Jump to content

svchost.exe - Suspiciously high CPU usage


Setera

Recommended Posts

Hi nice people of the forum!

 

For two days now my PC keeps getting slower and slower. It seems that the Process "Service Host: Local System (Network Restricted)" created by svchost.exe uses about 25% of my CPU capacity. Running MBAM and deleting 1 object it found (unfortunately I can't remember what is was) did not resolve the problem.

When I restart the PC performance is almost normal, but after about 30 - 40 minutes it becomes increasingly slow until it is almost unusable.

 

Any help you could provide would be greatly appreciated.

Thanks in advance!

 

Setera

 

_______________________________________

DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16384  BrowserJavaVersion: 10.25.2Run by Teresa at 17:08:09 on 2014-01-20Microsoft Windows 8.1 Pro  6.3.9600.0.1252.43.2057.18.32719.21337 [GMT 1:00].AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\WINDOWS\system32\svchost.exe -k DcomLaunchC:\WINDOWS\system32\svchost.exe -k RPCSSC:\WINDOWS\system32\nvvsvc.exeC:\WINDOWS\system32\dwm.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\WINDOWS\system32\nvvsvc.exeC:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\WINDOWS\system32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\System32\spoolsv.exeC:\Program Files (x86)\Avira\AntiVir Desktop\sched.exeC:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeC:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exeC:\WINDOWS\system32\taskhostex.exeC:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exeC:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exeC:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exeC:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exeC:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exeC:\Program Files (x86)\ASUS\AsusFanControlService\1.01.17\AsusFanControlService.exeC:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exeC:\WINDOWS\system32\dashost.exeC:\Windows\system32\HPSIsvc.exeC:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Windows\system32\IProsetMonitor.exeC:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exeC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exeC:\WINDOWS\SysWOW64\PnkBstrA.exeC:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exeC:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exeC:\WINDOWS\Explorer.EXEC:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exeC:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exeC:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exeC:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exeC:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exeC:\WINDOWS\system32\SearchIndexer.exeC:\Windows\System32\SettingSyncHost.exeC:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exeC:\Program Files\Logitech Gaming Software\LCore.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exeC:\Program Files (x86)\Google\Drive\googledrivesync.exeC:\Program Files (x86)\Google\Drive\googledrivesync.exeC:\Users\Teresa\AppData\Roaming\Copy\CopyAgent.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exeC:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exeC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\Program Files (x86)\LastPass\lastapp_x64.exeC:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exeC:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exeC:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\SABnzbd\SABnzbd.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Battle.net\Battle.net.4124\Battle.net.exeC:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\WINDOWS\system32\taskmgr.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\WINDOWS\notepad.exeC:\WINDOWS\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exeBHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLLBHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dlluRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostartuRun: [Spotify Web Helper] "C:\Users\Teresa\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorunuRun: [Copy] "C:\Users\Teresa\AppData\Roaming\Copy\CopyAgent.exe"uRun: [SkyDrive] "C:\Users\Teresa\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /backgroundmRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /minmRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOWmRun: [LastApp] C:\Program Files (x86)\LastPass\lastapp_x64.exemRun: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"StartupFolder: C:\Users\Teresa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\Users\Teresa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exeStartupFolder: C:\Users\Teresa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SABNZB~1.LNK - C:\Program Files (x86)\SABnzbd\SABnzbd.exeStartupFolder: C:\Users\Teresa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SABnzbd.lnk - C:\Program Files (x86)\SABnzbd\SABnzbd.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exemPolicies-System: EnableLUA = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000IE: LastPass - C:\Users\Teresa\AppData\LocalLow\LastPass\context.html?cmd=lastpassIE: LastPass Fill Forms - C:\Users\Teresa\AppData\LocalLow\LastPass\context.html?cmd=fillformsIE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001025-0002-0025-ABCDEFFEDCBC} - <orphaned>IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dllIE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dllTCP: NameServer = 10.0.0.138TCP: Interfaces\{53E2D2E9-A8C5-492B-976C-E1DC7821D4A5} : DHCPNameServer = 10.0.0.138TCP: Interfaces\{B5CB3986-BB9F-4C50-882C-7EBD23B48D0E} : DHCPNameServer = 192.168.0.14 192.168.0.11Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLHandler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLLHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLLx64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLLx64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dllx64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -sx64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimizedx64-Run: [LastApp] C:\Program Files (x86)\LastPass\lastapp_x64.exex64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStartx64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"x64-mPolicies-System: EnableLUA = dword:0x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0x64-mPolicies-System: PromptOnSecureDesktop = dword:0x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dllx64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLx64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstallx64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\mgbj9eza.default-1380666389841\FF - prefs.js: network.proxy.ftp - 192.168.0.11FF - prefs.js: network.proxy.ftp_port - 80FF - prefs.js: network.proxy.http - 192.168.0.11FF - prefs.js: network.proxy.http_port - 80FF - prefs.js: network.proxy.socks - 192.168.0.11FF - prefs.js: network.proxy.socks_port - 80FF - prefs.js: network.proxy.ssl - 192.168.0.11FF - prefs.js: network.proxy.ssl_port - 80FF - prefs.js: network.proxy.type - 4FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dllFF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dllFF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dllFF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dllFF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dllFF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLLFF - plugin: C:\Users\Teresa\AppData\Roaming\raidcall\plugins\nprcplugin.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dllFF - plugin: C:\Windows\SysWOW64\npDeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dll.