Rootkit infection

[Firegod522]

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 8.0.7600.16385

Run by Jacob at 0:40:09 on 2014-01-06

Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.8148.5643 [GMT -6:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Program Files (x86)\Sendori\sndappv2.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Sendori\SendoriSvc.exe

C:\Program Files (x86)\Sendori\Sendori.Service.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

C:\Program Files\Logitech Gaming Software\LCore.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\Jacob\AppData\Local\FluxSoftware\Flux\flux.exe

C:\Users\Jacob\AppData\Roaming\uTorrent\uTorrent.exe

C:\Users\Jacob\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\Program Files (x86)\Sendori\SendoriTray.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\iTunes\iTunes.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\Microsoft Security Client\MpCmdRun.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [f.lux] "C:\Users\Jacob\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow

uRun: [AdobeBridge] <no file>

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

mRun: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup

mRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"

StartupFolder: C:\Users\Jacob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Jacob\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\Jacob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech Gaming Software\EReg\eReg.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

LSP: C:\Windows\System32\Sendori.dll

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{E903B2FF-2A2C-4309-AEC2-8DE7CABAECCC} : DHCPNameServer = 192.168.1.254

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart

x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-1-3 65776]

R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-1-3 207904]

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-1-3 1034464]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-1-3 422216]

R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-10-7 120096]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-1-3 78648]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-1-3 50344]

R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-11 1494304]

R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-11 15129376]

R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2013-12-11 32544]

R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-10-7 22304]

R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-10-7 3623200]

R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-3 79672]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-12-18 39200]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-12-11 769168]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]

S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20);C:\Windows\System32\drivers\RtTeam620.sys [2013-12-11 58512]

S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan620.sys [2013-12-11 32400]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

.

=============== Created Last 30 ================

.

2014-01-06 06:30:47 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-01-06 06:30:46 117464 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

2014-01-06 06:30:25 89304 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2014-01-06 06:18:34 208216 ----a-w- C:\Windows\System32\drivers\60465450.sys

2014-01-06 06:13:57 208216 ----a-w- C:\Windows\System32\drivers\82884924.sys

2014-01-06 04:39:59 491088 ----a-w- C:\Windows\System32\drivers\adp94xx.sys.bak

2014-01-06 04:39:59 339536 ----a-w- C:\Windows\System32\drivers\adpahci.sys.bak

2014-01-06 04:39:59 334416 ----a-w- C:\Windows\System32\drivers\acpi.sys.bak

2014-01-06 04:39:59 182864 ----a-w- C:\Windows\System32\drivers\adpu320.sys.bak

2014-01-06 04:39:59 12288 ----a-w- C:\Windows\System32\drivers\acpipmi.sys.bak

2014-01-06 04:39:58 227840 ----a-w- C:\Windows\System32\drivers\1394ohci.sys.bak

2014-01-06 04:39:57 68096 ----a-w- C:\Windows\System32\drivers\1394bus.sys.bak

2014-01-05 22:44:14 965000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F1E2B9AA-8D0C-4622-B95C-6C3F8452B7C4}\gapaengine.dll

2014-01-05 22:43:05 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D562F533-1384-49EA-A943-79CDC1F61BBA}\mpengine.dll

2014-01-05 22:42:30 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2014-01-05 22:20:55 -------- d-----w- C:\Users\Jacob\AppData\Roaming\PowerISO

2014-01-05 22:20:36 325920 ----a-w- C:\Windows\SysWow64\Sendori.dll

2014-01-05 22:20:32 -------- d-----w- C:\ProgramData\Sendori

2014-01-05 22:20:30 -------- d-----w- C:\Program Files (x86)\Sendori

2014-01-05 22:20:23 -------- d-----w- C:\Users\Jacob\AppData\Roaming\OpenCandy

2014-01-05 22:20:21 129944 ----a-w- C:\Windows\System32\drivers\scdemu.sys

2014-01-05 22:20:21 -------- d-----w- C:\Program Files\PowerISO

2014-01-05 22:13:21 -------- d-----w- C:\Users\Jacob\AppData\Local\Autodesk

2014-01-05 19:41:37 -------- d-----w- C:\Program Files\CCleaner

2014-01-05 15:00:49 -------- d-sh--w- C:\$RECYCLE.BIN

2014-01-05 14:42:47 -------- d-----w- C:\Program Files (x86)\ESET

2014-01-05 13:59:12 98816 ----a-w- C:\Windows\sed.exe

2014-01-05 13:59:12 256000 ----a-w- C:\Windows\PEV.exe

2014-01-05 13:59:12 208896 ----a-w- C:\Windows\MBR.exe

2014-01-05 05:45:16 -------- d-----w- C:\Users\Jacob\AppData\Roaming\Malwarebytes

