awesomerock

Members
  • Content count

    12
  • Joined

  • Last visited

About awesomerock

  • Rank
    New Member
  1. Hi MrC, Here is the info you requested: # AdwCleaner v3.019 - Report created 19/02/2014 at 20:15:15# Updated 17/02/2014 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : George - GEORGE-PC# Running from : C:\Users\George\Downloads\AdwCleaner (1).exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\boost_interprocess ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16518 -\\ Mozilla Firefox v27.0.1 (en-US) [ File : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\8ij29gyg.default\prefs.js ] -\\ Google Chrome v32.0.1700.107 [ File : C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2323 octets] - [19/02/2014 00:10:50]AdwCleaner[R1].txt - [1077 octets] - [19/02/2014 20:13:18]AdwCleaner[s0].txt - [2434 octets] - [19/02/2014 00:12:55]AdwCleaner[s1].txt - [1004 octets] - [19/02/2014 20:15:15] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1064 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2014.02.19.13 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16518George :: GEORGE-PC [administrator] 19/02/2014 8:20:08 PMmbam-log-2014-02-19 (20-20-08).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 245605Time elapsed: 4 minute(s), 24 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) MBAM did not find anything. So is this a false positive like the others are suggesting? Am I clear? Thanks again for your help.
  2. Thanks for MrC. Here is the log you requested: RogueKiller V8.8.8 _x64_ [Feb 19 2014] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : George [Admin rights]Mode : Scan -- Date : 02/19/2014 08:10:21| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[bROK VAL] HKCR\[...]\command : () -> MISSING ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost74.208.10.249 gs.apple.com ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3000DM001-1CH166 ATA Device +++++--- User ---[MBR] 0086f36f0b7bc8b257f89fc226376c3d[bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MoUser = LL1 ... OK!User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST3000DM001-1CH166 ATA Device +++++--- User ---[MBR] 0086f36f0b7bc8b257f89fc226376c3d[bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MoUser = LL1 ... OK!User = LL2 ... OK! +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Seagate FA GoFlex Desk USB Device +++++--- User ---[MBR] ff0b517702293986d40468d89de9ed93[bSP] 5cab7fac78b6fe5301595cea6da44b25 : Empty MBR CodePartition table:0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 MoError reading LL1 MBR! ([0x0] The operation completed successfully. )Error reading LL2 MBR! ([0x32] The request is not supported. ) Finished : << RKreport[0]_S_02192014_081021.txt >>
  3. Hello, Just discovered this PUP while scanning with MBAM today: PUP.Optional.BoostInterProcess.A. Everytime I clean with MBAM it is successful. However, after reboot the files are back and MBAM re-detects them. It finds 2 folders and 2 files in C:\ProgramData\boost_interprocess. I am not noticing any weird behaviour other than when I close Thunderbird it tells me that "login to server pop.gmail.com failed". Not sure if this is a coincidence or not? Any help would be appreciated. Logs attached. Thank you. .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1Install Date: 20/03/2013 2:07:16 AMSystem Uptime: 19/02/2014 12:13:58 AM (0 hours ago).Motherboard: ASUSTeK COMPUTER INC. | | SABERTOOTH X79Processor: Intel® Core i7-3930K CPU @ 3.20GHz | LGA2011 | 3201/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 2794 GiB total, 1887.482 GiB free.D: is CDROM ()E: is FIXED (NTFS) - 2794 GiB total, 2202.628 GiB free.G: is FIXED (NTFS) - 400 GiB total, 117.781 GiB free.H: is FIXED (NTFS) - 932 GiB total, 291.627 GiB free.I: is FIXED (NTFS) - 10 GiB total, 7.731 GiB free..==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP316: 11/02/2014 10:06:07 PM - Windows UpdateRP317: 11/02/2014 10:53:26 PM - Windows UpdateRP318: 14/02/2014 11:10:51 PM - Windows UpdateRP319: 18/02/2014 8:13:31 PM - Windows Update.==== Installed Programs ======================.7-Zip 9.20Adobe AIRAdobe Flash Player 12 ActiveXAdobe Flash Player 12 PluginAdobe Photoshop Elements 2.0Adobe Reader XI (11.0.06)Ampeg SVX UNOAmpliTube 2 DUOAmpliTube 3 version 3.10.0Apple Application SupportApple Mobile Device SupportApple Software UpdateAsmedia ASM104x USB 3.0 Host Controller DriverAsmedia ASM106x SATA Host Controller DriverAvid Cosmonaut VoiceAvid EffectsAvid HD Driver (x64)Avid JOEMEEK BundleAvid Moogerfooger BundleAvid Pro ToolsAvid Virtual InstrumentsBitterSweetV3Bome's Virtual MIDI Port 1.0.0.11BonjourCinemaNowCustom Shop version 1.1.0Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDigidesign 7.x Factory Update Patch 8.0.1Digidesign Factory Bundle 8.0DropboxDVD Decrypter (Remove Only)EWQL OrchestraEZdrummerFG-X Virtual Mastering ConsoleFileZilla Client 3.7.3FrapsGIMP 2.8.4Google ChromeGoogle Update HelperHandBrake 0.9.9.1iCloudIK Multimedia Authorization Manager version 1.0.9iLok Client HelperIntel® Management Engine ComponentsIntel® Network Connections 17.2.154.0Intel® Trusted Connect Service ClientInterlok driver setup x64iTunesJava 7 Update 51Java Auto UpdaterLG Burning ToolLG CyberLink LabelPrintLG CyberLink Media SuiteLG CyberLink MediaEspressoLG CyberLink MediaShowLG CyberLink PowerDVDLG CyberLink PowerProducerLightScribe System SoftwareLIMBOMalwarebytes Anti-Malware version 1.75.0.1300marvell 91xx driverMetric Halo ThumpMicrosoft .NET Framework 4.5.1Microsoft Office 2010Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable - KB2467175Microsoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219minimoog-v Original 2.5.3MotioninJoy ds3 driver version 0.6.0001Mozilla Firefox 27.0.1 (x86 en-US)Mozilla Maintenance ServiceMozilla Thunderbird 24.3.0 (x86 en-US)Native Instruments Absynth 5Native Instruments Absynth TwilightsNative Instruments Conant GardensNative Instruments Controller EditorNative Instruments Dark PressureNative Instruments Drop SquadNative Instruments Drop Squad SoundsNative Instruments Electric ViceNative Instruments Komplete SynthsNative Instruments Kore PlayerNative Instruments MaschineNative Instruments Maschine ControllerNative Instruments Maschine Controller DriverNative Instruments Maschine Controller MK2 DriverNative Instruments Maschine Factory ContentNative Instruments Maschine Factory Content 1.5Native Instruments