Jump to content

Recommended Posts

I can't use windows 8 at all right now, whenever I boot up it and enter windows the GPU fans spin up, the screen goes black and it says display driver has stopped responding over and over until rebooting itself, the problem goes away when I use windows 7 with the same driver. I am fairly sure this is a malware using my GPU for malicious deeds! Please someone I am going mad I have no idea what I can do to stop this.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 MINIMAL
Internet Explorer:   BrowserJavaVersion: 10.45.2
Run by The at 18:10:42 on 2014-01-14
Microsoft Windows 8 Pro  6.2.9200.0.1252.1.1033.18.6135.5277 [GMT 0:00]
.
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Microsoft Web Test Recorder 12.0 Helper: {432dd630-7e03-4c97-9d62-b99f52df4fc2} - H:\VS2013Final\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\JDK\Install\bin\ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - H:\VS2012U\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\JDK\Install\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
EB: Web Test Recorder 10.0: {3142c289-f319-47f5-a594-a827028714c9} - 
EB: Web Test Recorder 12.0: {46857999-9b7c-4895-9d22-81a4a2478868} - 
uRun: [spotify] "C:\Users\The\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [spotify Web Helper] "C:\Users\The\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [iTunesHelper] "D:\Piece of stuff ios7 itunes\iTunesHelper.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\The\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to &Teleport - D:\Teleport Pro\teleport.htm
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - D:\ELITE_~1\Office15\EXCEL.EXE/3000
IE: En&queue current page with BID - D:\Bulk Image Downloader\iemenu\iebidqueue.htm
IE: Enqueue link tar&get with BID - D:\Bulk Image Downloader\iemenu\iebidlinkqueue.htm
IE: Open &link target with BID - D:\Bulk Image Downloader\iemenu\iebidlink.htm
IE: Open current page with BI&D - D:\Bulk Image Downloader\iemenu\iebid.htm
IE: Open current page with BID Link Explorer - D:\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
LSP: %windir%\system32\vsocklib.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{FE9B62B4-D8C1-4A11-A181-2563F0D72AF5} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Crackalaka Office\Office15\OCHelper.dll
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Crackalaka Office\Office15\URLREDIR.DLL
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [Cmaudio8788] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
x64-Run: [Cmaudio8788GX] C:\Windows\syswow64\HsMgr.exe Envoke
x64-Run: [Cmaudio8788GX64] C:\Windows\system\HsMgr64.exe Envoke
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Crackalaka Office\Office15\OCHelper.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Crackalaka Office\Office15\MSOSB.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 vsock;vSockets Driver;C:\Windows\System32\Drivers\vsock.sys [2013-4-5 70296]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\Drivers\dtsoftbus01.sys [2013-11-2 283064]
S0 klelam;klelam;C:\Windows\System32\Drivers\klelam.sys [2012-7-27 29792]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\Drivers\klim6.sys [2013-10-11 30304]
S1 klpd;klpd;C:\Windows\System32\Drivers\klpd.sys [2013-4-12 15456]
S1 klwfp;klwfp;C:\Windows\System32\Drivers\klwfp.sys [2013-5-7 64608]
S1 kneps;kneps;C:\Windows\System32\Drivers\kneps.sys [2013-6-6 178272]
S2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [2013-10-11 214512]
S2 DAZContentManagementService;DAZ Content Management Service;D:\DAZ\Shit1\ContentManagementServer.exe [2014-1-6 22528]
S2 mi-raysat_3dsmax2012_32;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 32-bit - English 32-bit;D:\FinalMax32Bit12\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe [2011-2-23 86016]