============= SERVICES / DRIVERS ===============.R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-2-12 645952]R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2013-12-15 39768]R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2013-8-22 76800]R1 avkmgr;avkmgr;C:\WINDOWS\System32\drivers\avkmgr.sys [2013-3-30 28600]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013-3-6 283200]R1 ndisrd;WinpkFilter LightWeight Filter;C:\WINDOWS\System32\drivers\ndisrd.sys [2013-2-12 32400]R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-2-12 440376]R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-2-12 440376]R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2013-2-12 920736]R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2013-2-12 951936]R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2013-2-12 149120]R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.17\AsusFanControlService.exe [2013-2-12 381824]R2 avgntflt;avgntflt;C:\WINDOWS\System32\drivers\avgntflt.sys [2013-3-30 108440]R2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-6-24 136704]R2 HPSIService;HP SI Service;C:\WINDOWS\System32\HPSIsvc.exe [2013-9-2 126880]R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-2-12 7168]R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\WINDOWS\System32\IPROSetMonitor.exe [2012-7-31 170824]R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-2-12 166720]R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-20 1494304]R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-20 15129376]R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-5-9 1907896]R2 RzOvlMon;Razer Overlay Subsystem Emergency Service;C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe [2013-10-25 32960]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-2-12 365376]R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-2-12 160768]R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\WINDOWS\System32\drivers\ICCWDT.sys [2012-5-17 26136]R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\WINDOWS\System32\drivers\LGBusEnum.sys [2009-11-24 22408]R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [2013-5-30 64280]R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\WINDOWS\System32\drivers\LGVirHid.sys [2009-11-24 16008]R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2014-1-20 39200]R3 RzDxgk;RzDxgk;C:\WINDOWS\System32\drivers\RzDxgk.sys [2013-11-5 129472]R3 rzendpt;rzendpt;C:\WINDOWS\System32\drivers\rzendpt.sys [2013-11-15 39080]R3 RzFilter;RzFilter;C:\WINDOWS\System32\drivers\RzFilter.sys [2013-11-5 74432]R3 rzudd;Razer Mouse Driver;C:\WINDOWS\System32\drivers\rzudd.sys [2013-11-15 149160]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2013-8-22 782176]S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2013-8-22 37768]S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2013-8-22 37768]S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-8-22 17624]S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-8-22 24568]S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-8-22 99320]S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-8-22 651248]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2013-11-14 111616]S3 kbldfltr;kbldfltr;C:\WINDOWS\System32\drivers\kbldfltr.sys [2013-9-30 22272]S3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\WINDOWS\System32\drivers\ladfGSCamd64.sys [2013-4-15 410008]S3 LADF_RenderOnly;LADF Render Filter Driver;C:\WINDOWS\System32\drivers\ladfGSRamd64.sys [2013-4-15 102808]S3 lfsvc;Windows Location Framework Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;C:\WINDOWS\System32\drivers\LGSUsbFilt.sys [2013-5-30 41752]S3 LSI_SAS3;LSI_SAS3;C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-8-22 81760]S3 LVRS64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\drivers\lvrs64.sys [2012-10-26 351520]S3 LVUVC64;@oem2.inf,%PID_0825_DD%(UVC);Logitech HD Webcam C270(UVC);C:\WINDOWS\System32\drivers\lvuvc64.sys [2012-10-26 4758176]S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\WINDOWS\System32\drivers\MijXfilt.sys [2014-1-3 121416]S3 mvusbews;USB EWS Device;C:\WINDOWS\System32\drivers\mvusbews.sys [2012-12-24 20480]S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc63.sys [2013-8-22 87040]S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2013-8-22 924512]S3 RTCore64;RTCore64;C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [2012-10-17 15176]S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2013-12-15 146776]S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2013-8-22 37768]S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2013-2-6 203544]S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2013-11-15 57176]S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2013-8-22 26976]S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\drivers\vmbusr.sys [2013-9-30 129536]S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2013-8-22 124256]S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2013-8-22 346872]S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768]S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2013-8-22 37768]S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2013-8-22 230912]S4 MsKeyboardFilter;Microsoft Keyboard Filter;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]S4 RsFx0200;RsFx0200 Driver;C:\WINDOWS\System32\drivers\RsFx0200.sys [2012-2-11 334936]S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2012-2-11 597080].=============== File Associations ===============.FileExt: .txt: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [UserChoice]FileExt: .js: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [UserChoice].=============== Created Last 30 ================.2014-01-20 14:52:07	39200	----a-w-	C:\WINDOWS\System32\drivers\nvvad64v.sys2014-01-20 14:52:07	32544	----a-w-	C:\WINDOWS\SysWow64\nvaudcap32v.dll2014-01-20 14:51:44	--------	d-----w-	C:\Users\Teresa\AppData\Local\NVIDIA2014-01-20 14:51:01	982232	----a-w-	C:\WINDOWS\SysWow64\nvspcap.dll2014-01-20 14:51:01	1100248	----a-w-	C:\WINDOWS\System32\nvspcap64.dll2014-01-20 14:46:25	922912	----a-w-	C:\WINDOWS\System32\nvvsvc.exe2014-01-20 14:46:25	6674208	----a-w-	C:\WINDOWS\System32\nvcpl.dll2014-01-20 14:46:25	63776	----a-w-	C:\WINDOWS\System32\nvshext.dll2014-01-20 14:46:25	3490080	----a-w-	C:\WINDOWS\System32\nvsvc64.dll2014-01-20 14:46:25	3467927	----a-w-	C:\WINDOWS\System32\nvcoproc.bin2014-01-20 14:46:25	2559776	----a-w-	C:\WINDOWS\System32\nvsvcr.dll2014-01-20 14:46:25	219424	----a-w-	C:\WINDOWS\System32\nvmctray.dll2014-01-20 12:18:38	10315576	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38EB9579-B8AD-4563-B5C7-91E025F4749B}\mpengine.dll2014-01-20 12:16:39	270496	------w-	C:\WINDOWS\System32\MpSigStub.exe2014-01-20 12:06:11	119808	----a-r-	C:\Users\Teresa\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe2014-01-20 11:45:33	25928	----a-w-	C:\WINDOWS\System32\drivers\mbam.sys2014-01-20 11:45:33	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-01-19 21:58:57	--------	d-----w-	C:\WINDOWS\LastGood.Tmp2014-01-18 11:34:24	--------	d-----w-	C:\WINDOWS\SysWow64\directx2014-01-18 11:01:48	--------	d-----w-	C:\Users\Teresa\AppData\Local\Morrowind2014-01-17 11:06:35	3069608	----a-w-	C:\WINDOWS\System32\nvapi64.dll2014-01-17 11:06:35	1884448	----a-w-	C:\WINDOWS\System32\nvdispco6433221.dll2014-01-17 11:06:35	18293608	----a-w-	C:\WINDOWS\System32\nvwgf2umx.dll2014-01-17 11:06:35	15218504	----a-w-	C:\WINDOWS\SysWow64\nvd3dum.dll2014-01-17 11:06:35	1511712	----a-w-	C:\WINDOWS\System32\nvdispgenco6433221.dll2014-01-17 11:06:35	1436528	----a-w-	C:\WINDOWS\System32\nvumdshimx.dll2014-01-10 