2014-01-05 05:45:07 -------- d-----w- C:\ProgramData\Malwarebytes

2014-01-05 05:45:06 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-01-05 05:45:06 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-01-04 05:06:11 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2014-01-04 05:06:06 -------- d-----w- C:\Program Files\Microsoft Security Client

2014-01-04 03:52:23 -------- d-----w- C:\Users\Jacob\AppData\Roaming\AVAST Software

2014-01-04 03:51:05 79672 ----a-w- C:\Windows\System32\drivers\aswstm.sys

2014-01-04 03:51:05 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2014-01-04 03:51:04 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2014-01-04 03:51:04 1034464 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2014-01-04 03:51:03 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2014-01-04 03:51:02 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2014-01-04 03:50:58 43152 ----a-w- C:\Windows\avastSS.scr

2014-01-04 03:50:47 -------- d-----w- C:\Program Files\AVAST Software

2014-01-04 03:50:29 -------- d-----w- C:\ProgramData\AVAST Software

2014-01-03 21:30:43 -------- d-----w- C:\Users\Jacob\AppData\Roaming\Search Protection

2014-01-03 21:30:09 -------- d-----w- C:\Users\Jacob\AppData\Roaming\uTorrent

2014-01-03 16:19:52 -------- d-----r- C:\Users\Jacob\Dropbox

2014-01-03 16:12:23 -------- d-----w- C:\Users\Jacob\AppData\Roaming\Dropbox

2013-12-31 00:47:41 -------- d-----w- C:\Users\Jacob\AppData\Local\TSVNCache

2013-12-30 16:57:45 -------- d-----w- C:\Users\Jacob\AppData\Roaming\TortoiseSVN

2013-12-30 16:54:56 -------- d-----w- C:\Users\Jacob\AppData\Roaming\Subversion

2013-12-30 16:54:21 -------- d-----w- C:\Program Files\TortoiseSVN

2013-12-30 16:54:21 -------- d-----w- C:\Program Files\Common Files\TortoiseOverlays

2013-12-30 16:54:21 -------- d-----w- C:\Program Files (x86)\Common Files\TortoiseOverlays

2013-12-29 23:49:22 -------- d-----w- C:\Users\Jacob\AppData\Local\Programs

2013-12-23 05:22:29 -------- d-----w- C:\Users\Jacob\AppData\Roaming\stetic

2013-12-23 05:22:19 -------- d-----w- C:\Users\Jacob\AppData\Roaming\MonoDevelop-Unity-4.0

2013-12-23 05:22:14 -------- d-----w- C:\Users\Jacob\AppData\Local\MonoDevelop-Unity-4.0

2013-12-23 05:15:00 -------- d-----w- C:\Users\Jacob\AppData\Roaming\Unity

2013-12-23 01:11:11 -------- d-----w- C:\Users\Jacob\AppData\Local\licensecb

2013-12-23 01:11:11 -------- d-----w- C:\ProgramData\licensecb

2013-12-23 01:11:11 -------- d-----w- C:\ProgramData\CrazyBump

2013-12-23 01:10:18 -------- d-----w- C:\Windows\SysWow64\directx

2013-12-23 01:10:17 -------- d-----w- C:\Users\Jacob\AppData\Local\CrazyBump

2013-12-23 01:10:17 -------- d-----w- C:\Program Files (x86)\Crazybump

2013-12-23 00:14:52 -------- d-----w- C:\Users\Jacob\AppData\Roaming\uk.co.planetside

2013-12-23 00:14:52 -------- d-----w- C:\Users\Jacob\AppData\Roaming\Planetside Software