S2 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit;D:\SanctuaryMax2013\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [2011-9-15 86016]
S2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max 2014 64-bit;D:\2014 MAX\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [2011-9-15 86016]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
S3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\Drivers\anvsnddrv.sys [2013-1-30 33872]
S3 cmudaxp;ASUS Xonar Essence ST Audio Interface;C:\Windows\System32\Drivers\cmudaxp.sys [2013-10-19 2734080]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-14 1471352]
S3 KinectCamera;Microsoft Kinect Camera Driver;C:\Windows\System32\Drivers\kinectcamera.sys [2011-7-11 42496]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\Drivers\klkbdflt.sys [2013-10-11 29280]
S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\Drivers\klmouflt.sys [2013-10-11 29280]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 RogerWoW;RogerWoW;"H:/MySQLForWoW/MySQL Server 5.6/bin\mysqld" --defaults-file="H:\MySQLForWoW\Databix\my.ini" RogerWoW --> H:/MySQLForWoW/MySQL Server 5.6/bin\mysqld [?]
S3 SaiK0CCB;SaiK0CCB;C:\Windows\System32\Drivers\SaiK0CCB.sys [2010-4-22 171016]
S3 SaiU0CCB;SaiU0CCB;C:\Windows\System32\Drivers\SaiU0CCB.sys [2010-4-22 41096]
S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2013-8-22 119808]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 VsEtwService120;Visual Studio ETW Event Collection Service;C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2013-10-4 87728]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\Windows\System32\Drivers\xusb22.sys [2012-7-26 89088]
S3 yukonw8;NDIS6.3 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\Drivers\yk63x64.sys [2012-10-2 295792]
S4 klflt;klflt;C:\Windows\System32\Drivers\klflt.sys [2013-12-24 112224]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
FileExt: .chm: Applications\abcchmvw.exe - HKCR\*\Shell="C:\Program Files (x86)\IrfanView\i_view32.exe" "%1" [userChoice] [default=Open with &IrfanView - 'Open' doesn't exist]
FileExt: .js: Applications\node.exe="C:\Program Files\nodejs\node.exe" "%1" [userChoice]
ShellExec: Aplayer.exe: open="D:\AP295\AP2Loader.exe" "%1"
.
=============== Created Last 30 ================
.
2014-01-14 18:10:11 64608 ----a-w- C:\Windows\System32\drivers\klwfp.sys.bak
2014-01-14 18:10:11 623712 ----a-w- C:\Windows\System32\drivers\klif.sys.bak
2014-01-14 18:10:11 458336 ----a-w- C:\Windows\System32\drivers\kl1.sys.bak
2014-01-14 18:10:11 30304 ----a-w- C:\Windows\System32\drivers\klim6.sys.bak
2014-01-14 18:10:11 29792 ----a-w- C:\Windows\System32\drivers\klelam.sys.bak
2014-01-14 18:10:11 29280 ----a-w- C:\Windows\System32\drivers\klmouflt.sys.bak
2014-01-14 18:10:11 29280 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys.bak
2014-01-14 18:10:11 178272 ----a-w- C:\Windows\System32\drivers\kneps.sys.bak
2014-01-14 18:10:11 15456 ----a-w- C:\Windows\System32\drivers\klpd.sys.bak
2014-01-14 18:10:11 112224 ----a-w- C:\Windows\System32\drivers\klflt.sys.bak
2014-01-14 18:01:51 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-01-14 18:01:51 6671648 ----a-w- C:\Windows\System32\nvcpl.dll
2014-01-14 18:01:51 63776 ----a-w- C:\Windows\System32\nvshext.dll
2014-01-14 18:01:51 386336 ----a-w- C:\Windows\System32\nvmctray.dll
2014-01-14 18:01:51 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-01-14 18:01:51 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-01-14 17:50:06 -------- d-----w- C:\Windows\LastGood.Tmp
2014-01-14 17:44:50 43008 ----a-w- C:\Windows\System32\drivers\usbscan.sys.bak
2014-01-14 17:23:18 -------- d-s---w- C:\$RECYCLE.BIN
2014-01-14 17:01:03 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2014-01-14 17:01:03 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-01-14 16:57:37 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2014-01-11 15:00:44 -------- d-----w- C:\ProgramData\boost_interprocess