Maschine Mikro DriverNative Instruments Maschine Mikro MK2 DriverNative Instruments MassiveNative Instruments Platinum BounceNative Instruments Raw VoltageNative Instruments Reaktor 5Native Instruments Reaktor 5 Factory ContentNative Instruments Reaktor Animated CircuitsNative Instruments Service CenterNative Instruments Transistor PunchNative Instruments True SchoolNative Instruments Vintage HeatNey-FiNotepad++NVIDIA 3D Vision Controller Driver 320.49NVIDIA 3D Vision Driver 331.65NVIDIA Control Panel 331.65NVIDIA GeForce Experience 1.5.1NVIDIA Graphics Driver 331.65NVIDIA Install ApplicationNVIDIA PhysXNVIDIA PhysX System Software 9.13.0604NVIDIA Stereoscopic 3D DriverNVIDIA Update 6.4.23NVIDIA Update ComponentsoZone3D.Net FurMark v1.8.2PACE License Support Win64PlanetSide 2Play Update 3.0.46Plex Media ServerQL Stormdrum 2QuickTimeRealtek High Definition Audio DriverrtpMIDISafariSecurity Update for Microsoft .NET Framework 4.5.1 (KB2898869)Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553284) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2850016) 32-Bit EditionService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit EditionSharpReader 0.9.7.0Sid Meier's Railroads!Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)Skype Click to CallSkype™ 6.11SoundToys Devil-Loc V1SoundToys Little MicroShift V1SpywareBlaster 5.0SteamSUPERAntiSpywareT-RackS 3 Brickwall Limiter version 3.5.1T-RackS 3 Classic Clipper version 3.5.1T-RackS 3 Classic Compressor version 3.5.1T-RackS 3 Vintage Compressor 670 version 3.5.1T-RackS 3 Vintage Program EQ 1A version 3.5.1T-RackS CS version 4.0.0Toontrack soloTrueCryptUpdate for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft InfoPath 2010 (KB2817369) 32-Bit EditionUpdate for Microsoft InfoPath 2010 (KB2817396) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589352) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2597087) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2825640) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2837583) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2850079) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2837595) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687567) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2775360) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionUpdate for Microsoft Word 2010 (KB2837593) 32-Bit EditionVisual C++ 64-bit RedistributablesVisual C++ RedistributablesVisual Site DesignerVLC media player 2.1.2Vst To Rtas Adapter V2.11WarframeWaveAgentWaves Complete V7r16Waves Complete V9r14.==== Event Viewer Messages From Past Week ========.19/02/2014 12:15:56 AM, Error: Service Control Manager [7022] - The AsusFanControlService service hung on starting.18/02/2014 11:20:24 PM, Error: Ntfs [137] - The default transaction resource manager on volume I: encountered a non-retryable error and could not start. The data contains the error code.18/02/2014 11:20:24 PM, Error: Ntfs [137] - The default transaction resource manager on volume H: encountered a non-retryable error and could not start. The data contains the error code.18/02/2014 11:20:24 PM, Error: Ntfs [137] - The default transaction resource manager on volume G: encountered a non-retryable error and could not start. The data contains the error code..==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.51.2Run by George at 0:23:16 on 2014-02-19Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16326.13444 [GMT -5:00].AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\SUPERAntiSpyware\SASCORE64.EXEC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exeC:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exeC:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exeC:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exeC:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Windows\system32\IProsetMonitor.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeC:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Windows\SysWOW64\LxrSII1s.exeC:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exeC:\Program Files (x86)\CyberLink\Shared files\RichVideo.exeC:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exeC:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files\TrueCrypt\TrueCrypt.exeC:\Program Files (x86)\Steam\Steam.exeC:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exeC:\Users\George\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exeC:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exeC:\Program Files (x86)\CyberLink\Shared files\brs.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exeC:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Common Files\Steam\SteamService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\sppsvc.exeC:\Windows\servicing\TrustedInstaller.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\taskeng.exeC:\Program Files\Microsoft Security Client\MpCmdRun.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dlluRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenuRun: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favoritesuRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silentuRun: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesmRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"StartupFolder: C:\Users\George\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\George\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeuPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 192.168.0.1TCP: Interfaces\{00412563-F8CD-42E3-886E-B5B0620B4C22} : DHCPNameServer = 192.168.0.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLmASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -sx64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLHosts: 74.208.10.249 gs.apple.com.================= FIREFOX ===================.FF - ProfilePath - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\8ij29gyg.default\FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dllFF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dllFF - plugin: C:\Program Files (x86)\PACE Anti-Piracy\iLok\NPPaceILok.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll.