Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Has Become Very Very Slow


  • This topic is locked This topic is locked
27 replies to this topic

#1 Spencerotaku

Spencerotaku

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 30 May 2013 - 01:35 AM

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16576  BrowserJavaVersion: 10.5.1
Run by Spencer at 23:28:04 on 2013-05-29
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.12286.9381 [GMT -7:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\steam\steam.exe
D:\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=US&userid=1ea8b501-eef2-4760-9d03-941f322df03c&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
uSearch Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=US&userid=1ea8b501-eef2-4760-9d03-941f322df03c&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
uProxyServer = 202.75.54.155:3128
uSearchAssistant = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=US&userid=1ea8b501-eef2-4760-9d03-941f322df03c&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
mURLSearchHooks: {2558d83c-097c-4cf1-9163-ce5ecc36ace2} - <orphaned>
mURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
BHO: {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - <orphaned>
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll
uRun: [Google Update] "C:\Users\Spencer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [Lycosa] "D:\j\razerhid.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BIGFOO~1.LNK - C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {829cbb8d-4fbc-2464-e9d7-d55180b193b4} - C:\Program Files (x86)\BucksBee Loyalty Plugin - Softonic\ribbon.hta
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {a8e3281a-999a-ab24-9566-42314ed92b6e} - C:\Program Files (x86)\BucksBee Loyalty Plugin - Softonic\ribbon_menu.hta
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{1C85C003-5947-4182-AC26-01E96C449020} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9D9440B4-10EB-4431-BC68-3B901D4D506A} : DHCPNameServer = 192.168.42.129
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: GBHO.BHO: {45d30484-7ded-43d9-957a-d2fd1f046511} - 
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>
x64-TB: Smart Recovery 2: {1d09c093-f71e-43c3-b948-19316cbd695e} - 
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"  -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat"
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Spencer\AppData\Roaming\Mozilla\Firefox\Profiles\sovoj3te.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Spencer\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Users\Spencer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Spencer\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Spencer\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Spencer\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - plugin: D:\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: D:\vlc\npvlc.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1403010.016\symds64.sys [2013-4-15 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1403010.016\symefa64.sys [2013-4-15 1139800]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2011-7-1 21616]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130515.001\BHDrvx64.sys [2013-5-20 1390680]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1403010.016\ccsetx64.sys [2013-4-15 168096]
R1 ccSet_NST;Norton Safe Web Lite Settings Manager;C:\Windows\System32\drivers\NSTx64\0200000.010\ccSetx64.sys [2012-5-8 167048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-6-20 283200]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130529.001_258\IDSviA64.sys [2013-5-29 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1403010.016\ironx64.sys [2013-4-15 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1403010.016\symnets.sys [2013-4-15 432800]
R2 DES2 Service;DES2 Service for Energy Saving.;C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2011-7-1 68136]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-8-10 227184]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccsvchst.exe [2013-4-15 144520]
R2 NSL;Norton Safe Web Lite;C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [2012-5-8 138760]
R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-6-19 1646608]
R2 Smart TimeLock;Smart TimeLock Service;C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe [2011-7-1 114688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-5-7 413472]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-5-13 3574624]
R3 BfEdge7x64;Bigfoot Networks Killer Ethernet Service;C:\Windows\System32\drivers\Edge7x64.sys [2010-12-17 30824]
R3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2010-12-17 157288]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2011-7-1 230488]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2011-7-1 1445976]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2011-7-1 95320]