23:02:53	--------	d-----w-	C:\Users\Teresa\AppData\Roaming\Awesomium2014-01-10 12:40:35	--------	d-----w-	C:\Program Files\TAP-Windows2014-01-10 12:40:35	--------	d-----w-	C:\Program Files (x86)\OpenVPN2014-01-08 08:36:40	--------	d-----w-	C:\ProgramData\Elder Scrolls Online2014-01-07 22:59:34	--------	d-----w-	C:\Program Files (x86)\Zenimax Online2014-01-03 21:16:15	--------	d-----w-	C:\Users\Teresa\AppData\Roaming\Battle.net2014-01-03 21:16:15	--------	d-----w-	C:\Users\Teresa\AppData\Local\Battle.net2014-01-03 21:16:12	--------	d-----w-	C:\Program Files (x86)\Battle.net2014-01-03 16:12:46	--------	d-----w-	C:\WINDOWS\46ED2B6485C74E1F920CA555B21F2E4C.TMP2014-01-03 15:07:16	74960	----a-w-	C:\WINDOWS\System32\drivers\xusb21.sys2014-01-03 15:07:16	328712	----a-w-	C:\WINDOWS\System32\MijFrc.dll2014-01-03 15:07:16	121416	----a-w-	C:\WINDOWS\System32\drivers\MijXfilt.sys2014-01-03 15:07:16	--------	d-----w-	C:\Users\Teresa\AppData\Roaming\MotioninJoy2014-01-03 15:07:16	--------	d-----w-	C:\Program Files\MotioninJoy2013-12-28 11:01:02	--------	d-----w-	C:\Users\Teresa\AppData\Local\2DBoy2013-12-28 11:01:02	--------	d-----w-	C:\ProgramData\2DBoy2013-12-25 21:59:12	466456	----a-w-	C:\WINDOWS\System32\wrap_oal.dll2013-12-25 21:59:12	444952	----a-w-	C:\WINDOWS\SysWow64\wrap_oal.dll2013-12-25 21:59:12	122904	----a-w-	C:\WINDOWS\System32\OpenAL32.dll2013-12-25 21:59:12	109080	----a-w-	C:\WINDOWS\SysWow64\OpenAL32.dll2013-12-25 21:59:12	--------	d-----w-	C:\Program Files (x86)\OpenAL.==================== Find3M  ====================.2014-01-06 22:31:05	693240	----a-w-	C:\WINDOWS\SysWow64\FlashPlayerApp.exe2014-01-06 22:31:05	105464	----a-w-	C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl2013-12-18 07:40:48	84720	----a-w-	C:\WINDOWS\System32\drivers\avnetflt.sys2013-12-18 07:40:48	108440	----a-w-	C:\WINDOWS\System32\drivers\avgntflt.sys2013-12-10 20:40:37	281688	----a-w-	C:\WINDOWS\SysWow64\PnkBstrB.xtr2013-12-10 20:40:37	281688	----a-w-	C:\WINDOWS\SysWow64\PnkBstrB.exe2013-12-10 20:25:51	281688	----a-w-	C:\WINDOWS\SysWow64\PnkBstrB.ex02013-12-07 18:52:39	76888	----a-w-	C:\WINDOWS\SysWow64\PnkBstrA.exe2013-12-05 08:42:26	35104	----a-w-	C:\WINDOWS\System32\nvaudcap64v.dll2013-11-26 08:35:02	5769216	----a-w-	C:\WINDOWS\System32\jscript9.dll2013-11-26 08:16:12	4243968	----a-w-	C:\WINDOWS\SysWow64\jscript9.dll2013-11-26 08:02:16	1995264	----a-w-	C:\WINDOWS\System32\inetcpl.cpl2013-11-26 07:32:06	1928192	----a-w-	C:\WINDOWS\SysWow64\inetcpl.cpl2013-11-26 07:07:57	2334208	----a-w-	C:\WINDOWS\System32\wininet.dll2013-11-26 06:33:33	1820160	----a-w-	C:\WINDOWS\SysWow64\wininet.dll2013-11-15 06:37:16	39080	----a-w-	C:\WINDOWS\System32\drivers\rzendpt.sys2013-11-15 06:37:14	149160	----a-w-	C:\WINDOWS\System32\drivers\rzudd.sys2013-11-15 06:32:00	57344	----a-w-	C:\WINDOWS\SysWow64\rzdevinfo.dll2013-11-15 06:32:00	154112	----a-w-	C:\WINDOWS\SysWow64\rztouchdll.dll2013-11-15 06:31:58	834560	----a-w-	C:\WINDOWS\SysWow64\rzdevicedll.dll2013-11-15 06:31:56	296448	----a-w-	C:\WINDOWS\SysWow64\rzaudiodll.dll2013-11-15 06:31:56	117248	----a-w-	C:\WINDOWS\SysWow64\rzdisplaydll.dll2013-11-11 23:41:31	189952	----a-w-	C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll2013-11-11 23:40:06	249856	----a-w-	C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll2013-11-11 23:27:10	701440	----a-w-	C:\WINDOWS\SysWow64\WSShared.dll2013-11-11 23:24:12	840704	----a-w-	C:\WINDOWS\System32\WSShared.dll2013-11-11 07:59:28	590112	----a-w-	C:\WINDOWS\SysWow64\nvStreaming.exe2013-11-11 02:48:41	39768	-c--a-w-	C:\WINDOWS\System32\drivers\intelpep.sys2013-11-10 17:04:29	18960	----a-w-	C:\WINDOWS\System32\drivers\LNonPnP.sys2013-11-09 11:55:11	325464	-c--a-w-	C:\WINDOWS\System32\drivers\USBXHCI.SYS2013-11-09 06:55:17	303104	----a-w-	C:\WINDOWS\apppatch\apppatch64\AcGenral.dll2013-11-09 06:37:45	1756160	----a-w-	C:\WINDOWS\System32\WMPDMC.exe2013-11-09 06:13:07	442880	----a-w-	C:\WINDOWS\apppatch\AcSpecfc.dll2013-11-09 06:05:53	2415104	----a-w-	C:\WINDOWS\apppatch\AcGenral.dll2013-11-09 05:56:15	1391104	----a-w-	C:\WINDOWS\SysWow64\WMPDMC.exe2013-11-08 10:26:23	358896	----a-w-	C:\WINDOWS\System32\dcomp.dll2013-11-08 07:21:59	4191744	----a-w-	C:\WINDOWS\System32\win32k.sys2013-11-08 05:23:30	449024	----a-w-	C:\WINDOWS\System32\appmgr.dll2013-11-08 04:43:45	254464	----a-w-	C:\WINDOWS\System32\AppXDeploymentClient.dll2013-11-08 04:42:52	366080	----a-w-	C:\WINDOWS\SysWow64\appmgr.dll2013-11-08 04:28:40	13177344	----a-w-	C:\WINDOWS\System32\twinui.dll2013-11-08 04:26:19	11674624	----a-w-	C:\WINDOWS\SysWow64\twinui.dll2013-11-08 04:16:46	225792	----a-w-	C:\WINDOWS\SysWow64\dcomp.dll2013-11-08 04:15:35	198656	----a-w-	C:\WINDOWS\SysWow64\AppXDeploymentClient.dll2013-11-08 04:07:34	115712	----a-w-	C:\WINDOWS\System32\winbici.dll2013-11-08 03:41:17	1302528	----a-w-	C:\WINDOWS\System32\AppXDeploymentServer.dll2013-11-08 03:36:22	4105216	----a-w-	C:\WINDOWS\System32\SyncEngine.dll2013-11-08 03:14:58	922624	----a-w-	C:\WINDOWS\System32\AppXDeploymentExtensions.dll2013-11-05 16:20:05	13925888	----a-w-	C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll2013-11-05 16:11:46	18577408	----a-w-	C:\WINDOWS\System32\Windows.UI.Xaml.dll2013-11-05 14:19:16	566784	----a-w-	C:\WINDOWS\System32\wpncore.dll2013-11-05 14:03:43	637952	----a-w-	C:\WINDOWS\System32\SettingSyncHost.exe2013-11-05 13:57:39	479744	----a-w-	C:\WINDOWS\SysWow64\SettingSyncHost.exe2013-11-05 13:33:44	584192	----a-w-	C:\WINDOWS\SysWow64\SettingSyncCore.dll2013-11-05 13:32:04	744448	----a-w-	C:\WINDOWS\System32\SettingSyncCore.dll2013-11-05 13:17:47	565248	----a-w-	C:\WINDOWS\System32\SkyDrive.exe2013-11-04 17:13:19	382808	----a-w-	C:\WINDOWS\System32\drivers\dxgmms1.sys2013-11-04 17:13:19	1530200	----a-w-	C:\WINDOWS\System32\drivers\dxgkrnl.sys2013-11-04 13:07:05	1843712	----a-w-	C:\WINDOWS\System32\Display.dll2013-11-04 11:50:18	2143744	----a-w-	C:\WINDOWS\System32\dwmcore.dll2013-11-04 10:32:53	2570240	----a-w-	C:\WINDOWS\System32\SettingsHandlers.dll2013-11-04 02:28:40	1816576	----a-w-	C:\WINDOWS\SysWow64\Display.dll2013-11-04 01:30:33	1765376	----a-w-	C:\WINDOWS\SysWow64\dwmcore.dll2013-11-01 11:39:53	86872	----a-w-	C:\WINDOWS\System32\drivers\pdc.sys2013-11-01 06:08:59	747008	----a-w-	C:\WINDOWS\System32\wlidcli.dll2013-11-01 05:57:11	544768	----a-w-	C:\WINDOWS\SysWow64\wlidcli.dll2013-10-31 00:58:59	372568	-c--a-w-	C:\WINDOWS\System32\drivers\spaceport.sys2013-10-31 00:42:16	7399256	----a-w-	C:\WINDOWS\System32\ntoskrnl.exe2013-10-31 00:33:52	1642016	----a-w-	C:\WINDOWS\System32\winload.efi2013-10-31 00:33:52	1506680	----a-w-	C:\WINDOWS\System32\winload.exe2013-10-31 00:33:52	1476184	----a-w-	C:\WINDOWS\System32\winresume.efi2013-10-31 00:33:52	1345536	----a-w-	C:\WINDOWS\System32\winresume.exe2013-10-26 01:54:32	146776	----a-w-	C:\WINDOWS\System32\drivers\SerCx2.sys2013-10-25 06:57:01	74432	----a-w-	C:\WINDOWS\System32\drivers\RzFilter.sys2013-10-25 06:57:01	129472	----a-w-	C:\WINDOWS\System32\drivers\RzDxgk.sys2013-10-24 09:31:11	30208	----a-w-	C:\WINDOWS\System32\CredentialMigrationHandler.dll2013-10-24 09:12:58	27136	----a-w-	C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll2013-10-23 11:29:02	44936	----a-w-	C:\WINDOWS\System32\wldp.dll2013-10-23 11:21:01	155480	-c--a-w-	C:\WINDOWS\System32\drivers\usbccgp.sys2013-10-23 11:13:34	171864	----a-w-	C:\WINDOWS\System32\kd_02_8086.dll2013-10-23 11:01:19	872840	----a-w-	C:\WINDOWS\System32\mfplat.dll2013-10-23 08:59:16	698232	----a-w-	C:\WINDOWS\SysWow64\mfplat.dll2013-07-03 17:01:11	14880256	----a-w-	C:\Program Files (x86)\Common Files\lpuninstall.exe.============= FINISH: 17:08:23,54 ===============