============= SERVICES / DRIVERS ===============.R?2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe [2013-3-27 1457152]R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760]R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-7-20 14456]R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\System32\drivers\mv91cons.sys [2011-9-21 25904]R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-6-1 920736]R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-6-1 951936]R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2013-3-27 149120]R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-1-3 1363616]R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-1-3 1748640]R2 DigiNet;Digidesign Ethernet Support;C:\Windows\System32\drivers\diginet.sys [2013-6-8 23344]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-7-27 636952]R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-6-5 190824]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-3-20 166720]R2 LxrSII1d;Secure II Driver;C:\Windows\System32\drivers\LxrSII1d.sys [2013-3-29 63064]R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2013-1-17 6383920]R2 PaceLicenseDServices;PACE License Services;C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2013-11-27 17184160]R2 rtpMIDIService;rtpMIDIService;C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe [2012-8-24 1142272]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]R3 bomebus;Bome's Virtual MIDI Port Bus Service;C:\Windows\System32\drivers\bomebus.sys [2013-6-3 34376]R3 bomemidi;Bome's Virtual MIDI Port;C:\Windows\System32\drivers\bomemidi.sys [2013-6-3 30792]R3 DGUSBAP;Service for Digidesign Mbox2 (WDM);C:\Windows\System32\drivers\dgmbx2.sys [2010-8-30 192528]R3 gbxavs;Maschine Midi;C:\Windows\System32\drivers\gbxavs.sys [2011-7-7 357968]R3 gbxusb_svc;Maschine Controller;C:\Windows\System32\drivers\gbxusb.sys [2011-7-7 68688]R3 iLokDrvr;Usb Driver;C:\Windows\System32\drivers\iLokDrvr.sys [2013-11-29 25808]R3 MBX2DFU;Digidesign Mbox 2 Firmware Updater;C:\Windows\System32\drivers\dgmbx2fu.sys [2010-8-30 31120]R3 NIWinCDEmu;ISO Mounter driver;C:\Windows\System32\drivers\NIWinCDEmu.sys [2013-5-18 111696]R3 teVirtualMIDI64;teVirtualMIDI - Virtual MIDI Driver x64;C:\Windows\System32\drivers\teVirtualMIDI64.sys [2012-8-15 30208]S2 CLKMSVC10_38F51D56;CyberLink Product - 2013/03/20 05:19:48;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-4-20 241648]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]S3 dalwdmservice;dal service;C:\Windows\System32\drivers\Dalwdm.sys [2013-3-24 139792]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]S3 gbxavs_x64;gbxavs_x64;C:\Windows\System32\drivers\gbxavs_x64.sys [2009-10-8 45136]S3 gbxusb_x64;gbxusb_x64;C:\Windows\System32\drivers\gbxusb_x64.sys [2009-10-8 300624]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-11 111616]S3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;C:\Windows\System32\drivers\mbx2midk.sys [2013-3-24 32400]S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2013-6-8 121416]S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 134944]S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-20 19456]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-20 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-3-20 30208]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-20 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464].=============== Created Last 30 ================.2014-02-19 05:14:45 -------- d-----w- C:\ProgramData\boost_interprocess2014-02-19 05:10:44 -------- d-----w- C:\AdwCleaner2014-02-19 01:14:47 965000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{874F2FF2-8ABD-416E-865A-53F37B474D69}\gapaengine.dll2014-02-19 01:14:35 10536864 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A4E4D0A4-BE9B-4861-B3AC-DF0BACF1235D}\mpengine.dll2014-02-16 22:30:32 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2014-02-13 02:15:06 -------- d-----w- C:\ProgramData\Licenses2014-02-13 02:15:05 129872 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL2014-02-13 02:15:04 -------- d-----w- C:\Program Files (x86)\SpywareBlaster2014-02-12 02:20:21 -------- d-----r- C:\Users\George\Dropbox2014-02-12 02:19:19 -------- d-----w- C:\Users\George\AppData\Roaming\DropboxMaster2014-02-12 02:18:09 -------- d-----w- C:\Users\George\AppData\Roaming\Dropbox2014-02-09 23:28:37 -------- d-----w- C:\Users\George\AppData\Local\My Games2014-02-09 23:28:19 3767504 ----a-w- C:\Windows\System32\d3dx9_26.dll2014-02-09 23:28:19 2297552 ----a-w- C:\Windows\SysWow64\d3dx9_26.dll2014-01-25 16:33:39 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-01-25 16:33:39 -------- d-----w- C:\Program Files\iTunes2014-01-25 16:33:39 -------- d-----w- C:\Program Files\iPod2014-01-25 16:33:39 -------- d-----w- C:\Program Files (x86)\iTunes.==================== Find3M ====================.2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2014-02-05 01:50:08 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2014-02-05 01:50:08 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll2013-12-19 02:09:39 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-12-06 02:30:08 2048 ----a-w- C:\Windows\System32\msxml3r.dll2013-12-06 02:30:08 1882112 ----a-w- C:\Windows\System32\msxml3.dll2013-12-06 02:02:08 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll2013-12-06 02:02:08 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe2013-11-29 15:08:47 128 ----a-w- C:\Users\George\AppData\Roaming\msregsvv.dll2013-11-29 14:46:49 25808 ----a-w- C:\Windows\System32\drivers\iLokDrvr.sys2013-11-27 01:41:37 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-11-27 01:41:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-11-27 01:41:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-11-27 01:41:11 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-11-27 01:41:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-11-27 01:41:06 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-11-27 01:41:03 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-11-26 11:40:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys2013-11-26 10:32:56 3156480 ----a-w- C:\Windows\System32\win32k.sys2013-11-26 08:16:50 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll2013-11-22 22:48:21 3928064 ----a-w- C:\Windows\System32\d2d1.dll.============= FINISH: 0:24:07.30 ===============
  4. Thanks again Maniac!
  5. OK thanks. For ESET, I do not see an uninstall option in the scanner. Should I just uninstall from Window's Uninstall Programs?
  6. Do you think those two files that Eset removed are needed by my system maybe? Maybe they were a false positive?
  7. It seems to be running ok... do you think those quarantined files are needed though? They look as if they are ASUS drivers or something.
