Temp

2013-12-08 03:50:28 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll

2013-12-08 03:50:28 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll

2013-12-08 03:50:28 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe

2013-12-08 03:50:28 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll

2013-12-08 03:50:28 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll

2013-12-08 03:50:27 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll

2013-12-08 03:50:27 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll

2013-12-08 03:49:33 53248 ----a-r- c:\windows\system32\CSVer.dll

2013-12-08 03:48:47 -------- d-----w- C:\Intel

2013-12-08 03:47:55 -------- d-----w- c:\program files\ASUS

2013-12-08 03:47:50 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll

2013-12-08 03:47:50 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iscript.dll

2013-12-08 03:47:50 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iuser.dll

2013-12-08 03:47:49 724992 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iKernel.dll

2013-12-08 03:47:49 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\ctor.dll

2013-12-08 03:47:49 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\DotNetInstaller.exe

2013-12-08 03:47:49 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\Setup.dll

2013-12-08 03:47:49 184452 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iGdi.dll

2013-12-08 03:43:07 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{cc0ac371-636a-4855-b902-7b1a98045aa3}\gapaengine.dll

2013-12-08 03:40:04 317752 ----a-w- c:\windows\system32\PROUnstl.exe

2013-12-08 03:29:14 -------- d-----w- c:\users\lemon\appdata\local\Diagnostics

2013-12-08 03:25:41 -------- d-----w- c:\program files\Microsoft Security Client

2013-12-08 03:24:48 -------- d-sh--w- C:\Recovery

.

==================== Find3M  ====================

.

2013-11-26 09:23:02 2724864 ----a-w- c:\windows\system32\mshtml.tlb

2013-11-26 09:22:11 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll

2013-11-26 08:53:56 61952 ----a-w- c:\windows\system32\iesetup.dll

2013-11-26 08:52:26 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll

2013-11-26 08:29:55 112128 ----a-w- c:\windows\system32\ieUnatt.exe

2013-11-26 08:29:52 108032 ----a-w- c:\windows\system32\ieetwcollector.exe

2013-11-26 08:28:16 553472 ----a-w- c:\windows\system32\jscript9diag.dll

2013-11-26 08:16:12 4243968 ----a-w- c:\windows\system32\jscript9.dll

2013-11-26 07:32:06 1928192 ----a-w- c:\windows\system32\inetcpl.cpl

2013-11-26 06:33:33 1820160 ----a-w- c:\windows\system32\wininet.dll

2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe

2013-10-23 11:02:36 589600 ----a-w- c:\windows\system32\nvStreaming.exe

2013-10-12 01:57:21 657920 ----a-w- c:\windows\system32\nshwfp.dll

2013-10-12 01:56:41 681472 ----a-w- c:\windows\system32\IKEEXT.DLL

2013-10-12 01:56:33 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL

2013-10-12 01:55:55 496128 ----a-w- c:\windows\system32\BFE.DLL

2013-10-05 19:57:25 1168384 ----a-w- c:\windows\system32\crypt32.dll

2013-10-03 01:58:07 305152 ----a-w- c:\windows\system32\gdi32.dll

2013-09-27 17:53:06 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2013-09-27 17:53:06 104768 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys

.

============= FINISH: 16:39:55.03 ===============

 

 

attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate 

Boot Device: \Device\HarddiskVolume1

Install Date: 12/7/2013 7:26:24 PM

System Uptime: 12/11/2013 4:36:42 PM (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. |  | P8Z68-V PRO GEN3

Processor: Intel® Core i5-3570K CPU @ 3.40GHz | LGA1155 | 3401/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 931 GiB total, 834.958 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: MpKsl66025958

Device ID: ROOT\LEGACY_MPKSL66025958\0000

Manufacturer: 

Name: MpKsl66025958

PNP Device ID: ROOT\LEGACY_MPKSL66025958\0000

Service: MpKsl66025958

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: MpKsle3c7b928

Device ID: ROOT\LEGACY_MPKSLE3C7B928\0000

Manufacturer: 

Name: MpKsle3c7b928

PNP Device ID: ROOT\LEGACY_MPKSLE3C7B928\0000

Service: MpKsle3c7b928

.