2014-01-10 20:15:30 -------- d-----w- C:\Users\The\.ssh
2014-01-08 18:13:57 -------- d-----w- C:\Program Files\VueScan
2014-01-07 22:28:48 -------- d-----w- C:\Users\The\AppData\Roaming\SimulationCraft
2014-01-06 21:14:02 -------- d-----w- C:\Program Files (x86)\Common Files\DAZ
2014-01-06 16:03:54 -------- d-----w- C:\Users\The\AppData\Roaming\DAZ 3D
2014-01-06 16:00:09 -------- d-----w- C:\ProgramData\DAZ 3D
2014-01-04 10:42:37 -------- d-----w- C:\Users\The\AppData\Local\Nem's Tools
2014-01-04 10:24:42 -------- d-----w- C:\Users\The\AppData\Roaming\Outlast
2014-01-03 09:59:40 78304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-03 09:59:40 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-03 09:48:13 23350272 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-01-03 09:48:13 22615040 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-01-03 09:48:02 96600 ----a-w- C:\Windows\System32\drivers\wfplwfs.sys
2014-01-03 09:48:02 723968 ----a-w- C:\Windows\System32\BFE.DLL
2014-01-03 09:48:02 1160192 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-01-03 09:48:01 576512 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-01-02 10:27:57 -------- d-----w- C:\Windows\Downloaded Installations
2014-01-01 14:18:27 -------- d-----w- C:\Program Files\Application Verifier
2014-01-01 14:18:27 -------- d-----w- C:\Program Files (x86)\Application Verifier
2014-01-01 14:18:26 -------- d-----w- C:\ProgramData\Windows App Certification Kit
2014-01-01 14:17:42 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-01-01 14:17:30 -------- d-----w- C:\ProgramData\NuGet
2014-01-01 14:14:24 -------- d-----w- C:\Program Files\Microsoft Visual Studio 12.0
2014-01-01 14:13:44 30312 ----a-w- C:\Windows\System32\aspnet_counters.dll
2014-01-01 14:13:44 28776 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
2014-01-01 09:42:54 -------- d-----w- C:\ProgramData\Reprise
2014-01-01 09:02:14 -------- d-----w- C:\Users\The\AppData\Roaming\BID
2013-12-29 00:49:34 -------- d-----w- C:\Program Files\TortoiseSVN
2013-12-29 00:49:34 -------- d-----w- C:\Program Files\Common Files\TortoiseOverlays
2013-12-29 00:49:34 -------- d-----w- C:\Program Files (x86)\Common Files\TortoiseOverlays
2013-12-24 23:38:30 151552 ----a-w- C:\Windows\SysWow64\nvRegDev.dll
2013-12-24 23:38:13 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2013-12-24 23:38:13 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2013-12-24 23:38:13 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2013-12-24 23:38:13 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2013-12-24 23:38:13 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2013-12-24 23:38:13 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2013-12-24 23:38:13 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2013-12-24 23:38:13 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2013-12-24 16:35:29 -------- d-----r- C:\Program Files (x86)\Skype
2013-12-24 16:27:57 110176 ----a-w- C:\Windows\System32\klfphc.dll
2013-12-24 16:27:46 -------- d-----w- C:\ProgramData\Kaspersky Lab
2013-12-24 16:27:46 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2013-12-24 16:27:39 112224 ----a-w- C:\Windows\System32\drivers\klflt.sys
2013-12-24 16:18:54 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-12-24 16:11:59 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2013-12-24 15:49:38 1455448 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-12-24 15:48:46 1300992 ----a-w- C:\Windows\System32\gdi32.dll
2013-12-24 15:47:43 419328 ----a-w- C:\Windows\System32\schannel.dll
2013-12-24 15:46:58 2062848 ----a-w- C:\Windows\System32\d3d11.dll
2013-12-24 14:35:55 -------- d-----w- C:\Program Files (x86)\ESET
2013-12-24 14:32:07 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-24 02:32:50 -------- d-----w- C:\Windows\ERUNT
2013-12-24 02:06:18 -------- d-----w- C:\Program Files (x86)\StartIsBack
2013-12-22 17:14:38 -------- d-----w- C:\Users\The\AppData\Local\PVD2