  8. Hi Maniac, Here is the info you requested from the ESET Scan: C:\ASUSDrivers\Software\MSU\Win8\MSUSetup.exe Win32/PrcView application cleaned by deleting - quarantined C:\ASUSDrivers\Software\MSU\XP_Vista_Win7\MSUSetup.exe Win32/PrcView application cleaned by deleting - quarantined
  9. PM sent. Thanks again.
  10. Hi Maniac, Here is the ComboFix log you requested: ComboFix 13-05-07.02 - George 07/05/2013 18:49:57.2.12 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.2.1033.18.16326.14089 [GMT -4:00] Running from: c:\users\George\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\George\AppData\Roaming\msregsvv.dll . . ((((((((((((((((((((((((( Files Created from 2013-04-07 to 2013-05-07 ))))))))))))))))))))))))))))))) . . 2013-05-07 22:53 . 2013-05-07 22:53 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-05-07 22:53 . 2013-05-07 22:53 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-04-28 14:56 . 2013-05-02 13:14 -------- d-----w- c:\users\George\AppData\Roaming\vlc 2013-04-24 02:07 . 2013-04-24 02:07 905296 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{70B5BF01-4660-4791-9B47-EA030DEC9E78}\gapaengine.dll 2013-04-24 02:07 . 2012-10-23 11:04 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-04-23 22:49 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-21 15:39 . 2013-04-21 15:40 -------- d-----w- c:\program files (x86)\Safari 2013-04-13 01:11 . 2013-05-05 19:16 -------- d-----w- c:\program files (x86)\Cisco Systems 2013-04-12 20:17 . 2013-04-12 20:17 -------- d-----w- c:\users\George\.thumbnails 2013-04-12 20:14 . 2013-04-12 20:14 -------- d-----w- c:\users\George\AppData\Local\fontconfig 2013-04-12 20:14 . 2013-05-01 01:43 -------- d-----w- c:\users\George\.gimp-2.8 2013-04-12 20:14 . 2013-04-12 20:14 -------- d-----w- c:\users\George\AppData\Local\gegl-0.2 2013-04-12 20:12 . 2013-04-12 20:13 -------- d-----w- c:\program files\GIMP 2 2013-04-12 19:50 . 1998-10-29 20:45 306688 ----a-w- c:\windows\IsUninst.exe 2013-04-12 14:15 . 2013-04-12 14:15 -------- d-----w- c:\programdata\Cisco Systems 2013-04-10 19:26 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-04-10 19:26 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys 2013-04-10 19:26 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-04-10 19:26 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-04-10 19:26 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-04-10 19:26 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll 2013-04-10 19:26 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe 2013-04-10 19:26 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll 2013-04-09 16:41 . 2013-04-09 16:41 -------- d-----w- c:\users\George\AppData\Roaming\SUPERAntiSpyware.com 2013-04-09 16:41 . 2013-04-09 16:41 -------- d-----w- c:\program files\SUPERAntiSpyware 2013-04-09 16:41 . 2013-04-09 16:41 -------- d-----w- c:\programdata\SUPERAntiSpyware.com . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-02 15:29 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-04-21 16:03 . 2013-04-05 15:09 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-04-21 16:03 . 2013-04-05 15:09 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-04-11 03:24 . 2013-03-20 08:19 72702784 ----a-w- c:\windows\system32\MRT.exe 2013-04-05 22:38 . 2013-04-05 22:38 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys 2013-04-04 18:50 . 2013-03-26 13:31 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-03-20 09:18 . 2013-03-20 09:18 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2013-03-20 09:18 . 2013-03-20 09:18 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll 2013-03-20 08:14 . 2013-03-20 08:14 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-03-20 08:14 . 2013-03-20 08:14 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-03-20 08:14 . 2013-03-20 08:14 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-03-20 08:14 . 2013-03-20 08:14 81408 ----a-w- c:\windows\system32\icardie.dll 2013-03-20 08:14 . 2013-03-20 08:14 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-03-20 08:14 . 2013-03-20 08:14 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-03-20 08:14 . 2013-03-20 08:14 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-03-20 08:14 . 2013-03-20 08:14 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-03-20 08:14 . 2013-03-20 08:14 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-03-20 08:14 . 2013-03-20 08:14 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-03-20 08:14 . 2013-03-20 08:14 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-03-20 08:14 . 2013-03-20 08:14 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-03-20 08:14 . 2013-03-20 08:14 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-03-20 08:14 . 2013-03-20 08:14 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-03-20 08:14 . 2013-03-20 08:14 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-03-20 08:14 . 2013-03-20 08:14 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-03-20 08:14 . 2013-03-20 08:14 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-03-20 08:14 . 2013-03-20 08:14 441856 ----a-w- c:\windows\system32\html.iec 2013-03-20 08:14 . 2013-03-20 08:14 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-03-20 08:14 . 2013-03-20 08:14 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-03-20 08:14 . 2013-03-20 08:14 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-03-20 08:14 . 2013-03-20 08:14 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-03-20 08:14 . 2013-03-20 08:14 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-03-20 08:14 . 2013-03-20 08:14 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-03-20 08:14 . 2013-03-20 08:14 235008 ----a-w- c:\windows\system32\url.dll 2013-03-20 08:14 . 2013-03-20 08:14 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-03-20 08:14 . 2013-03-20 08:14 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-03-20 08:14 . 2013-03-20 08:14 216064 ----a-w- c:\windows\system32\msls31.dll 2013-03-20 08:14 . 2013-03-20 08:14 197120 ----a-w- c:\windows\system32\msrating.dll 2013-03-20 08:14 . 2013-03-20 08:14 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-03-20 08:14 . 2013-03-20 08:14 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-03-20 08:14 . 2013-03-20 08:14 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-03-20 08:14 . 2013-03-20 08:14 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-03-20 08:14 . 2013-03-20 08:14 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-03-20 08:14 . 2013-03-20 08:14 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-03-20 08:14 . 2013-03-20 08:14 149504 ----a-w- c:\windows\system32\occache.dll 2013-03-20 08:14 . 2013-03-20 08:14 144896 ----a-w- c:\windows\system32\wextract.exe 2013-03-20 08:14 . 2013-03-20 08:14 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-03-20 08:14 . 