2013-12-23 00:12:47 -------- d-----w- C:\Program Files\Planetside Software

2013-12-19 05:06:55 -------- d-----w- C:\ProgramData\Unity

2013-12-19 05:03:30 -------- d-----w- C:\Users\Jacob\AppData\Local\Unity

2013-12-19 04:59:21 -------- d-----w- C:\Program Files (x86)\Unity

2013-12-18 06:55:44 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys

2013-12-18 06:55:44 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll

2013-12-18 06:09:27 -------- d-----w- C:\Users\Jacob\AppData\Roaming\.minecraft

2013-12-18 06:09:22 -------- d-----w- C:\ProgramData\Oracle

2013-12-18 06:09:15 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

2013-12-18 04:50:23 -------- d-----w- C:\Users\Jacob\AppData\Local\CrashRpt

2013-12-18 01:00:12 -------- d-----w- C:\HammerAutosave

2013-12-18 00:33:44 -------- d-----w- C:\Users\Jacob\AppData\Local\Nem's Tools

2013-12-18 00:33:38 -------- d-----w- C:\Program Files\Nem's Tools

2013-12-17 22:49:24 -------- d-----w- C:\ProgramData\Package Cache

2013-12-14 09:53:32 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7B0E2D28-C599-45BE-B139-214DAB13C593}\offreg.dll

2013-12-14 07:51:30 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe

2013-12-14 07:42:59 -------- d-----w- C:\Users\Jacob\AppData\Local\Adobe

2013-12-14 04:09:32 -------- d-----w- C:\Users\Jacob\AppData\Roaming\3909

2013-12-13 05:13:25 -------- d-----w- C:\Users\Jacob\AppData\Roaming\NVIDIA

2013-12-13 05:13:25 -------- d-----w- C:\Users\Jacob\AppData\Local\Logitech

2013-12-13 05:13:10 -------- d-----w- C:\Program Files\Logitech Gaming Software

2013-12-13 05:12:25 -------- d-----w- C:\Users\Jacob\AppData\Roaming\Logishrd

2013-12-12 06:15:50 -------- d-----w- C:\Users\Jacob\AppData\Local\Apple Computer

2013-12-12 06:15:41 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2013-12-12 06:15:34 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-12-12 06:15:34 -------- d-----w- C:\Program Files\iTunes

2013-12-12 06:15:34 -------- d-----w- C:\Program Files\iPod

2013-12-12 06:15:34 -------- d-----w- C:\Program Files (x86)\iTunes

2013-12-12 06:14:28 -------- d-----w- C:\Users\Jacob\AppData\Local\Apple

2013-12-12 06:14:12 -------- d-----w- C:\Program Files\Bonjour

2013-12-12 06:14:12 -------- d-----w- C:\Program Files (x86)\Bonjour

2013-12-12 06:06:57 267936 ------w- C:\Windows\System32\MpSigStub.exe

2013-12-12 06:06:57 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7B0E2D28-C599-45BE-B139-214DAB13C593}\mpengine.dll

2013-12-12 06:04:15 -------- d-----w- C:\Users\Jacob\AppData\Local\FluxSoftware

2013-12-12 06:03:36 -------- d-----w- C:\Program Files\LinkShellExtension

2013-12-12 05:56:07 -------- d-----w- C:\Users\Jacob\AppData\Local\NVIDIA Corporation

2013-12-12 05:56:04 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll

2013-12-12 05:56:04 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll

2013-12-12 05:51:33 -------- d-----w- C:\Users\Jacob\AppData\Local\NVIDIA

2013-12-12 05:47:13 922912 ----a-w- C:\Windows\System32\nvvsvc.exe

2013-12-12 05:47:13 6674208 ----a-w- C:\Windows\System32\nvcpl.dll

2013-12-12 05:47:13 63776 ----a-w- C:\Windows\System32\nvshext.dll

2013-12-12 05:47:13 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll

2013-12-12 05:47:13 3467927 ----a-w- C:\Windows\System32\nvcoproc.bin

2013-12-12 05:47:13 219424 ----a-w- C:\Windows\System32\nvmctray.dll

2013-12-12 05:46:30 61216 ----a-w- C:\Windows\System32\OpenCL.dll

2013-12-12 05:46:30 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll

2013-12-12 05:46:26 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2013-12-12 05:46:24 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation

2013-12-12 05:44:24 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll

2013-12-12 05:44:24 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll

2013-12-12 05:44:24 48960 ----a-w- C:\Windows\System32\netfxperf.dll

2013-12-12 05:44:24 444752 ----a-w- C:\Windows\System32\mscoree.dll

2013-12-12 05:44:24 320352 ----a-w- C:\Windows\System32\PresentationHost.exe

2013-12-12 05:44:24 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll

2013-12-12 05:44:24 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe

2013-12-12 05:44:24 1942856 ----a-w- C:\Windows\System32\dfshim.dll

2013-12-12 05:44:24 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll

2013-12-12 05:44:24 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll

2013-12-12 05:41:00 -------- d-sh--w- C:\Windows\Installer

2013-12-12 05:36:51 -------- d-----w- C:\Program Files (x86)\Steam

2013-12-12 05:36:51 -------- d-----w- C:\Program Files (x86)\Common Files\Steam

2013-12-12 05:36:22 -------- d-----w- C:\Users\Jacob\AppData\Local\Google

2013-12-12 05:36:14 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2013-12-12 05:36:10 99840 ----a-w- C:\Windows\System32\wudriver.dll

2013-12-12 05:35:51 36864 ----a-w- C:\Windows\System32\wuapp.exe

2013-12-12 05:35:51 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2013-12-12 05:35:50 -------- d-----w- C:\Users\Jacob\AppData\Local\Apps

2013-12-12 05:35:49 -------- d-----w- C:\Users\Jacob\AppData\Local\Deployment

2013-12-12 05:34:36 769168 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys

2013-12-12 05:34:36 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll

2013-12-12 05:34:36 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll

2013-12-12 05:33:29 58512 ----a-w- C:\Windows\System32\drivers\RtTeam620.sys

2013-12-12 05:33:29 32544 ----a-w- C:\Windows\System32\drivers\RtNdPt60.sys

2013-12-12 05:33:29 32400 ----a-w- C:\Windows\System32\drivers\RtVlan620.sys

2013-12-12 05:33:29 -------- d-----w- C:\Program Files (x86)\Realtek

2013-12-12 05:04:46 -------- d-----w- C:\Users\Jacob\AppData\Local\Diagnostics

2013-12-12 05:03:37 -------- d-----w- C:\Users\Jacob\AppData\Local\VirtualStore

2013-12-10 09:29:22 -------- d-----w- C:\Windows\Panther

.

==================== Find3M  ====================

.

2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll

.

============= FINISH:  0:40:30.00 ===============

************************************************************************************************************************************************************

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate 

Boot Device: \Device\HarddiskVolume1

Install Date: 12/11/2013 11:02:30 PM

System Uptime: 1/6/2014 12:16:47 AM (0 hours ago)

.

Motherboard: ASUSTeK COMPUTER INC. |  | P8Z77-V LX

Processor: Intel® Core i5-3550 CPU @ 3.30GHz | LGA1155 | 3301/103mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 736 GiB total, 573.734 GiB free.

D: is FIXED (NTFS) - 289 GiB total, 54.957 GiB free.

E: is FIXED (NTFS) - 932 GiB total, 668.346 GiB free.

F: is FIXED (NTFS) - 9 GiB total, 0.78 GiB free.

G: is FIXED (NTFS) - 195 GiB total, 194.975 GiB free.

H: is CDROM ()

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: 

Description: Universal Serial Bus (USB) Controller

Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_84CA1043&REV_04\3&11583659&0&A0

Manufacturer: 

Name: Universal Serial Bus (USB) Controller

PNP Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_84CA1043&REV_04\3&11583659&0&A0

Service: 

.

Class GUID: 

Description: PCI Simple Communications Controller

Device ID: PCI\VEN_8086&DEV_1E3A&SUBSYS_84CA1043&REV_04\3&11583659&0&B0

Manufacturer: 

Name: PCI Simple Communications Controller

PNP Device ID: PCI\VEN_8086&DEV_1E3A&SUBSYS_84CA1043&REV_04\3&11583659&0&B0

Service: 

.

Class GUID: 

Description: SM Bus Controller

Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_84CA1043&REV_04\3&11583659&0&FB

Manufacturer: 

Name: SM Bus Controller

PNP Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_84CA1043&REV_04\3&11583659&0&FB

Service: 

.

==== System Restore Points ===================

.