R3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\System32\drivers\ha20x22k.sys [2011-7-1 1627224]
R3 Lycosa;Lycosa Keyboard;C:\Windows\System32\drivers\Lycosa.sys [2013-1-22 28928]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-7-26 78848]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-7-26 180224]
R3 VKbms;Virtual HID Minidriver;C:\Windows\System32\drivers\VKbms.sys [2012-7-25 13312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\Windows\System32\drivers\lgandnetdiag64.sys [2011-4-8 30208]
S3 AndNetGps;LGE AndroidNet USB GPS NMEA Port;C:\Windows\System32\drivers\lgandnetgps64.sys [2011-4-8 28672]
S3 ANDNetModem;LGE AndroidNet USB Modem;C:\Windows\System32\drivers\lgandnetmodem64.sys [2011-4-8 37376]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;C:\Windows\System32\drivers\lgandnetndis64.sys [2011-4-8 90624]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
S3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-1-17 25632]
S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2011-7-1 230488]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2011-7-1 1445976]
S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2011-7-1 95320]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-3-7 138912]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-12-20 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2011-7-1 30528]
S3 jumi;%Jumi%;C:\Windows\System32\drivers\jumi.sys [2010-6-3 15160]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-17 351136]
S3 LVUVC64;Logitech HD Webcam C615(UVC);C:\Windows\System32\drivers\LVUVC64.sys [2011-8-19 4865568]
S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2011-4-4 21504]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-5-12 11776]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-20 1255736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;D:\razer game\Driver\WinRing0x64.sys [2012-11-13 14544]
S4 Bigfoot Networks Killer Service;Bigfoot Networks Killer Service;C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [2012-2-22 570880]
S4 JMB36X;JMB36X;C:\Windows\SysWOW64\XSrvSetup.exe [2011-7-1 72280]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2008-7-10 47128]
S4 SCBackService;Splashtop Connect Service;C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-7-10 369688]
S4 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-17 450848]
S4 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [2011-3-23 493384]
S4 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-3-22 497480]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-05-30 05:52:12 -------- d-----w- C:\Users\Spencer\AppData\Local\ElevatedDiagnostics
2013-05-30 01:24:13 -------- d-----w- C:\Users\Spencer\AppData\Roaming\Malwarebytes
2013-05-21 15:35:23 -------- d-----w- C:\Windows\Panther
2013-05-18 18:25:09 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-13 20:19:14 9233688 ----a-w- C:\Windows\System32\nvcuda.dll
2013-05-10 07:57:26 187456 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-05-10 07:57:26 187456 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-05-09 18:40:09 -------- dc----w- C:\N360_BACKUP
2013-05-07 23:47:16 566048 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-05-06 02:39:29 -------- d-----w- C:\Users\Spencer\AppData\Roaming\.minecraft
.
==================== Find3M  ====================
.
2013-05-30 05:59:22 25640 ----a-w- C:\Windows\gdrv.sys
2013-05-22 01:28:07 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-05-22 01:28:07 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-05-22 01:27:24 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-05-08 03:33:47 7682424 ----a-w- C:\Windows\SysWow64\nvcuda.dll
2013-05-07 22:35:13 6491936 ----a-w- C:\Windows\System32\nvcpl.dll
2013-05-07 22:35:13 3514656 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-05-07 22:35:08 884512 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-05-07 22:35:08 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-05-07 22:35:07 237856 ----a-w- C:\Windows\System32\nvmctray.dll
2013-04-19 04:24:21 1832224 ----a-w- C:\Windows\System32\nvdispco6432000.dll
2013-04-19 04:24:21 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432000.dll
2013-04-19 02:46:01 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
2013-03-18 05:29:58 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-03-15 05:53:06 1807136 ----a-w- C:\Windows\System32\nvdispco6431422.dll
2013-03-15 05:53:06 1510176 ----a-w- C:\Windows\System32\nvdispgenco6431422.dll
2013-03-14 11:43:34 1807136 ----a-w- C:\Windows\System32\nvdispco6431421.dll
2013-03-14 11:43:34 1510176 ----a-w- C:\Windows\System32\nvdispgenco6431421.dll
2013-03-13 01:21:13 564824 ----a-w- C:\Windows\System32\drivers\sptd.sys
2013-03-09 02:33:31 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
.
============= FINISH: 23:28:15.48 ===============
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 Spencerotaku