2013-03-20 08:14 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-03-20 08:14 . 2013-03-20 08:14 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-03-20 08:14 . 2013-03-20 08:14 13824 ----a-w- c:\windows\system32\mshta.exe 2013-03-20 08:14 . 2013-03-20 08:14 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-03-20 08:14 . 2013-03-20 08:14 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-03-20 08:14 . 2013-03-20 08:14 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-03-20 08:14 . 2013-03-20 08:14 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-03-20 08:14 . 2013-03-20 08:14 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-03-20 08:14 . 2013-03-20 08:14 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-03-20 08:14 . 2013-03-20 08:14 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-03-20 08:14 . 2013-03-20 08:14 102912 ----a-w- c:\windows\system32\inseng.dll 2013-03-20 07:35 . 2013-03-20 07:35 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2013-03-20 07:35 . 2013-03-20 07:35 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-03-20 07:35 . 2013-03-20 07:35 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-03-20 07:33 . 2013-03-20 07:33 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-03-20 07:33 . 2013-03-20 07:33 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-03-20 07:33 . 2013-03-20 07:33 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-03-20 07:33 . 2013-03-20 07:33 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-03-20 07:33 . 2013-03-20 07:33 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-03-20 07:33 . 2013-03-20 07:33 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-03-20 07:33 . 2013-03-20 07:33 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-03-20 07:31 . 2013-03-20 07:31 750592 ----a-w- c:\windows\system32\win32spl.dll 2013-03-20 07:31 . 2013-03-20 07:31 492032 ----a-w- c:\windows\SysWow64\win32spl.dll 2013-03-20 07:30 . 2013-03-20 07:30 307200 ----a-w- c:\windows\system32\ncrypt.dll 2013-03-20 07:30 . 2013-03-20 07:30 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll 2013-03-20 07:30 . 2013-03-20 07:30 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll 2013-03-20 07:30 . 2013-03-20 07:30 2048 ----a-w- c:\windows\system32\msxml3r.dll 2013-03-20 07:30 . 2013-03-20 07:30 2002432 ----a-w- c:\windows\system32\msxml6.dll 2013-03-20 07:30 . 2013-03-20 07:30 1882624 ----a-w- c:\windows\system32\msxml3.dll 2013-03-20 07:30 . 2013-03-20 07:30 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll 2013-03-20 07:30 . 2013-03-20 07:30 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2013-03-20 07:29 . 2013-03-20 07:29 70656 ----a-w- c:\windows\SysWow64\fontsub.dll 2013-03-20 07:29 . 2013-03-20 07:29 46080 ----a-w- c:\windows\system32\atmlib.dll 2013-03-20 07:29 . 2013-03-20 07:29 367616 ----a-w- c:\windows\system32\atmfd.dll 2013-03-20 07:29 . 2013-03-20 07:29 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2013-03-20 07:29 . 2013-03-20 07:29 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2013-03-20 07:29 . 2013-03-20 07:29 100864 ----a-w- c:\windows\system32\fontsub.dll 2013-03-20 07:29 . 2013-03-20 07:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2013-03-20 07:29 . 2013-03-20 07:29 2048 ----a-w- c:\windows\system32\tzres.dll 2013-03-20 07:28 . 2013-03-20 07:28 478208 ----a-w- c:\windows\system32\dpnet.dll 2013-03-20 07:28 . 2013-03-20 07:28 376832 ----a-w- c:\windows\SysWow64\dpnet.dll 2013-03-20 07:28 . 2013-03-20 07:28 95744 ----a-w- c:\windows\system32\synceng.dll 2013-03-20 07:28 . 2013-03-20 07:28 78336 ----a-w- c:\windows\SysWow64\synceng.dll 2013-03-20 07:27 . 2013-03-20 07:27 715776 ----a-w- c:\windows\system32\kerberos.dll 2013-03-20 07:27 . 2013-03-20 07:27 542208 ----a-w- c:\windows\SysWow64\kerberos.dll 2013-03-20 07:26 . 2013-03-20 07:26 73216 ----a-w- c:\windows\system32\netapi32.dll 2013-03-20 07:26 . 2013-03-20 07:26 59392 ----a-w- c:\windows\system32\browcli.dll 2013-03-20 07:26 . 2013-03-20 07:26 41984 ----a-w- c:\windows\SysWow64\browcli.dll 2013-03-20 07:26 . 2013-03-20 07:26 136704 ----a-w- c:\windows\system32\browser.dll 2013-03-20 07:26 . 2013-03-20 07:26 956928 ----a-w- c:\windows\system32\localspl.dll 2013-03-20 07:25 . 2013-03-20 07:25 14172672 ----a-w- c:\windows\system32\shell32.dll 2013-03-20 07:25 . 2013-03-20 07:25 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2013-03-20 07:25 . 2013-03-20 07:25 1133568 ----a-w- c:\windows\system32\cdosys.dll 2013-03-20 07:25 . 2013-03-20 07:25 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616] "TrueCrypt"="c:\program files\TrueCrypt\TrueCrypt.exe" [2013-04-05 1516496] "Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-05-03 1635752] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-12-15 103720] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336] "BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-09-28 75048] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888] "DigidesignMMERefresh"="c:\program files (x86)\Digidesign\Drivers\MMERefresh.exe" [2010-06-16 77824] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2013-4-12 113664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . 2;2 AsusFanControlService;AsusFanControlService [x] R2 CLKMSVC10_38F51D56;CyberLink Product - 2013/03/20 05:19;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-04-20 241648] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856] R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384] R3 dalwdmservice;dal service;c:\windows\system32\drivers\dalwdm.sys [2009-12-19 139792] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168] R3 gbxavs_x64;gbxavs_x64;c:\windows\system32\Drivers\gbxavs_x64.sys [2009-10-08 45136] R3 gbxusb_x64;gbxusb_x64;c:\windows\system32\Drivers\gbxusb_x64.sys [2009-10-08 300624] R3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;c:\windows\system32\drivers\mbx2midk.sys [2009-12-19 32400] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-03-20 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464] S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys [2012-01-06 49760] S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\DRIVERS\mv91cons.sys [2011-09-21 25904] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672] S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-06-01 920736] S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-06-01 951936] S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120] S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys [2009-12-19 21520] S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-07-27 636952] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2012-06-05 190824] S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-07-23 166720] S2 LxrSII1d;Secure II Driver;c:\windows\System32\Drivers\LxrSII1d.sys [2009-12-30 63064] S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2013-01-17 6383920] S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-11-19 2928128] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-02-09 383264] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752] S3 DGUSBAP;Service for Digidesign Mbox2 (WDM);c:\windows\system32\DRIVERS\dgmbx2.sys [2010-08-30 192528] S3 gbxavs;Maschine Midi;c:\windows\system32\Drivers\gbxavs.sys [2011-07-07 357968] S3 gbxusb_svc;Maschine Controller;c:\windows\system32\Drivers\gbxusb.sys [2011-07-07 68688] S3 iLokDrvr;Usb Driver;c:\windows\system32\DRIVERS\iLokDrvr.sys [2012-11-17 24728] S3 MBX2DFU;Digidesign Mbox 2 Firmware Updater;c:\windows\system32\DRIVERS\dgmbx2fu.sys [2010-08-30 31120] . . --- Other Services/Drivers In Memory --- . *Deregistered* - CLKMDRV10_38F51D56 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 16:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-04-10 12:51 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-05-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-05 16:03] . 