_______________________________________

Attach.txt:

.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 8.1 ProBoot Device: \Device\HarddiskVolume1Install Date: 17.10.2013 19:33:37System Uptime: 20.01.2014 15:55:22 (2 hours ago).Motherboard: ASUSTeK COMPUTER INC. |  | SABERTOOTH Z77Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz | LGA1155 | 3401/103mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 447 GiB total, 27,153 GiB free.D: is FIXED (NTFS) - 488 GiB total, 269,866 GiB free.E: is FIXED (NTFS) - 443 GiB total, 136,853 GiB free.F: is CDROM ()G: is CDROM (UDF).==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP21: 03.01.2014 17:12:25 - Installed DirectXRP22: 07.01.2014 23:59:49 - Installed DirectXRP23: 15.01.2014 11:03:18 - Windows UpdateRP24: 20.01.2014 13:06:03 - Installed Windows 7 USB/DVD Download Tool.==== Installed Programs ======================.7-Zip 9.20 (x64 edition)Adobe Flash Player 11 PluginAdobe Reader XI (11.0.06)AI Suite IIAlbum Art Downloader XUI 1.00Anno 2070Asmedia ASM104x USB 3.0 Host Controller DriverµTorrentAvira Free AntivirusAviSynth 2.5Baldur's Gate II: Enhanced EditionBattle.netBattlefield 3™Battlelog Web PluginsBorderlands 2Brütal LegendBulk Rename Utility 2.7.1.2BurnAware Free 6.4Colemak (Caps Lock unchanged)Company of Heroes 2CopyCounter-Strike: SourceCurse ClientDAEMON Tools LiteDeus Ex: Human RevolutionDia (remove only)Diablo IIDiablo IIIDishonoredDivX SetupDon't StarveDota 2Dota 2 TestDropboxESN SonarEVGA Precision X 3.0.4Fallout: New VegasFar Cry® 3Far Cry® 3 Blood DragonFileZilla Client 3.7.3FTL: Faster Than LightGeForce Experience NvStream Client ComponentsGIMP 2.8.2Git version 1.8.3-preview20130601Google ChromeGoogle DriveGoogle Update HelperGPL GhostscriptGSview 5.0Guild Wars 2HP ePrintHP LaserJet Professional P1100-P1560-P1600 SeriesHP Postscript ConverterHP Unified IOhppLaserJetServicehppP1100P1560P1600SeriesLaserJetServicehppusgP1100P1560P1600SeriesHPSSupplyImgBurnIntel(R) Management Engine ComponentsIntel(R) Network Connections 17.3.57.0Intel(R) Rapid Storage TechnologyIntel® Trusted Connect Service ClientIntel® Watchdog Timer Driver (Intel® WDT)Java 7 Update 25Java 7 Update 40 (64-bit)Java Auto UpdaterJava SE Development Kit 7 Update 40 (64-bit)LastPass for ApplicationsLastPass(uninstall only)Left 4 Dead 2Legend of GrimrockLogitech Gaming SoftwareLogitech Gaming Software 8.50MachinariumMagickaMalwarebytes Anti-Malware version 1.75.0.1300MarketResearchMass Effect™ 3MediaHuman Audio Converter version 1.8.9MediaMonkey 4.0Microsoft .NET Framework 4 Multi-Targeting PackMicrosoft Age of Empires IIMicrosoft Age of Empires II: The Conquerors ExpansionMicrosoft Application Error ReportingMicrosoft Help Viewer 1.1Microsoft Office 365 Home Premium - en-usMicrosoft Office 64-bit Components 2013Microsoft Office Korrekturhilfen 2013 - DeutschMicrosoft Office OSM MUI (English) 2013Microsoft Office Proofing (English) 2013Microsoft Office Proofing Tools 2013 - EnglishMicrosoft Office Proofing Tools 2013 - EspañolMicrosoft Office Shared 64-bit MUI (English) 2013Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013Microsoft Office Shared MUI (English) 2013Microsoft Office Shared Setup Metadata MUI (English) 2013Microsoft Project MUI (English) 2013Microsoft Project Professional 2013Microsoft Report Viewer 2012 RuntimeMicrosoft SkyDriveMicrosoft SQL Server 2008 R2 Management ObjectsMicrosoft SQL Server 2008 Setup Support Files Microsoft SQL Server 2012 (64-bit)Microsoft SQL Server 2012 Express LocalDB Microsoft SQL Server 2012 Native Client Microsoft SQL Server 2012 RsFx DriverMicrosoft SQL Server 2012 Setup (English)Microsoft SQL Server 2012 Transact-SQL Compiler Service Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft SQL Server System CLR TypesMicrosoft System CLR Types for SQL Server 2012 (x64)Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106Microsoft Visual Studio 2010 Shell (Isolated) - ENUMicrosoft VSS Writer for SQL Server 2012Microsoft XNA Framework Redistributable 3.1MiKTeX 2.9Monkey Island 2: Special EditionMotioninJoy ds3 driver version 0.6.0001Mozilla Firefox 18.0.2 (x86 en-GB)MusicBrainz PicardNeverwinterNewshostingNexus Mod ManagerNotepad++NVIDIA 3D Vision Controller Driver 331.82NVIDIA 3D Vision Driver 331.82NVIDIA Control Panel 331.82NVIDIA GeForce Experience 1.8.1NVIDIA Graphics Driver 331.82NVIDIA HD Audio Driver 1.3.26.4NVIDIA Install ApplicationNVIDIA LED Visualizer 1.0NVIDIA Network ServiceNVIDIA PhysXNVIDIA PhysX System Software 9.13.0725NVIDIA ShadowPlay 10.11.15NVIDIA Stereoscopic 3D DriverNVIDIA Update 10.11.15NVIDIA Update CoreNVIDIA Virtual Audio 1.2.19Office 15 Click-to-Run Extensibility ComponentOffice 15 Click-to-Run Licensing ComponentOffice 15 Click-to-Run Localization ComponentOpenALOpenVPN 2.3.2-I003 OriginOutils de vérification linguistique 2013 de Microsoft Office - FrançaisPDF Split And Merge BasicPlants vs. Zombies: Game of the YearPS3 Media ServerPunkBuster ServicesRaidCallRainmeterRazer CoreRazer Synapse 2.0Realtek High Definition Audio DriverSABnzbd 0.7.14Samsung_MonSetupSecure Download ManagerShadowrun ReturnsSHIELD StreamingSid Meier's Civilization IVSid Meier's Civilization IV: Beyond the SwordSid Meier's Civilization IV: ColonizationSid Meier's Civilization IV: WarlordsSins of a Solar Empire: TrinitySkype™ 6.11SpotifySQL Server 2012 Common FilesSQL Server 2012 Database Engine ServicesSQL Server 2012 Database Engine SharedSQL Server 2012 Management StudioSQL Server Browser for SQL Server 2012Sql Server Customer Experience Improvement ProgramStar Wars: The Old RepublicStarCraft IISteamTagScanner 5.1.635TAP-Windows 9.9.2Team Fortress 2TeamSpeak 3 ClientTexmakerThe Elder Scrolls III: MorrowindThe Elder Scrolls Online BetaThe Elder Scrolls V: SkyrimThe Secret of Monkey Island: Special EditionThe Witcher 2: Assassins of Kings Enhanced EditiontheRenamer 7.6Torchlight IITortoiseGit 1.8.5.0 (64 bit)Tukui ClientUplayVampire: The Masquerade - BloodlinesVC80CRTRedist - 8.0.50727.6195Visual Studio 2010 Prerequisites - EnglishVLC media player 2.0.8WinampWinamp Detector Plug-inWindows 7 USB/DVD Download ToolWorld of GooWorld of WarcraftXCOM: Enemy Unknown.==== Event Viewer Messages From Past Week ========.20.01.2014 17:08:30, Error: Microsoft-Windows-DistributedCOM [10016]  - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool..==== End Of File ===========================
Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin..

Link to post
Share on other sites

Hi Kevin!

 

Thanks for your reply!

 

I uninstalled uTorrent, forgot I still had it on the system.