Spencerotaku
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 30 May 2013 - 01:41 AM

This happened out of nowhere, at one point everything was great lighting fast speeds and internet speed test told me i had 50mbs and now everything is uber slow and it says im getting 1-5 mbs =( while all the other computers in my house are getting 50 and are still fast. My ethernet cord is fine i tried it on another pc and it was working, i scanned my pc with norton and malwaye bytes but it did int find anything



#3 Spencerotaku

Spencerotaku
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 30 May 2013 - 03:13 AM

Bump



#4 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:49 PM

Posted 01 June 2013 - 08:03 PM

Hi and Welcome!!
 
My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

 


  • The fixes are specific to your problem and should only be used for the issues on this machine.


  • It's often worth reading through these instructions and printing them for ease of reference.


  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.


  • Please reply to this thread. Do not start a new topic.


  • If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.


  • Please be sure to subscribe to this topic so that you can see when there are new responses.


  • IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

 
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.
 
Having said that.... vegeta_zps7f4345cf.gifLet's get going!!
----------

 

aswmbr-1-1.jpg Please download aswMBR to your desktop.

  • Double click the aswMBR icon to run it.


  • Click the Scan button to start scan.


  • If you are asked to update the Avast Virus database please allow it to do so.


  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.

 
aswmbrscan.jpg
Click the image to enlarge it
----------

 


  •  


  • Close all open programs and internet browsers.


  • Double click on adwcleaner.exe to run the tool.


  • Click on Delete.


  • Confirm each time with Ok.


  • You will be prompted to restart your computer. A text file will open after the restart.


  • Please post the contents of that logfile with your next reply.


  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


Edited by jeffce, 01 June 2013 - 08:04 PM.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#5 Spencerotaku

Spencerotaku
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 02 June 2013 - 05:22 PM

AdwCleaner[S1].txt

# AdwCleaner v2.301 - Logfile created 06/02/2013 at 14:32:47

# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Crona - CRONA-PC
# Boot Mode : Normal
# Running from : C:\Users\Crona\Desktop\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16483
 
[OK] Registry is clean.
 
-\\ Google Chrome v27.0.1453.94
 
File : C:\Users\Crona\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [656 octets] - [02/06/2013 14:32:47]
AdwCleaner[S1].txt - [318 octets] - [02/06/2013 14:32:39]
 
########## EOF - C:\AdwCleaner[R1].txt - [774 octets] ##########
 

 

AdwCleaner[S2].txt

 

# AdwCleaner v2.301 - Logfile created 06/02/2013 at 14:34:11
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Crona - CRONA-PC
# Boot Mode : Normal
# Running from : C:\Users\Crona\Desktop\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
 
***** [Registry] *****
 
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16483
 
[OK] Registry is clean.
 
-\\ Google Chrome v27.0.1453.94
 
File : C:\Users\Crona\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [842 octets] - [02/06/2013 14:32:47]
AdwCleaner[R2].txt - [901 octets] - [02/06/2013 14:33:56]
AdwCleaner[S1].txt - [318 octets] - [02/06/2013 14:32:39]
AdwCleaner[S2].txt - [833 octets] - [02/06/2013 14:34:11]
 
########## EOF - C:\AdwCleaner[S2].txt - [892 octets] ##########
 
aswMBR.txt
 
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-06-02 14:24:13
-----------------------------
14:24:13.075    OS Version: Windows x64 6.1.7601 Service Pack 1
14:24:13.075    Number of processors: 8 586 0x1A05
14:24:13.076    ComputerName: CRONA-PC  UserName: Crona
14:24:13.265    Initialize success
14:27:23.277    AVAST engine defs: 13060201
14:28:45.093    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-b
14:28:45.095    Disk 0 Vendor: Hitachi_HDS723030ALA640 MKAOA580 Size: 2861588MB BusType: 3
14:28:45.097    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP5T0L0-5
14:28:45.098    Disk 1 Vendor: INTEL_SSDSA2CW080G3 4PC10302 Size: 76319MB BusType: 3
14:28:45.104    Disk 1 MBR read successfully
14:28:45.106    Disk 1 MBR scan
14:28:45.108    Disk 1 Windows 7 default MBR code
14:28:45.110    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
14:28:45.128    Disk 1 Partition 2 00     07    HPFS/NTFS NTFS        76217 MB offset 206848
14:28:45.168    Disk 1 scanning C:\Windows\system32\drivers
14:28:49.297    Service scanning
14:28:59.517    Modules scanning
14:28:59.526    Disk 1 trace - called modules:
14:28:59.533    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
14:28:59.539    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800a2e2790]
14:28:59.545    3 CLASSPNP.SYS[fffff8800187d43f] -> nt!IofCallDriver -> [0xfffffa8009d5fcd0]
14:28:59.550    5 ACPI.sys[fffff88000f9e7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-5[0xfffffa800a027680]
14:28:59.706    AVAST engine scan C:\Windows
14:29:00.231    AVAST engine scan C:\Windows\system32
14:30:27.230    AVAST engine scan C:\Windows\system32\drivers
14:30:32.047    AVAST engine scan C:\Users\Crona
14:31:13.196    AVAST engine scan C:\ProgramData
14:31:19.602    Scan finished successfully
14:31:39.410    Disk 1 MBR has been saved successfully to "C:\Users\Crona\Desktop\MBR.dat"
14:31:39.449    The log file has been saved successfully to "C:\Users\Crona\Desktop\aswMBR.txt"