2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-23 05:46] . 2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-23 05:46] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.ca/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\George\AppData\Roaming\Mozilla\Firefox\Profiles\8ij29gyg.default\ . - - - - ORPHANS REMOVED - - - - . AddRemove-Native Instruments Maschine Controller Driver - c:\programdata\{B49C92CB-1A73-4A41-A84C-5091582E7AA8}\Maschine Controller Driver Setup PC.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-05-07 18:54:45 ComboFix-quarantined-files.txt 2013-05-07 22:54 ComboFix2.txt 2013-04-30 23:16 . Pre-Run: 2,134,064,726,016 bytes free Post-Run: 2,133,759,225,856 bytes free . - - End Of File - - 025C9235306983DAC4D2234624B3B753
  11. Hi Maniac, Thanks for the help! Here are the scans you requested: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.05.06.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16540 George :: GEORGE-PC [administrator] 06/05/2013 7:28:40 PM mbam-log-2013-05-06 (19-28-40).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 239409 Time elapsed: 2 minute(s), 1 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : George [Admin rights] Mode : Scan -- Date : 05/06/2013 19:34:27 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3000DM001-1CH166 ATA Device +++++ --- User --- [MBR] 0086f36f0b7bc8b257f89fc226376c3d [bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: ST3000DM001-1CH166 ATA Device +++++ --- User --- [MBR] 0086f36f0b7bc8b257f89fc226376c3d [bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive2: Seagate FA GoFlex Desk USB Device +++++ --- User --- [MBR] ff0b517702293986d40468d89de9ed93 [bSP] 5cab7fac78b6fe5301595cea6da44b25 : Empty MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo Error reading LL1 MBR! Error reading LL2 MBR! Finished : << RKreport[1]_S_05062013_02d1934.txt >> RKreport[1]_S_05062013_02d1934.txt
  12. Hi guys, I frequently run MBAM and lately I have been coming across a Trojan.PornDialer. MBAM quarantines it and reports that it has been successfully removed. However, it has come back 3 times in the past 3 weeks. I am not noticing any strange computer behaviour (no pop-ups, redirects, or slowness). I am not sure what to do.... just keep removing the file everytime it is discovered? I have been to another forum to see if they could help and we ran ComboFix and a few other tools that seemed to get rid of it. But... here I am infected again. I have not visited any suspicious sites nor do I do any torrenting. Thanks for any help you guys can provide! Here is the MBAM report: Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connect (Trojan.PornDialer) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Here are the other logs from dds as requested: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 20/03/2013 2:07:16 AM System Uptime: 05/05/2013 2:59:43 PM (7 hours ago) . Motherboard: ASUSTeK COMPUTER INC. | | SABERTOOTH X79 Processor: Intel® Core™ i7-3930K CPU @ 3.20GHz | LGA2011 | 3201/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 2794 GiB total, 1988.093 GiB free. D: is CDROM () E: is FIXED (NTFS) - 2794 GiB total, 2453.481 GiB free. G: is FIXED (NTFS) - 400 GiB total, 224.257 GiB free. H: is FIXED (NTFS) - 932 GiB total, 194.298 GiB free. I: is FIXED (NTFS) - 10 GiB total, 8.029 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP159: 04/05/2013 10:57:36 AM - ComboFix created restore point . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop Elements 2.0 Adobe Reader XI (11.0.02) AI Suite II Ampeg SVX UNO AmpliTube 2 DUO AmpliTube 3 version 3.10.0 Apple Application Support Apple Mobile Device Support Apple Software Update Asmedia ASM104x USB 3.0 Host Controller Driver Asmedia ASM106x SATA Host Controller Driver Avid Audio Drivers (x64) Avid Pro Tools Creative Collection 8.0.4 Avid Pro Tools LE 8.0.4cs2 Bonjour CinemaNow Custom Shop version 1.1.0 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Digidesign 7.x Factory Update Patch 8.0.1 Digidesign ElevenRack Driver 1.0.8 (x64) Digidesign Factory Bundle 8.0 EWQL Orchestra FileZilla Client 3.6.0.2 Free DigiRack Plug-Ins 8.0.3 GIMP 2.8.4 Google Chrome Google Update Helper IK Multimedia Authorization Manager version 1.0.9 iLok Client Helper Intel® Management Engine Components Intel® Network Connections 17.2.154.0 Intel® Trusted Connect Service Client Interlok driver setup x64 iTunes LG Burning Tool LG CyberLink LabelPrint LG CyberLink Media Suite LG CyberLink MediaEspresso LG CyberLink MediaShow LG CyberLink PowerDVD LG CyberLink PowerProducer License Support LightScribe System Software LIMBO Malwarebytes Anti-Malware version 1.75.0.1300 marvell 91xx driver Microsoft .NET Framework 4.5 Microsoft Office 2010 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 minimoog-v Original 2.5.3 Mozilla Firefox 20.0.1 (x86 en-US) Mozilla Maintenance Service Mozilla Thunderbird 17.0.5 (x86 en-US) Native Instruments Absynth 5 Native Instruments Absynth Twilights Native Instruments Controller Editor Native Instruments Komplete Synths Native Instruments Kore Player Native Instruments Maschine Native Instruments Maschine Controller Native Instruments Maschine Controller Driver Native Instruments Maschine Controller MK2 Driver Native Instruments Maschine Factory Content Native Instruments Maschine Factory Content 1.5 Native Instruments Maschine Mikro Driver Native Instruments Maschine Mikro MK2 Driver Native Instruments Massive Native Instruments Reaktor 5 Native Instruments Reaktor 5 Factory Content Native Instruments Reaktor Animated Circuits Native Instruments Service Center Native Instruments Transistor Punch Notepad++ NVIDIA 3D Vision Controller Driver 314.07 NVIDIA 3D Vision Driver 314.07 NVIDIA Control Panel 314.07 NVIDIA Graphics Driver 314.07 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.12.12 NVIDIA Update Components oZone3D.Net FurMark v1.8.2 Play Update 3.0.46 QL Stormdrum 2 QuickTime Realtek High Definition Audio Driver Safari Security Update for Microsoft .NET Framework 4.5 (KB2737083) Security Update for Microsoft .NET Framework 4.5 (KB2742613) Security Update for Microsoft .NET Framework 4.5 (KB2789648) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2760762) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Skype Click to Call Skype™ 6.3 Steam SUPERAntiSpyware T-RackS 3 Brickwall Limiter version 3.5.1 T-RackS 3 Classic Clipper version 3.5.1 T-RackS 3 Classic Compressor version 3.5.1 T-RackS 3 Vintage Compressor 670 version 3.5.1 T-RackS 3 Vintage Program EQ 1A version 3.5.1 T-RackS CS version 4.0.0 TrueCrypt Update for Microsoft .NET Framework 4.5 (KB2750147) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Visual C++ 64-bit Redistributables Visual C++ Redistributables VLC media player 2.0.6 Warframe Waves Complete V7r16 Waves Complete V9r10 . ==== Event Viewer Messages From Past Week ======== . 