 

The scan produced the follwing logs:

 

_______________________________________

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 04Ran by Teresa (administrator) on BARAD-DUR on 20-01-2014 18:06:55Running from D:\Data\DownloadWindows 8.1 Pro (X64) OS Language: English(UK)Internet Explorer Version 11Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.17\AsusFanControlService.exe(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe(HP) C:\Windows\System32\HPSIsvc.exe(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe() C:\Windows\SysWOW64\PnkBstrA.exe(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe(Barracuda Networks, Inc.) C:\Users\Teresa\AppData\Roaming\Copy\CopyAgent.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe(LastPass) C:\Program Files (x86)\LastPass\lastapp_x64.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe(Dropbox, Inc.) C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe() C:\Program Files (x86)\SABnzbd\SABnzbd.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Microsoft Corporation) C:\Windows\System32\perfmon.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)HKLM\...\Run: [LastApp] - C:\Program Files (x86)\LastPass\lastapp_x64.exe [34617912 2013-08-21] (LastPass)HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [] - [x]HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.)HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()HKLM-x32\...\Run: [LastApp] - C:\Program Files (x86)\LastPass\lastapp_x64.exe [34617912 2013-08-21] (LastPass)HKLM-x32\...\Run: [HPUsageTrackingLEDM] - C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)HKCU\...\Run: [Spotify Web Helper] - C:\Users\Teresa\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-06-15] (Spotify Ltd)HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)HKCU\...\Run: [Copy] - C:\Users\Teresa\AppData\Roaming\Copy\CopyAgent.exe [15501456 2014-01-07] (Barracuda Networks, Inc.)HKCU\...\Run: [SkyDrive] - C:\Users\Teresa\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-14] (Microsoft Corporation)MountPoints2: {641fed44-869e-11e2-be70-3085a994af8c} - "G:\SETUP.EXE" MountPoints2: {c6219c4a-d911-11e2-be82-3085a994af8c} - "J:\SISetup.exe" HKU\MSSQL$SQLEXPRESS\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => File Not FoundStartup: C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Teresa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)Startup: C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnkShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()Startup: C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SABnzbd.exe - Shortcut.lnkShortcutTarget: SABnzbd.exe - Shortcut.lnk -> C:\Program Files (x86)\SABnzbd\SABnzbd.exe ()Startup: C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SABnzbd.lnkShortcutTarget: SABnzbd.lnk -> C:\Program Files (x86)\SABnzbd\SABnzbd.exe ()==================== Internet (Whitelisted) ====================HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB,en;q=0.5HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0668DF1FF55BCE01BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 10.0.0.138FireFox:========FF ProfilePath: C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\mgbj9eza.default-1380666389841FF NetworkProxy: "backup.ftp", ""FF NetworkProxy: "backup.ftp_port", 0FF NetworkProxy: "backup.socks", ""FF NetworkProxy: "backup.socks_port", 0FF NetworkProxy: "backup.ssl", ""FF NetworkProxy: "backup.ssl_port", 0FF NetworkProxy: "ftp", "192.168.0.11"FF NetworkProxy: "ftp_port", 80FF NetworkProxy: "http", "192.168.0.11"FF NetworkProxy: "http_port", 80FF NetworkProxy: "share_proxy_settings", trueFF NetworkProxy: "socks", "192.168.0.11"FF NetworkProxy: "socks_port", 80FF NetworkProxy: "ssl", "192.168.0.11"FF NetworkProxy: "ssl_port", 80FF NetworkProxy: "type", 4FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll ()FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Teresa\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xmlFF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtensionFF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-09-02]Chrome: =======CHR HomePage: about:blankCHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()CHR Plugin: (NPLastPass) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.25_0\nplastpass.dll (LastPass)CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No FileCHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)CHR Extension: (Entanglement Web App) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2013-10-01]CHR Extension: (Sudoku) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdhembpgcpfegeigidembjopfhghnpj [2013-10-01]CHR Extension: (Angry Birds) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-10-01]CHR Extension: (Word Search Puzzle) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\alcobafdkcddhiabfgnongafffchimnl [2013-10-01]CHR Extension: (Google Docs) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-12]CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2013-10-01]CHR Extension: (Google Drive) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-12]CHR Extension: (Awesome XKCD Widget [ANTP]) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigeakmkgpgffiojjihhjlggonmomacp [2013-10-01]CHR Extension: (YouTube) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-12]CHR Extension: (Firebug Lite for Google Chrome\u2122) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2013-10-01]CHR Extension: (Facebook) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2013-10-01]CHR Extension: (Google+ Notifications) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi [2013-10-01]CHR Extension: (X New Tab Page) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmbfafhdccfgdgnbkgogehiklmemkoh [2013-10-01]CHR Extension: (Adblock Plus) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-01]CHR Extension: (Send to Kindle for Google Chrome\u2122) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2013-10-01]CHR Extension: (Add to Amazon Wish List) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2013-10-01]CHR Extension: (New Tab Page) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkigamncoobkmpenfdeniclmehdidh [2013-10-01]CHR Extension: (Spotify - Music for every moment) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2013-10-01]CHR Extension: (Google Search) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-12]CHR Extension: (Dynamite) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\djoedchmhkmbnkggjnbachnpikkabfhk [2013-10-01]CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2013-10-01]CHR Extension: (Google+) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-10-01]CHR Extension: (Gmail Offline) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-10-01]CHR Extension: (Google Calendar) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-10-01]CHR Extension: (Google) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2013-11-18]CHR Extension: (Chain Reaction) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa [2013-10-03]CHR Extension: (JDownloader Integration) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmochcijbhgjfdmojjenfabpafelhgdc [2013-10-01]CHR Extension: (LastPass) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-07-03]CHR Extension: (Flood-It!) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hidcjhphimkfnacedjcnajpmlaegnddp [2013-10-01]CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-10-01]CHR Extension: (AirDroid) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2013-10-01]CHR Extension: (Checker Plus for Google Calendar\u2122) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhggnncdpfibdhinjiegagmopldibha [2013-10-01]CHR Extension: (Pathuku) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkiilmogcdkeefnbemdagpmcediekadb [2013-10-01]CHR Extension: (Google Keep) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-12-02]CHR Extension: (Isoball 3) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2013-10-01]CHR Extension: (Chrome to Mobile) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2013-10-01]CHR Extension: (GText from MightyText - SMS from Gmail\u2122) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iffdacemhfpnchinokehhnppllonacfj [2013-10-01]CHR Extension: (Cut the Rope) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbadlndcminbkfojhlimnkgaackjmdo [2013-10-14]CHR Extension: (Google +1 Button) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp [2013-10-01]CHR Extension: (Google) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2013-10-10]CHR Extension: (Start - A Better New Tab) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgifkabikplflflabkllnpidlbjjpgbp [2013-12-08]CHR Extension: (Little Alchemy) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2013-10-01]CHR Extension: (JDownloader Integration for Google Chrome\u2122) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm [2013-10-01]CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2013-10-01]CHR Extension: (The Fancy Pants Adventure: World 2) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\loamdenijebhollnjgehcfbnpeelfhlk [2013-10-01]CHR Extension: (Star Gazer) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme [2014-01-16]CHR Extension: (Google Dictionary (by Google)) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2013-10-01]CHR Extension: (Google Mail Checker) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-10-01]CHR Extension: (Google) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2013-10-27]CHR Extension: (feedly) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja [2013-10-01]CHR Extension: (Google