#6 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:49 PM

Posted 02 June 2013 - 05:51 PM

ComboFix
 
Download Combofix from either of the links below, and save it to your desktop.  
Link 1
Link 2
 
**Note:  It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.


 
--------------------------------------------------------------------
 
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
 
--------------------------------------------------------------------
 
Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#7 Spencerotaku

Spencerotaku
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 02 June 2013 - 07:52 PM

ComboFix 13-06-02.02 - Crona 06/02/2013  17:47:22.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.12286.10763 [GMT -7:00]
Running from: c:\users\Crona\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-03 to 2013-06-03  )))))))))))))))))))))))))))))))
.
.
2013-06-03 00:49 . 2013-06-03 00:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-02 22:30 . 2013-06-02 22:30 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-02 22:30 . 2013-06-02 22:30 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-06-02 22:30 . 2013-06-02 22:32 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-06-02 21:25 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AC70C20C-1065-4D19-B0AC-101D88D7B6EB}\mpengine.dll
2013-06-02 21:18 . 2013-05-03 23:15 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-31 17:20 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-31 17:20 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-31 17:20 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-31 17:20 . 2013-05-31 17:20 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-05-31 16:38 . 2013-05-31 16:38 -------- d-----w- c:\windows\SysWow64\Wat
2013-05-31 16:38 . 2013-05-31 16:38 -------- d-----w- c:\windows\system32\Wat
2013-05-31 16:04 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-05-31 16:04 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-05-31 16:04 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-05-31 16:04 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-05-31 15:49 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-05-31 15:49 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-05-31 15:49 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-05-31 15:49 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-05-31 15:49 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-05-31 15:49 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-05-31 15:49 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-05-31 15:49 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-05-31 15:49 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-05-31 15:49 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-05-31 15:49 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-05-31 15:49 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-05-31 15:49 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-05-31 15:44 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-05-31 15:44 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-05-31 15:44 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-05-31 15:44 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-05-31 15:44 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-05-31 01:21 . 2013-05-31 01:26 -------- d-----w- c:\program files (x86)\MSI Afterburner
2013-05-30 20:57 . 2013-05-31 17:20 -------- d-----w- c:\program files (x86)\Microsoft Works
2013-05-30 20:57 . 2013-05-30 20:57 -------- d-----w- c:\windows\PCHEALTH
2013-05-30 20:56 . 2013-05-30 20:56 -------- d-----w- c:\program files\Microsoft Office
2013-05-30 20:55 . 2013-05-31 17:20 -------- d-----w- c:\programdata\Microsoft Help
2013-05-30 20:55 . 2013-05-30 20:55 -------- d-----r- C:\MSOCache
2013-05-30 20:28 . 2013-05-30 20:28 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{94CBEEBE-304E-4556-A80E-962843520131}\gapaengine.dll
2013-05-30 20:28 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-30 20:28 . 2013-05-30 20:28 -------- d-----w- c:\program files\Belkin
2013-05-30 20:28 . 2013-05-30 20:28 304480 ----a-w- c:\windows\system32\drivers\sxuptp.sys
2013-05-30 20:25 . 2013-05-30 20:25 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-05-30 20:25 . 2013-05-30 20:25 -------- d-----w- c:\program files\Microsoft Security Client
2013-05-30 20:15 . 2013-05-30 20:15 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-05-30 20:15 . 2013-05-30 20:15 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-05-30 20:15 . 2013-05-30 20:15 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-30 20:15 . 2013-05-30 20:15 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-30 20:15 . 2013-05-30 20:15 -------- d-----w- c:\program files (x86)\Java
2013-05-30 20:15 . 2013-05-30 20:15 -------- d-----w- c:\programdata\McAfee
2013-05-30 20:13 . 2013-05-30 20:13 -------- d-----w- C:\Python32
2013-05-30 20:12 . 2013-05-30 20:12 -------- d-----w- c:\program files\7-Zip
2013-05-30 20:05 . 2013-05-30 19:12 -------- d-----w- c:\windows\panther