30/04/2013 7:15:20 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 30/04/2013 7:15:02 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 28/04/2013 9:53:50 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR4. 28/04/2013 1:08:43 AM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: A system shutdown is in progress. 05/05/2013 3:20:03 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. 05/05/2013 3:01:32 PM, Error: Service Control Manager [7022] - The AsusFanControlService service hung on starting. 04/05/2013 10:55:16 AM, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s). 02/05/2013 10:31:22 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 02/05/2013 10:31:22 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 Run by George at 21:31:27 on 2013-05-05 Microsoft Windows 7 Professional 6.1.7601.1.1252.2.1033.18.16326.11619 [GMT -4:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\SysWOW64\LxrSII1s.exe C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\TrueCrypt\TrueCrypt.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.ca/ BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden uRun: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon /a favorites uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{00412563-F8CD-42E3-886E-B5B0620B4C22} : DHCPNameServer = 192.168.0.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\8ij29gyg.default\ FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\PACE Anti-Piracy\iLok\NPPaceILok.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll . ============= SERVICES / DRIVERS =============== . R?2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe [2013-3-27 1457152] R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\System32\drivers\mv91cons.sys [2011-9-21 25904] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672] R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-6-1 920736] R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-6-1 951936] R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2013-3-27 149120] R2 DigiNet;Digidesign Ethernet Support;C:\Windows\System32\drivers\diginet.sys [2013-3-25 21520] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-7-27 636952] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-6-5 190824] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-3-20 166720] R2 LxrSII1d;Secure II Driver;C:\Windows\System32\drivers\LxrSII1d.sys [2013-3-29 63064] R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2013-1-17 6383920] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008] R2 PaceLicenseDServices;PACE License Services;C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-11-19 2928128] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-4-15 3289208] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752] R3 DGUSBAP;Service for Digidesign Mbox2 (WDM);C:\Windows\System32\drivers\dgmbx2.sys [2010-8-30 192528] R3 gbxavs;Maschine Midi;C:\Windows\System32\drivers\gbxavs.sys [2011-7-7 357968] R3 gbxusb_svc;Maschine Controller;C:\Windows\System32\drivers\gbxusb.sys [2011-7-7 68688] R3 iLokDrvr;Usb Driver;C:\Windows\System32\drivers\iLokDrvr.sys [2012-11-17 24728] R3 MBX2DFU;Digidesign Mbox 2 Firmware Updater;C:\Windows\System32\drivers\dgmbx2fu.sys [2010-8-30 31120] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] S2 CLKMSVC10_38F51D56;CyberLink Product - 2013/03/20 05:19:48;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-4-20 241648] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] S3 dalwdmservice;dal service;C:\Windows\System32\drivers\Dalwdm.sys [2013-3-24 139792] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168] S3 gbxavs_x64;gbxavs_x64;C:\Windows\System32\drivers\gbxavs_x64.sys [2009-10-8 45136] S3 gbxusb_x64;gbxusb_x64;C:\Windows\System32\drivers\gbxusb_x64.sys [2009-10-8 300624] S3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;C:\Windows\System32\drivers\mbx2midk.sys [2013-3-24 32400] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-20 19456] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-20 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-3-20 30208] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-20 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] . =============== Created Last 30 ================ . 2013-05-05 21:36:58 -------- d-----w- C:\Users\George\AppData\Roaming\com.bby.cinemanowca 2013-05-05 21:36:56 -------- d-----w- C:\Program Files (x86)\CinemaNow 2013-05-05 00:59:15 9317456 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{906FC919-B068-437D-A2C8-C0A58FEA2098}\mpengine.dll 2013-05-04 14:57:38 -------- d-sh--w- C:\$RECYCLE.BIN 2013-05-04 01:09:04 9317456 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-05-03 02:29:15 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2013-05-03 02:29:14 -------- d-----w- C:\Program Files (x86)\Steam 2013-04-30 23:27:56 32 ----a-w- C:\Users\George\AppData\Roaming\msregsvv.dll 2013-04-24 02:07:41 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-04-24 02:07:41 905296 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{70B5BF01-4660-4791-9B47-EA030DEC9E78}\gapaengine.dll 2013-04-23 22:49:56 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-13 01:11:13 -------- d-----w- C:\Program Files (x86)\Cisco Systems 2013-04-12 20:17:13 -------- d-----w- C:\Users\George\.thumbnails 2013-04-12 20:14:10 -------- d-----w- C:\Users\George\AppData\Local\fontconfig 2013-04-12 20:14:09 -------- d-----w- C:\Users\George\AppData\Local\gegl-0.2 2013-04-12 20:14:09 -------- d-----w- C:\Users\George\.gimp-2.8 2013-04-12 20:12:52 -------- d-----w- C:\Program Files\GIMP 2 2013-04-12 19:50:30 306688 ----a-w- C:\Windows\IsUninst.exe 2013-04-12 14:15:46 -------- d-----w- C:\ProgramData\Cisco Systems 2013-04-10 19:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-04-10 19:26:34 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2013-04-10 19:26:30 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-04-10 19:26:28 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-04-10 19:26:27 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-04-10 19:26:26 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-04-10 19:26:26 112640 ----a-w- C:\Windows\System32\smss.exe 2013-04-10 19:26:25 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-04-09 16:41:45 -------- d-----w- C:\Users\George\AppData\Roaming\SUPERAntiSpyware.com 2013-04-09 16:41:24 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2013-04-09 16:41:24 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2013-04-07 20:34:17 -------- d-----w- C:\Users\George\AppData\Roaming\TrueCrypt . ==================== Find3M ==================== . 