Class GUID: 

Description: 

Device ID: USB\VID_0CF3&PID_3000\6&365C71D&0&7

Manufacturer: 

Name: 

PNP Device ID: USB\VID_0CF3&PID_3000\6&365C71D&0&7

Service: 

.

Class GUID: 

Description: Universal Serial Bus (USB) Controller

Device ID: PCI\VEN_1B21&DEV_1042&SUBSYS_84881043&REV_00\4&14E4619&0&00E4

Manufacturer: 

Name: Universal Serial Bus (USB) Controller

PNP Device ID: PCI\VEN_1B21&DEV_1042&SUBSYS_84881043&REV_00\4&14E4619&0&00E4

Service: 

.

Class GUID: 

Description: Universal Serial Bus (USB) Controller

Device ID: PCI\VEN_1B21&DEV_1042&SUBSYS_84881043&REV_00\4&1D1B3AB2&0&00E1

Manufacturer: 

Name: Universal Serial Bus (USB) Controller

PNP Device ID: PCI\VEN_1B21&DEV_1042&SUBSYS_84881043&REV_00\4&1D1B3AB2&0&00E1

Service: 

.

==== System Restore Points ===================

.

RP21: 12/9/2013 3:48:15 PM - Installed DirectX

RP22: 12/9/2013 3:48:55 PM - Installed Microsoft Visual C++ 2005 Redistributable

RP23: 12/11/2013 12:05:33 AM - Windows Update

RP24: 12/11/2013 1:58:13 PM - Device Driver Package Install: NVIDIA Display adapters

RP25: 12/11/2013 1:59:12 PM - Device Driver Package Install: NVIDIA Universal Serial Bus controllers

.

==== Installed Programs ======================

.

µTorrent

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Audiosurf

Dota 2

GeForce Experience NvStream Client Components

Google Chrome

Google Update Helper

GPU Monitor

Intel® Management Engine Components

Intel® Network Connections 18.7.28.0

Java 7 Update 45

Java Auto Updater

JMicron JMB36X Driver

Malwarebytes Anti-Malware version 1.75.0.1300

Metro 2033

Microsoft .NET Framework 4.5

Microsoft Security Client

Microsoft Security Essentials

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319

MSI Afterburner 2.3.1

NVIDIA 3D Vision Controller Driver 331.65

NVIDIA 3D Vision Driver 331.65

NVIDIA Control Panel 331.65

NVIDIA GeForce Experience 1.8

NVIDIA Graphics Driver 331.65

NVIDIA HD Audio Driver 1.3.26.4

NVIDIA Install Application

NVIDIA LED Visualizer 1.0

NVIDIA Network Service

NVIDIA PhysX

NVIDIA PhysX System Software 9.13.0725

NVIDIA ShadowPlay 10.10.5

NVIDIA Stereoscopic 3D Driver

NVIDIA Update 10.10.5

NVIDIA Update Core

NVIDIA Virtual Audio 1.2.12

RIFT

SHIELD Streaming

SpeedFan (remove only)

Steam

The Witcher 2: Assassins of Kings Enhanced Edition

Total War: SHOGUN 2

VC_CRT_x86

VLC media player 2.1.1

.

==== Event Viewer Messages From Past Week ========

.

12/11/2013 3:38:27 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.

12/11/2013 3:38:26 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

12/11/2013 3:38:26 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

12/11/2013 3:38:26 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

12/11/2013 3:38:26 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

12/11/2013 3:38:25 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

12/11/2013 3:38:19 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

12/11/2013 3:38:12 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD CSC DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf

12/11/2013 3:38:12 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.

12/11/2013 3:38:12 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.

12/11/2013 3:38:12 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.

12/11/2013 3:38:12 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.

12/11/2013 3:38:12 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.

12/11/2013 3:38:12 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.

12/11/2013 3:38:12 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.

12/11/2013 3:38:12 PM, Error: Service Control Manager [7001]  - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error:  A device attached to the system is not functioning.

12/11/2013 3:38:12 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.

12/11/2013 3:38:12 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.

12/11/2013 3:38:12 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.

.

==== End Of File ===========================

 

[AdvancedSetup]

Please do not use tags - just post those logs as a new topic in this forum:  https://forums.malwarebytes.org/index.php?showforum=7

 

Thanks

[AdvancedSetup]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.