Wallet) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]CHR Extension: (Better Pop Up Blocker) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic [2013-10-01]CHR Extension: (Reflexions - bookmark) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nogadgkloelojebogohabcnnbihknaaf [2013-10-01]CHR Extension: (My Chrome Theme) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-10-01]CHR Extension: (Checker Plus for Gmail\u2122) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2013-10-01]CHR Extension: (Google Events [ANTP]) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojolaifaiohcbjmpmiaflinfimnfeakl [2013-10-01]CHR Extension: (Sinuous) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\omlmnomieeknagejjojcpdomnbnbchdl [2013-11-24]CHR Extension: (Flow Colors) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbnmelddedlommnmllmfhoephaidddmk [2013-10-03]CHR Extension: (Evernote Web Clipper) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-10-01]CHR Extension: (Gmail) - C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-12]CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - C:\Program Files (x86)\LastPass\lpchrome.crx [2013-07-03]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION==================== Services (Whitelisted) =================U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)U2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-02-12] ()U2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-02-12] (ASUSTeK Computer Inc.)U2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-02-12] (ASUSTeK Computer Inc.)U2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.17\AsusFanControlService.exe [381824 2013-02-12] (ASUSTeK Computer Inc.)U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)U3 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation)U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)U2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)U2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)U3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32568 2013-08-22] (The OpenVPN Project)U2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2013-12-07] ()U2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-10-25] (Razer, Inc.)U4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation)U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)==================== Drivers (Whitelisted) ====================U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)U3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)U1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()U1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)U1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)U1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)U1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-06] (DT Soft Ltd)U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)U3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)U3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)U3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)U3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)U3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)U4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)U3 RzDxgk; C:\WINDOWS\system32\drivers\RzDxgk.sys [129472 2013-10-25] (Razer, Inc.)U3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2013-11-15] (Razer Inc)U0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-10-25] (Razer, Inc.)U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2013-08-22] (Microsoft Corporation)==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-01-20 18:06 - 2014-01-20 18:06 - 00000000 ____D C:\FRST2014-01-20 17:08 - 2014-01-20 17:08 - 00035629 _____ C:\Users\Teresa\Desktop\dds.txt2014-01-20 17:08 - 2014-01-20 17:08 - 00008093 _____ C:\Users\Teresa\Desktop\attach.txt2014-01-20 15:52 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys2014-01-20 15:52 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll2014-01-20 15:51 - 2014-01-20 15:52 - 00000000 ____D C:\Users\Teresa\AppData\Local\NVIDIA2014-01-20 15:51 - 2013-12-10 03:13 - 01100248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll2014-01-20 15:51 - 2013-12-10 03:13 - 00982232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll2014-01-20 15:50 - 2014-01-20 15:52 - 00000000 ____D C:\WINDOWS\LastGood2014-01-20 15:50 - 2013-11-14 12:55 - 30361888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll2014-01-20 15:50 - 2013-11-14 12:55 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll2014-01-20 15:50 - 2013-11-14 12:55 - 22951200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll2014-01-20 15:50 - 2013-11-14 12:55 - 18208624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll2014-01-20 15:50 - 2013-11-14 12:55 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll2014-01-20 15:50 - 2013-11-14 12:55 - 15862272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll2014-01-20 15:50 - 2013-11-14 12:55 - 12613408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys2014-01-20 15:50 - 2013-11-14 12:55 - 11600432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll2014-01-20 15:50 - 2013-11-14 12:55 - 11514624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll2014-01-20 15:50 - 2013-11-14 12:55 - 09691888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll2014-01-20 15:50 - 2013-11-14 12:55 - 09619872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll2014-01-20 15:50 - 2013-11-14 12:55 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll2014-01-20 15:50 - 2013-11-14 12:55 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll2014-01-20 15:50 - 2013-11-14 12:55 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll2014-01-20 15:50 - 2013-11-14 12:55 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll2014-01-20 15:50 - 2013-11-14 12:55 - 02697248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll2014-01-20 15:50 - 2013-11-14 12:55 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433182.dll2014-01-20 15:50 - 2013-11-14 12:55 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433182.dll2014-01-20 15:50 - 2013-11-14 12:55 - 01510176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll2014-01-20 15:50 - 2013-11-14 12:55 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00707360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00657184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00609568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00562464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00357152 _____ C:\WINDOWS\system32\NvIFROpenGL.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00314656 _____ C:\WINDOWS\SysWOW64\NvIFROpenGL.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00196384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys2014-01-20 15:50 - 2013-11-14 12:55 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll2014-01-20 15:50 - 2013-11-14 12:55 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll2014-01-20 15:46 - 2013-12-19 19:53 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll2014-01-20 15:46 - 2013-11-11 16:02 - 06674208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll2014-01-20 15:46 - 2013-11-11 16:02 - 03490080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll2014-01-20 15:46 - 2013-11-11 16:01 - 03467927 _____ C:\WINDOWS\system32\nvcoproc.bin2014-01-20 15:46 - 2013-11-11 16:01 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe2014-01-20 15:46 - 2013-11-11 16:01 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll2014-01-20 15:46 - 2013-11-11 16:01 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll2014-01-20 13:16 - 2014-01-19 08:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe2014-01-20 13:06 - 2014-01-20 13:07 - 00000000 ____D C:\Users\Teresa\AppData\Local\Apps\Windows 7 USB DVD Download Tool2014-01-20 13:06 - 2014-01-20 13:06 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool2014-01-20 12:45 - 2014-01-20 12:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-01-20 12:45 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2014-01-19 22:58 - 2014-01-19 22:59 - 00000000 ____D C:\WINDOWS\LastGood.Tmp2014-01-18 12:34 - 2014-01-18 12:34 - 00000000 ____D C:\WINDOWS\SysWOW64\directx2014-01-18 12:01 - 2014-01-18 12:01 - 00000000 ____D C:\Users\Teresa\AppData\Local\Morrowind2014-01-17 12:06 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433221.dll2014-01-17 12:06 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433221.dll2014-01-17 12:06 - 2013-11-14 12:55 - 18293608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll2014-01-17 12:06 - 2013-11-14 12:55 - 15218504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll2014-01-17 12:06 - 2013-11-14 12:55 - 03069608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll2014-01-17 12:06 - 2013-11-14 12:55 - 01436528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll2014-01-17 12:06 - 2013-11-14 12:55 - 00023754 _____ C:\WINDOWS\system32\nvinfo.pb2014-01-11 00:02 - 2014-01-12 18:59 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\Awesomium2014-01-10 13:44 - 2014-01-10 13:44 - 00007939 _____ C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\putty062.lnk2014-01-10 13:40 - 2014-01-10 13:40 - 00000000 ____D C:\Program Files\TAP-Windows2014-01-10 13:40 - 2014-01-10 13:40 - 00000000 ____D C:\Program Files (x86)\OpenVPN2014-01-08 09:36 - 2014-01-08 09:36 - 00000000 ____D C:\Users\Teresa\Documents\Elder Scrolls Online2014-01-08 09:36 - 2014-01-08 09:36 - 00000000 ____D C:\ProgramData\Elder Scrolls Online2014-01-07 23:59 - 2014-01-08 00:00 - 00000000 ____D C:\Program Files (x86)\Zenimax Online2014-01-03 22:16 - 2014-01-20 17:31 - 00000000 ____D