2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-21 16:03:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-04-21 16:03:10 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-04-05 22:38:46 231376 ----a-w- C:\Windows\System32\drivers\truecrypt.sys 2013-04-04 18:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-20 09:18:39 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2013-03-20 09:18:39 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll 2013-03-20 07:35:02 376688 ----a-w- C:\Windows\System32\drivers\netio.sys 2013-03-20 07:35:02 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-03-20 07:35:02 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-03-20 07:33:38 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-03-20 07:33:38 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-03-20 07:33:38 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-03-20 07:33:38 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-03-20 07:33:38 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-03-20 07:33:38 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-03-20 07:33:38 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-03-20 07:31:31 750592 ----a-w- C:\Windows\System32\win32spl.dll 2013-03-20 07:31:31 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-03-20 07:30:51 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2013-03-20 07:30:51 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2013-03-20 07:30:05 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2013-03-20 07:30:05 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2013-03-20 07:30:05 2002432 ----a-w- C:\Windows\System32\msxml6.dll 2013-03-20 07:30:05 1882624 ----a-w- C:\Windows\System32\msxml3.dll 2013-03-20 07:30:05 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll 2013-03-20 07:30:05 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2013-03-20 07:29:45 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll 2013-03-20 07:29:45 46080 ----a-w- C:\Windows\System32\atmlib.dll 2013-03-20 07:29:45 367616 ----a-w- C:\Windows\System32\atmfd.dll 2013-03-20 07:29:45 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2013-03-20 07:29:45 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2013-03-20 07:29:45 100864 ----a-w- C:\Windows\System32\fontsub.dll 2013-03-20 07:29:26 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-03-20 07:29:26 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-03-20 07:28:28 478208 ----a-w- C:\Windows\System32\dpnet.dll 2013-03-20 07:28:28 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll 2013-03-20 07:28:13 95744 ----a-w- C:\Windows\System32\synceng.dll 2013-03-20 07:28:13 78336 ----a-w- C:\Windows\SysWow64\synceng.dll 2013-03-20 07:27:00 715776 ----a-w- C:\Windows\System32\kerberos.dll 2013-03-20 07:27:00 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2013-03-20 07:26:44 59392 ----a-w- C:\Windows\System32\browcli.dll 2013-03-20 07:26:44 41984 ----a-w- C:\Windows\SysWow64\browcli.dll 2013-03-20 07:26:44 136704 ----a-w- C:\Windows\System32\browser.dll 2013-03-20 07:26:13 956928 ----a-w- C:\Windows\System32\localspl.dll 2013-03-20 07:25:41 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2013-03-20 07:25:41 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2013-03-20 07:25:23 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2013-03-20 07:25:23 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2013-03-20 07:25:23 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2013-03-20 07:25:13 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2013-03-20 07:25:02 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2013-03-20 07:23:11 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2013-03-20 07:23:11 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2013-03-20 07:23:11 5120 ----a-w- C:\Windows\System32\wmi.dll 2013-03-20 07:23:11 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2013-03-20 07:23:11 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-03-20 07:23:00 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2013-03-20 07:23:00 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2013-03-20 07:23:00 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2013-03-20 07:22:50 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-03-20 07:22:40 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2013-03-20 07:22:40 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2013-03-20 07:22:31 1731920 ----a-w- C:\Windows\System32\ntdll.dll 2013-03-20 07:22:31 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-03-20 07:22:19 395776 ----a-w- C:\Windows\System32\webio.dll 2013-03-20 07:22:19 314880 ----a-w- C:\Windows\SysWow64\webio.dll 2013-03-20 07:22:07 1572864 ----a-w- C:\Windows\System32\quartz.dll 2013-03-20 07:22:07 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll 2013-03-20 07:21:56 77312 ----a-w- C:\Windows\System32\packager.dll 2013-03-20 07:21:56 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2013-03-20 07:21:23 723456 ----a-w- C:\Windows\System32\EncDec.dll 2013-03-20 07:21:23 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2013-03-20 07:19:57 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2013-03-20 07:18:54 961024 ----a-w- C:\Windows\System32\CPFilters.dll 2013-03-20 07:18:54 850944 ----a-w- C:\Windows\SysWow64\sbe.dll 2013-03-20 07:18:54 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll 2013-03-20 07:18:54 259072 ----a-w- C:\Windows\System32\mpg2splt.ax 2013-03-20 07:18:54 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax 2013-03-20 07:18:54 1118720 ----a-w- C:\Windows\System32\sbe.dll 2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll 2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-21 10:14:05 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-02-19 12:01:03 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-02-19 11:42:14 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-19 11:10:53 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-02-19 10:51:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-02-10 01:04:31 6393120 ----a-w- C:\Windows\System32\nvcpl.dll . ============= FINISH: 21:31:54.34 ===============