2013-12-21 22:13:52 -------- d-----w- C:\Users\The\AppData\Roaming\Wireshark
2013-12-21 01:31:28 -------- d-----w- C:\Users\The\AppData\Local\Adobe
2013-12-19 19:48:22 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
.
==================== Find3M  ====================
.
2014-01-12 14:52:57 2240 ----a-w- C:\Windows\SysWow64\drivers\mchInjDrv.sys
2014-01-03 09:50:42 62976 ----a-w- C:\Windows\System32\imagehlp.dll
2014-01-03 09:50:42 59392 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2014-01-03 09:50:38 652288 ----a-w- C:\Windows\System32\comctl32.dll
2014-01-03 09:50:38 541696 ----a-w- C:\Windows\SysWow64\comctl32.dll
2014-01-03 09:49:31 420864 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-01-03 09:49:31 368640 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-01-03 09:48:46 893952 ----a-w- C:\Windows\SysWow64\msctf.dll
2014-01-03 09:48:46 448512 ----a-w- C:\Windows\System32\SettingSync.dll
2014-01-03 09:48:46 366592 ----a-w- C:\Windows\SysWow64\appmgr.dll
2014-01-03 09:48:46 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll
2014-01-03 09:48:46 225280 ----a-w- C:\Windows\System32\mbsmsapi.dll
2014-01-03 09:48:46 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll
2014-01-03 09:48:46 1125888 ----a-w- C:\Windows\System32\msctf.dll
2014-01-03 09:48:45 459776 ----a-w- C:\Windows\System32\appmgr.dll
2014-01-03 09:48:45 2233688 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-01-03 09:48:45 158208 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll
2013-12-24 19:36:52 458336 ----a-w- C:\Windows\System32\drivers\kl1.sys
2013-12-24 19:36:52 29792 ----a-w- C:\Windows\System32\drivers\klelam.sys
2013-12-24 19:36:52 178272 ----a-w- C:\Windows\System32\drivers\kneps.sys
2013-12-24 15:54:56 44544 ----a-w- C:\Windows\System32\tsgqec.dll
2013-12-24 15:54:56 37376 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-12-24 15:54:56 322560 ----a-w- C:\Windows\System32\aaclient.dll
2013-12-24 15:54:56 269312 ----a-w- C:\Windows\SysWow64\aaclient.dll
2013-12-12 21:23:21 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-06 23:18:57 4036608 ----a-w- C:\Windows\System32\win32k.sys
2013-11-02 05:49:39 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2013-11-01 05:38:21 312320 ----a-w- C:\Windows\System32\msieftp.dll
2013-11-01 03:58:59 381440 ----a-w- C:\Windows\System32\drivers\sptd.sys
2013-11-01 03:49:24 273408 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-31 05:56:24 915968 ----a-w- C:\Windows\System32\MPSSVC.dll
2013-10-31 05:56:02 758784 ----a-w- C:\Windows\System32\FirewallAPI.dll
2013-10-31 04:01:46 550400 ----a-w- C:\Windows\SysWow64\FirewallAPI.dll
2013-10-31 03:42:19 74752 ----a-w- C:\Windows\System32\drivers\mpsdrv.sys
2013-10-29 20:08:14 2774 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys
2013-10-28 05:50:42 588288 ----a-w- C:\Windows\System32\SHCore.dll
2013-10-28 04:05:52 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
2013-10-25 06:19:22 2241536 ----a-w- C:\Windows\System32\wininet.dll
2013-10-25 06:17:57 3959808 ----a-w- C:\Windows\System32\jscript9.dll
2013-10-25 04:45:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-10-25 04:43:42 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-10-19 00:03:46 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2013-10-19 00:03:46 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-10-19 00:03:46 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2013-10-19 00:03:46 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
.
============= FINISH: 18:10:49.96 ===============
 

attach.txt

Link to post
Share on other sites

  • Root Admin

Please run the following if you're still on Windows 8 - if you've updated to Windows 8.1 then it won't run and we'll need to use some other tools.

 

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


 

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.