RP356: 11/27/2013 10:37:08 PM - Windows Update

RP357: 11/27/2013 11:27:29 PM - Installed DirectX

RP359: 12/1/2013 2:29:35 AM - Windows Update

RP360: 12/1/2013 2:48:36 PM - Installed DirectX

RP361: 12/1/2013 3:01:23 PM - Installed DirectX

RP363: 12/4/2013 10:37:20 PM - Windows Update

RP365: 12/7/2013 11:47:30 PM - Windows Update

RP367: 12/10/2013 1:50:53 AM - Windows Update

RP368: 12/10/2013 2:32:00 AM - Installed DirectX

RP16: 12/22/2013 - Scheduled Checkpoint

RP17: 12/22/2013 6:12:38 PM - Installed Terragen 3

RP18: 12/25/2013 12:16:51 AM - Installed DirectX

RP19: 12/30/2013 10:52:54 AM - Installed TortoiseSVN 1.8.4.24972 (64 bit)

RP20: 1/3/2014 9:50:39 PM - avast! antivirus system restore point

RP21: 1/3/2014 11:05:47 PM - Windows Update

RP22: 1/5/2014 8:12:46 AM - OTL Restore Point - 1/5/2014 8:12:42 AM

.

==== Installed Programs ======================

.

µTorrent

7-Zip 9.20 (x64 edition)

Adobe Photoshop CS6

Alien Swarm

Alien Swarm - SDK

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Assassin’s Creed® III

avast! Free Antivirus

Bonjour

Borderlands 2

CCleaner

Counter-Strike: Global Offensive

Counter-Strike: Global Offensive - SDK

Crazybump (remove only)

Dota 2

Dropbox

ESET Online Scanner v3

f.lux

Garry's Mod

GCFScape 1.8.5

GeForce Experience NvStream Client Components

Google Chrome

Google Update Helper

Half-Life 2

Half-Life 2: Episode Two

iTunes

Java 7 Update 45 (64-bit)

Just Cause 2

Just Cause 2: Multiplayer Mod

Link Shell Extension

Logitech Gaming Software

Logitech Gaming Software 8.51

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Security Client

Microsoft Security Essentials

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610

Microsoft_VC80_CRT_x86

Microsoft_VC90_CRT_x86

Notepad++

NVIDIA Control Panel 331.82

NVIDIA GeForce Experience 1.8.1

NVIDIA Graphics Driver 331.82

NVIDIA HD Audio Driver 1.3.26.4

NVIDIA Install Application

NVIDIA LED Visualizer 1.0

NVIDIA Network Service

NVIDIA PhysX

NVIDIA PhysX System Software 9.13.0725

NVIDIA ShadowPlay 10.11.15

NVIDIA Update 10.11.15

NVIDIA Update Core

NVIDIA Virtual Audio 1.2.19

PDF Settings CS6

POSTAL 2 Complete

PowerISO

Realtek Ethernet Controller Driver

Realtek Ethernet Diagnostic Utility

Scribblenauts Unlimited

Search Protection

Sendori

SHIELD Streaming

Skype™ 6.11

Source SDK

Source SDK Base 2007

Source SDK Base 2013 Singleplayer

Steam

Terragen 3

TortoiseSVN 1.8.4.24972 (64 bit)

Unity

Unity Web Player

VTFEdit 1.3.3

.

==== Event Viewer Messages From Past Week ========

.

1/6/2014 12:17:21 AM, Error: Service Control Manager [7023]  - The Power service terminated with the following error:  The WMI request could not be completed and should be retried.

1/5/2014 8:59:43 AM, Error: Service Control Manager [7030]  - The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

1/5/2014 8:39:53 PM, Error: Service Control Manager [7031]  - The Service Sendori service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

1/5/2014 8:06:33 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Plug and Play service, but this action failed with the following error:  A system shutdown has already been scheduled.

1/5/2014 8:06:33 AM, Error: Service Control Manager [7031]  - The Plug and Play service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Reboot the machine.

1/5/2014 8:06:33 AM, Error: Service Control Manager [7031]  - The DCOM Server Process Launcher service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Reboot the machine.

1/5/2014 4:40:26 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:  An instance of the service is already running.

1/5/2014 4:39:56 PM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

1/5/2014 4:39:56 PM, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.

1/5/2014 12:55:01 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Install   Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=0.0.0.0&sig=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: Network Inspection System   Update Type: Full   User: Jacob-PC\Jacob   Current Engine Version:   Previous Engine Version: 0.0.0.0   Error code: 0x8007042c   Error description: The dependency service or group failed to start. 