C:\Users\Teresa\AppData\Local\Battle.net2014-01-03 22:16 - 2014-01-17 01:18 - 00000000 ____D C:\Program Files (x86)\Battle.net2014-01-03 22:16 - 2014-01-03 22:18 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\Battle.net2014-01-03 17:12 - 2014-01-03 17:12 - 00000000 ____D C:\WINDOWS\46ED2B6485C74E1F920CA555B21F2E4C.TMP2014-01-03 16:07 - 2014-01-03 16:08 - 00121416 _____ (MotioninJoy) C:\WINDOWS\system32\Drivers\MijXfilt.sys2014-01-03 16:07 - 2014-01-03 16:07 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\MotioninJoy2014-01-03 16:07 - 2014-01-03 16:07 - 00000000 ____D C:\Program Files\MotioninJoy2014-01-03 16:07 - 2010-08-19 19:24 - 00074960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb21.sys2014-01-03 16:07 - 2010-05-03 16:12 - 00328712 _____ (Logitech Inc.) C:\WINDOWS\system32\MijFrc.dll2013-12-28 12:01 - 2013-12-28 12:01 - 00000000 ____D C:\Users\Teresa\AppData\Local\2DBoy2013-12-28 12:01 - 2013-12-28 12:01 - 00000000 ____D C:\ProgramData\2DBoy2013-12-25 22:59 - 2013-12-26 12:55 - 00000000 ____D C:\Users\Teresa\Documents\Baldur's Gate II - Enhanced Edition2013-12-25 22:59 - 2013-12-25 22:59 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll2013-12-25 22:59 - 2013-12-25 22:59 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll2013-12-25 22:59 - 2013-12-25 22:59 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll2013-12-25 22:59 - 2013-12-25 22:59 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll2013-12-25 22:59 - 2013-12-25 22:59 - 00000000 ____D C:\Program Files (x86)\OpenAL==================== One Month Modified Files and Folders =======2014-01-20 18:06 - 2014-01-20 18:06 - 00000000 ____D C:\FRST2014-01-20 18:04 - 2013-02-12 14:13 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\uTorrent2014-01-20 18:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru2014-01-20 17:31 - 2014-01-03 22:16 - 00000000 ____D C:\Users\Teresa\AppData\Local\Battle.net2014-01-20 17:23 - 2013-02-12 01:48 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2014-01-20 17:08 - 2014-01-20 17:08 - 00035629 _____ C:\Users\Teresa\Desktop\dds.txt2014-01-20 17:08 - 2014-01-20 17:08 - 00008093 _____ C:\Users\Teresa\Desktop\attach.txt2014-01-20 16:45 - 2013-05-20 12:23 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\Copy2014-01-20 16:12 - 2013-10-17 18:22 - 01087300 _____ C:\WINDOWS\WindowsUpdate.log2014-01-20 16:06 - 2013-06-02 19:16 - 00004982 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for BARAD-DUR-Teresa Barad-Dur2014-01-20 16:00 - 2013-09-30 05:12 - 00987636 _____ C:\WINDOWS\system32\PerfStringBackup.INI2014-01-20 16:00 - 2013-02-12 01:36 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3714648652-2645068011-1321273447-10012014-01-20 15:58 - 2013-02-12 02:49 - 00000000 ____D C:\Program Files (x86)\Steam2014-01-20 15:57 - 2013-02-12 02:15 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\Dropbox2014-01-20 15:55 - 2013-10-17 18:22 - 00000000 ____D C:\ProgramData\NVIDIA2014-01-20 15:55 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT2014-01-20 15:55 - 2013-02-12 01:48 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2014-01-20 15:54 - 2013-10-17 18:22 - 00058734 _____ C:\WINDOWS\system32\lvcoinst.log2014-01-20 15:52 - 2014-01-20 15:51 - 00000000 ____D C:\Users\Teresa\AppData\Local\NVIDIA2014-01-20 15:52 - 2014-01-20 15:50 - 00000000 ____D C:\WINDOWS\LastGood2014-01-20 15:52 - 2013-11-14 18:43 - 00000000 ____D C:\Users\Teresa\AppData\Local\NVIDIA Corporation2014-01-20 15:52 - 2013-10-17 18:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation2014-01-20 15:52 - 2013-10-17 18:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation2014-01-20 15:52 - 2013-10-17 18:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation2014-01-20 15:52 - 2013-08-22 15:46 - 00395531 _____ C:\WINDOWS\setupact.log2014-01-20 15:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help2014-01-20 15:45 - 2013-10-17 18:24 - 00000000 ____D C:\Users\Teresa2014-01-20 15:45 - 2013-02-12 02:45 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\NVIDIA2014-01-20 13:07 - 2014-01-20 13:06 - 00000000 ____D C:\Users\Teresa\AppData\Local\Apps\Windows 7 USB DVD Download Tool2014-01-20 13:06 - 2014-01-20 13:06 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool2014-01-20 12:45 - 2014-01-20 12:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-01-19 23:21 - 2013-02-12 16:49 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\vlc2014-01-19 23:16 - 2013-03-20 22:32 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server2014-01-19 22:59 - 2014-01-19 22:58 - 00000000 ____D C:\WINDOWS\LastGood.Tmp2014-01-19 22:48 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI2014-01-19 12:17 - 2013-02-12 01:29 - 00000000 ____D C:\Users\Teresa\AppData\Local\Packages2014-01-19 08:38 - 2014-01-20 13:16 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe2014-01-18 13:07 - 2013-09-29 21:03 - 00004156 _____ C:\WINDOWS\PFRO.log2014-01-18 12:34 - 2014-01-18 12:34 - 00000000 ____D C:\WINDOWS\SysWOW64\directx2014-01-18 12:01 - 2014-01-18 12:01 - 00000000 ____D C:\Users\Teresa\AppData\Local\Morrowind2014-01-17 10:37 - 2013-06-04 23:24 - 00000000 ____D C:\Program Files (x86)\World of Warcraft2014-01-17 10:37 - 2013-02-13 23:47 - 00000000 ____D C:\Program Files (x86)\StarCraft II2014-01-17 10:37 - 2013-02-12 04:30 - 00000000 ____D C:\Program Files (x86)\Diablo III2014-01-17 10:29 - 2013-02-12 02:15 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-01-17 10:29 - 2013-02-12 01:29 - 00000000 ___RD C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-01-17 01:18 - 2014-01-03 22:16 - 00000000 ____D C:\Program Files (x86)\Battle.net2014-01-17 00:54 - 2013-02-12 02:19 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\TS3Client2014-01-16 22:14 - 2013-02-12 03:10 - 00000000 ____D C:\Program Files (x86)\Origin2014-01-16 15:34 - 2013-08-14 11:57 - 00000000 ____D C:\WINDOWS\system32\MRT2014-01-16 15:33 - 2013-02-14 03:03 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2014-01-15 11:05 - 2013-05-09 14:01 - 00000000 ____D C:\Program Files\Microsoft Office 152014-01-14 15:12 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness2014-01-13 13:42 - 2013-07-17 22:09 - 00002252 ____H C:\Users\Teresa\Documents\Default.rdp2014-01-12 18:59 - 2014-01-11 00:02 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\Awesomium2014-01-11 18:01 - 2013-05-21 12:11 - 00000600 _____ C:\Users\Teresa\AppData\Local\PUTTY.RND2014-01-10 13:44 - 2014-01-10 13:44 - 00007939 _____ C:\Users\Teresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\putty062.lnk2014-01-10 13:40 - 2014-01-10 13:40 - 00000000 ____D C:\Program Files\TAP-Windows2014-01-10 13:40 - 2014-01-10 13:40 - 00000000 ____D C:\Program Files (x86)\OpenVPN2014-01-08 22:26 - 2013-02-13 23:47 - 00000000 ____D C:\Users\Teresa\Documents\StarCraft II2014-01-08 09:36 - 2014-01-08 09:36 - 00000000 ____D C:\Users\Teresa\Documents\Elder Scrolls Online2014-01-08 09:36 - 2014-01-08 09:36 - 00000000 ____D C:\ProgramData\Elder Scrolls Online2014-01-08 00:00 - 2014-01-07 23:59 - 00000000 ____D C:\Program Files (x86)\Zenimax Online2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl2014-01-03 22:18 - 2014-01-03 22:16 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\Battle.net2014-01-03 21:53 - 2013-02-13 05:39 - 00000000 ____D C:\Users\Teresa\Documents\my games2014-01-03 21:53 - 2013-02-12 02:14 - 00314136 _____ C:\WINDOWS\DirectX.log2014-01-03 17:12 - 2014-01-03 17:12 - 00000000 ____D C:\WINDOWS\46ED2B6485C74E1F920CA555B21F2E4C.TMP2014-01-03 16:08 - 2014-01-03 16:07 - 00121416 _____ (MotioninJoy) C:\WINDOWS\system32\Drivers\MijXfilt.sys2014-01-03 16:07 - 2014-01-03 16:07 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\MotioninJoy2014-01-03 16:07 - 2014-01-03 16:07 - 00000000 ____D C:\Program Files\MotioninJoy2013-12-30 22:05 - 2013-02-12 02:17 - 00000000 ____D C:\Users\Teresa\AppData\Roaming\Skype2013-12-30 13:04 - 2013-02-12 02:17 - 00000000 ___RD C:\Program Files (x86)\Skype2013-12-30 13:04 - 2013-02-12 02:17 - 00000000 ____D C:\ProgramData\Skype2013-12-28 12:01 - 2013-12-28 12:01 - 00000000 ____D C:\Users\Teresa\AppData\Local\2DBoy2013-12-28 12:01 - 2013-12-28 12:01 - 00000000 ____D C:\ProgramData\2DBoy2013-12-26 12:55 - 2013-12-25 22:59 - 00000000 ____D C:\Users\Teresa\Documents\Baldur's Gate II - Enhanced Edition2013-12-26 12:23 - 2013-02-12 01:58 - 00653132 _____ C:\WINDOWS\DPINST.LOG2013-12-25 22:59 - 2013-12-25 22:59 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll2013-12-25 22:59 - 2013-12-25 22:59 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll2013-12-25 22:59 - 2013-12-25 22:59 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll2013-12-25 22:59 - 2013-12-25 22:59 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll2013-12-25 22:59 - 2013-12-25 22:59 - 00000000 ____D C:\Program Files (x86)\OpenALFiles to move or delete:====================C:\Users\Teresa\Minecraft.exeSome content of TEMP:====================C:\Users\Teresa\AppData\Local\Temp\avgnt.exeC:\Users\Teresa\AppData\Local\Temp\jna3951023013076788163.dllC:\Users\Teresa\AppData\Local\Temp\jna5047657694705021283.dllC:\Users\Teresa\AppData\Local\Temp\jna7585764360964115355.dllC:\Users\Teresa\AppData\Local\Temp\jna7681012847052582576.dllC:\Users\Teresa\AppData\Local\Temp\npp.6.5.1.Installer.exeC:\Users\Teresa\AppData\Local\Temp\nvSCPAPI.dllC:\Users\Teresa\AppData\Local\Temp\nvSCPAPI64.dllC:\Users\Teresa\AppData\Local\Temp\nvStInst.exeC:\Users\Teresa\AppData\Local\Temp\xmlUpdater.exe==================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legitLastRegBack: 2014-01-19 23:32==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites

Please do not put logs in code boxes, just copy paste direct to your reply....

 

Upload a File to Virustotal

Go to http://www.virustotal.com/

  • Click the Choose file button
  • Navigate to the file C:\WINDOWS\notepad.exe or just copy/paste it in.
  • Click the Scan it tab
  • If you get a message saying File has already been analyzed: click Reanalyze file now
  • Copy and paste the results back here please.


 

Link to post
Share on other sites

Sorry about the code tags,

 

here's the result:

 

SHA256: c74838f5bdb0ada571c407fd022e90b12e14aa853301635713116ae2c6ebe4f9 File name: notepad.exe Detection ratio: 0 / 49 Analysis date: 2014-01-20 17:57:57 UTC ( 0 minutes ago )

 

 

In the Analysis tab there were all check marks.

 

 

File Detail tab:

 

The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
 PE signature block
Copyright
© Microsoft Corporation. All rights reserved.
Publisher Microsoft Corporation
Product Microsoft® Windows® Operating System
Original name NOTEPAD.EXE
Internal name Notepad
File version 6.3.9600.16384 (winblue_rtm.130821-1623)
Description Notepad
 ExifTool file metadata
SubsystemVersion
6.3
LinkerVersion
11.0
ImageVersion
6.3
FileSubtype
0
FileVersionNumber
6.3.9600.16384
UninitializedDataSize
0
LanguageCode
English (U.S.)
FileFlagsMask
0x003f
CharacterSet
Unicode
InitializedDataSize
126464
FileOS
Windows NT 32-bit
MIMEType
application/octet-stream
LegalCopyright
Microsoft Corporation. All rights reserved.
FileVersion
6.3.9600.16384 (winblue_rtm.130821-1623)
TimeStamp
2013:08:22 12:00:11+01:00
FileType
Win64 EXE
PEType
PE32+
InternalName
Notepad
FileAccessDate
2013:12:22 10:38:19+01:00
ProductVersion
6.3.9600.16384
FileDescription
Notepad
OSVersion
6.3
FileCreateDate
2013:12:22 10:38:19+01:00
OriginalFilename
NOTEPAD.EXE
Subsystem
Windows GUI
MachineType
AMD AMD64
CompanyName
Microsoft Corporation
CodeSize
95232
ProductName
Microsoft Windows Operating System
ProductVersionNumber
6.3.9600.16384
EntryPoint
0x6094
ObjectFileType
Executable application
 

 

 

Additional Information tab:

 

 File identification
MD5 24da05ade2a978e199875da0d859e7eb
SHA1 9fef303bedf8430403915951564e0d9888f6f365
SHA256 c74838f5bdb0ada571c407fd022e90b12e14aa853301635713116ae2c6ebe4f9
ssdeep
3072:xVFE/lYueQ60bePKEywh8QUEMae1NJLgf7nDVF6PUp1Yo3ICgC:cYue0bChyI8rE8N5gfzDVlVXg
File size 212.5 KB ( 217600 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI) Mono/.Net assembly
TrID Win64 Executable (generic) (87.3%)
Generic Win/DOS Executable (6.3%)
DOS Executable Generic (6.3%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
 VirusTotal metadata
First submission 2013-09-10 17:51:17 UTC ( 4 months, 1 week ago )
Last submission 2014-01-20 17:57:57 UTC ( 7 minutes ago )
File names notepad.exe
notepad.exe
notepad.exe
notepad.exe
24DA05ADE2A978E199875DA0D859E7EB
Notepad
notepad.exe
NOTEPAD.EXE
notepad.exe
notepad.exe
notepad.exe
notepad.exe
notepad.exe
notepad.exe

 

Link to post
Share on other sites

Thanks for log, entry is ok.... Continue please:

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.


The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

  • Double click on AdwCleaner.exe to run the tool.
  • Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted (if necessary):
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced logs in next reply, give update on any remaining issues or concerns..

 

Thank you,

 

Kevin

 

 

fixlist.txt

Link to post
Share on other sites

Thanks a lot for the guidance!

 

I did what you suggested. Nothing special came up. Unfortunately there is still 50% of my CPU and almost 40% of my memory (32GB!) in use and I can't explain why :/

 

Do you have any additional suggestions I can try?

 

_________________________________

Fixlog.txt:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2014 04
Ran by Teresa at 2014-01-20 19:20:27 Run:1
Running from D:\Data\Download
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
C:\Users\Teresa\Minecraft.exe
C:\Users\Teresa\AppData\Local\Temp\avgnt.exe
C:\Users\Teresa\AppData\Local\Temp\jna3951023013076788163.dll
C:\Users\Teresa\AppData\Local\Temp\jna5047657694705021283.dll
C:\Users\Teresa\AppData\Local\Temp\jna7585764360964115355.dll
C:\Users\Teresa\AppData\Local\Temp\jna7681012847052582576.dll
C:\Users\Teresa\AppData\Local\Temp\npp.6.5.1.Installer.exe
C:\Users\Teresa\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Teresa\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Teresa\AppData\Local\Temp\nvStInst.exe
C:\Users\Teresa\AppData\Local\Temp\xmlUpdater.exe
End
*****************
 
C:\Users\Teresa\Minecraft.exe => Moved successfully.
C:\Users\Teresa\AppData\Local\Temp\avgnt.exe => Moved successfully.
C:\Users\Teresa\AppData\Local\Temp\jna3951023013076788163.dll => Moved successfully.
C:\Users\Teresa\AppData\Local\Temp\jna5047657694705021283.dll => Moved successfully.
C:\Users\Teresa\AppData\Local\Temp\jna7585764360964115355.dll => Moved successfully.
C:\Users\Teresa\AppData\Local\Temp\jna7681012847052582576.dll => Moved successfully.
C:\Users\Teresa\AppData\Local\Temp\npp.6.5.1.Installer.exe => Moved successfully.
C:\Users\Teresa\AppData\Local\Temp\nvSCPAPI.dll => Moved successfully.
C:\Users\Teresa\AppData\Local\Temp\nvSCPAPI64.dll => Moved successfully.
C:\Users\Teresa\AppData\Local\Temp\nvStInst.exe => Moved successfully.
C:\Users\Teresa\AppData\Local\Temp\xmlUpdater.exe => Moved successfully.
 
==== End of Fixlog ====
 
_________________________________

AdwCleaner[s1].txt:

 

# AdwCleaner v3.017 - Report created 20/01/2014 at 19:28:53
# Updated 12/01/2014 by Xplode
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : Teresa - BARAD-DUR
# Running from : C:\Users\Teresa\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16384
 
 
-\\ Mozilla Firefox v18.0.2 (en-GB)
 
[ File : C:\Users\Teresa\AppData\Roaming\Mozilla\Firefox\Profiles\mgbj9eza.default-1380666389841\prefs.js ]
 
 
-\\ Google Chrome v32.0.1700.76
 
[ File : C:\Users\Teresa\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1364 octets] - [01/10/2013 23:30:08]
AdwCleaner[R1].txt - [1015 octets] - [20/01/2014 19:22:40]
AdwCleaner[R2].txt - [1075 octets] - [20/01/2014 19:28:21]
AdwCleaner[s0].txt - [1342 octets] - [01/10/2013 23:30:35]
AdwCleaner[s1].txt - [998 octets] - [20/01/2014 19:28:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1057 octets] ##########
 
 
_________________________________

JRT.txt:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 8.1 Pro x64
Ran by Teresa on 20.01.2014 at 19:34:28,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\caphyon
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.01.2014 at 19:35:22,55
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
_________________________________

mbam-log-2014-01-20 (19-37-41).txt:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.20.06
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Teresa :: BARAD-DUR [administrator]
 
20.01.2014 19:37:41
mbam-log-2014-01-20 (19-37-41).txt
 
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 928495
Time elapsed: 59 minute(s), 56 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 

 

Link to post
Share on other sites

Logs we see are not indicating any obvious malware/infection. Run the system in a "Clean Boot" state, see if the same issue occurs...

 

Go here: http://support.microsoft.com/kb/929135 expand "How to perform a clean boot" then expand "Windows 8.1 and Windows 8" follow the instructions and run a clean boot, see how your system responds in that mode...

 

Kevin

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.