1/5/2014 12:55:00 AM, Error: Microsoft Antimalware [2003]  - Microsoft Antimalware has encountered an error trying to update the engine.   New Engine Version:   Previous Engine Version:   Engine Type: Network Inspection System   User: Jacob-PC\Jacob   Error Code: 0x8007042c   Error description: The dependency service or group failed to start. 

1/5/2014 12:55:00 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version:   Update Source: User   Update Stage: Install   Source Path:   Signature Type: Network Inspection System   Update Type: Full   User: Jacob-PC\Jacob   Current Engine Version:   Previous Engine Version:   Error code: 0x8007042c   Error description: The dependency service or group failed to start. 

1/5/2014 12:51:42 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.165.1210.0).

1/5/2014 12:51:36 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.165.1210.0   Update Source: Microsoft Update Server   Update Stage: Install   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.10201.0   Error code: 0x80070643   Error description: Fatal error during installation. 

1/5/2014 12:51:35 AM, Error: Microsoft Antimalware [2003]  - Microsoft Antimalware has encountered an error trying to update the engine.   New Engine Version:   Previous Engine Version:   Engine Type: Network Inspection System   User: NT AUTHORITY\SYSTEM   Error Code: 0x8007042c   Error description: The dependency service or group failed to start. 

1/5/2014 12:51:35 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version:   Update Source: User   Update Stage: Install   Source Path:   Signature Type: Network Inspection System   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version:   Error code: 0x8007042c   Error description: The dependency service or group failed to start. 

1/5/2014 12:15:15 AM, Error: Microsoft Antimalware [2003]  - Microsoft Antimalware has encountered an error trying to update the engine.   New Engine Version:   Previous Engine Version:   Engine Type: Network Inspection System   User: NT AUTHORITY\NETWORK SERVICE   Error Code: 0x8007042c   Error description: The dependency service or group failed to start. 

1/5/2014 12:15:15 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Install   Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=0.0.0.0&sig=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: Network Inspection System   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:   Previous Engine Version: 0.0.0.0   Error code: 0x80070652   Error description: Another installation is already in progress. Complete that installation before proceeding with this install. 

1/5/2014 12:15:15 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version:   Update Source: User   Update Stage: Install   Source Path:   Signature Type: Network Inspection System   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:   Previous Engine Version:   Error code: 0x8007042c   Error description: The dependency service or group failed to start. 

1/5/2014 12:15:15 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version:   Update Source: User   Update Stage: Install   Source Path:   Signature Type:   Update Type:   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:   Previous Engine Version:   Error code: 0x80070652   Error description: Another installation is already in progress. Complete that installation before proceeding with this install. 

1/5/2014 12:15:12 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.165.1158.0   Update Source: Microsoft Malware Protection Center   Update Stage: Install   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.10201.0&avdelta=1.165.1158.0&asdelta=1.165.1158.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:   Previous Engine Version: 1.1.10201.0   Error code: 0x80070652   Error description: Another installation is already in progress. Complete that installation before proceeding with this install. 

1/5/2014 12:15:12 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.165.1158.0   Update Source: Microsoft Malware Protection Center   Update Stage: Install   Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.10201.0&avdelta=1.165.1158.0&asdelta=1.165.1158.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: AntiSpyware   Update Type: Full   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:   Previous Engine Version: 1.1.10201.0   Error code: 0x80070652   Error description: Another installation is already in progress. Complete that installation before proceeding with this install. 

1/5/2014 12:15:12 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version:   Update Source: User   Update Stage: Install   Source Path:   Signature Type:   Update Type:   User: NT AUTHORITY\NETWORK SERVICE   Current Engine Version:   Previous Engine Version:   Error code: 0x80070652   Error description: Another installation is already in progress. Complete that installation before proceeding with this install. 

1/4/2014 11:48:42 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.165.1158.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.10201.0   Error code: 0x8024001e   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

1/4/2014 11:48:42 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.165.1158.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.10201.0   Error code: 0x8024001e   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

1/3/2014 9:46:02 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the DCOM Server Process Launcher service, but this action failed with the following error:  A system shutdown has already been scheduled.

1/3/2014 4:35:44 PM, Error: Service Control Manager [7031]  - The Power service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Reboot the machine.

1/3/2014 11:08:32 PM, Error: Microsoft Antimalware [2003]  - Microsoft Antimalware has encountered an error trying to update the engine.   New Engine Version:   Previous Engine Version:   Engine Type: Network Inspection System   User: Jacob-PC\Jacob   Error Code: 0x8007042c   Error description: The dependency service or group failed to start. 

1/3/2014 11:08:32 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 0.0.0.0   Update Source: Microsoft Malware Protection Center   Update Stage: Install   Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=0.0.0.0&sig=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094   Signature Type: Network Inspection System   Update Type: Full   User: Jacob-PC\Jacob   Current Engine Version:   Previous Engine Version: 0.0.0.0   Error code: 0x8007042c   Error description: The dependency service or group failed to start. 

1/3/2014 11:08:32 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version:   Update Source: User   Update Stage: Install   Source Path:   Signature Type: Network Inspection System   Update Type: Full   User: Jacob-PC\Jacob   Current Engine Version:   Previous Engine Version:   Error code: 0x8007042c   Error description: The dependency service or group failed to start. 

1/3/2014 11:08:08 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.165.1158.0   Update Source: Microsoft Update Server   Update Stage: Install   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.10201.0   Error code: 0x80070643   Error description: Fatal error during installation. 

1/3/2014 11:08:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.165.1158.0).

1/3/2014 11:08:07 PM, Error: Microsoft Antimalware [2003]  - Microsoft Antimalware has encountered an error trying to update the engine.   New Engine Version:   Previous Engine Version:   Engine Type: Network Inspection System   User: NT AUTHORITY\SYSTEM   Error Code: 0x8007042c   Error description: The dependency service or group failed to start. 

1/3/2014 11:08:07 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version:   Update Source: User   Update Stage: Install   Source Path:   Signature Type: Network Inspection System   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version:   Error code: 0x8007042c   Error description: The dependency service or group failed to start. 

1/3/2014 11:06:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070216: Hotfix for Windows (KB981889).

.

==== End Of File ===========================

 

 

[Firegod522]

Svchost.exe is giving me some issues, trying to load a page or something.

 

Url:mal

[kevinf80]

Hello and

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
  
• Press Scan button.
  
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
  

 

Kevin...

[Firegod522]

Here you go

Addition.txt

FRST.txt

[kevinf80]

Run FRST one more time:

Type the following in the edit box after "Search:".

rpcss.dll

Click Search button and post the log (Search.txt) it makes to your reply.

[Firegod522]

Done

FRST.txt

[Firegod522]

Just realized i gave you the wrong file. 

 

 

Search.txt

[kevinf80]

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced logs, let me know if audio ads cease..

 

Kevin....

 

fixlist.txt

[Firegod522]

I was never having problems with audio ads, But i believe that did the trick. Thank you very much for your time.

Fixlog.txt

mbam-log-2014-01-06 (16-16-21).txt

mbam-log-2014-01-06 (16-16-21).txt

Fixlog.txt

[kevinf80]

One of the traits of the infection you had is usually audio ads, we`ve had several threads with same infection recently. Replacing the patched .dll file is a good fix, also removing other entries.

 

We still need to run an online AV scan to ensure there are no remnants of any infection left on your system that we may have missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

 

•  

   

• Turn off the real time scanner of any existing antivirus program while performing the online scan

   

   

• click on the Run ESET Online Scanner button

   

   

• Tick the box next to YES, I accept the Terms of Use.

   

  Click Start

   

• When asked, allow the add/on to be installed

   

  Click Start

   

• Make sure that the option Remove found threats is unticked

   

   

• Click on Advanced Settings, ensure the options

   

   

• Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

   

  Click Scan

   

• wait for the virus definitions to be downloaded

   

   

• Wait for the scan to finish

   

   

 

 

When the scan is complete

 

 

•  

   

• If no threats were found

   

   

• put a checkmark in "Uninstall application on close"

   

   

• close program

   

   

• report to me that nothing was found

   

   

 

 

If threats were found

 

 

•  

   

• click on "list of threats found"

   

   

• click on "export to text file" and save it as ESET SCAN and save to the desktop

   

   

• Click on back

   

   

• put a checkmark in "Uninstall application on close"

   

   

• click on finish

   

   

 

 

close program

 

copy and paste the report in next reply

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Kevin....

[Firegod522]

Nothing was found.

[kevinf80]

Have you ran Security checks?

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!