2013-05-30 20:01 . 2013-05-30 20:17 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-05-30 19:44 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2013-05-30 19:43 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2013-05-30 19:41 . 2013-05-30 20:57 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-05-30 19:40 . 2013-05-30 19:40 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-05-30 19:38 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2013-05-30 19:38 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-05-30 19:33 . 2013-05-30 19:33 -------- d-----w- c:\program files (x86)\Google
2013-05-30 19:20 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-05-30 19:20 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-05-30 19:20 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-05-30 19:18 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-05-30 19:18 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-05-30 19:18 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-05-30 19:18 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-05-30 19:18 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-05-30 19:18 . 2012-06-02 22:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-05-30 19:18 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-05-30 19:18 . 2012-06-02 22:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-05-30 19:18 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-05-30 19:13 . 2013-05-30 19:13 -------- d-----w- c:\program files (x86)\InstallShield Installation Information
2013-05-30 19:13 . 2013-06-02 21:37 -------- d-----w- c:\programdata\Bigfoot Networks
2013-05-30 19:13 . 2013-05-30 19:13 -------- d-----w- c:\program files\Bigfoot Networks
2013-05-30 19:13 . 2013-06-02 22:25 -------- d-sh--w- c:\windows\Installer
2013-05-30 19:12 . 2013-05-30 20:13 -------- d-----w- c:\users\Crona
2013-05-30 19:12 . 2013-05-30 19:12 -------- d-----w- C:\Recovery
2013-05-12 22:43 . 2013-05-12 22:43 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-12 21:42 . 2013-02-26 07:32 2935696 ----a-w- c:\windows\system32\nvapi64.dll
2013-05-02 15:29 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-30 19:45 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-30 19:45 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-30 19:45 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-30 19:45 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-30 19:45 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-30 19:45 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer8"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-05-31 1255736]
R4 Belkin USB Center Helper;Belkin USB Center Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2013-05-30 55296]
R4 Bigfoot Networks Killer Service;Bigfoot Networks Killer Service;c:\program files\Bigfoot Networks\Killer Network Manager\BFNService.exe [2012-02-22 492032]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-05-12 413472]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-02 283200]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [2013-05-30 304480]
S3 BfEdge7x64;Bigfoot Networks Killer Ethernet Service;c:\windows\system32\DRIVERS\Edge7x64.sys [2012-02-22 31336]
S3 BFN7x64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\DRIVERS\Xeno7x64.sys [2012-02-22 157288]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - FASTFAT
*Deregistered* - aswMBR
*Deregistered* - RTCore64
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-05-30 19:33 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30 19:33]
.
2013-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30 19:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\BfLLR.dll
TCP: DhcpNameServer = 192.168.2.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-02  17:50:34
ComboFix-quarantined-files.txt  2013-06-03 00:50
.
Pre-Run: 30,767,804,416 bytes free
Post-Run: 31,435,571,200 bytes free
.
- - End Of File - - 0820309E561E3A196A5DF68C1E1CFDB4


#8 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:49 PM

Posted 03 June 2013 - 05:07 PM

How is your system running?


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#9 Spencerotaku

Spencerotaku
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 03 June 2013 - 05:17 PM

I found out the issue; My data drive was very corrupted and when i removed the drive the system went back to normal. does that even make sense ? i dont know why a corrupt data drive would affect speed online



#10 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:49 PM

Posted 03 June 2013 - 06:20 PM

It's really hard to say??  Let's check for anything else that might be hiding.   :)
 
mbam-3.jpgMalwarebytes
 
Please open Malwarebytes, update it and then run a Quick Scan.  Save the log that is created for your next reply.
----------
 
ESET Online Scanner
 
Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.

----------


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#11 Spencerotaku

Spencerotaku
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 04 June 2013 - 02:54 AM

ESET Online Scanner found nothing
 

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org
 
Database version: v2013.06.04.02
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Crona :: CRONA-PC [administrator]
 
6/4/2013 12:23:53 AM
mbam-log-2013-06-04 (00-23-53).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 237692
Time elapsed: 59 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#12 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:49 PM

Posted 04 June 2013 - 06:35 AM

So how is your system running now?  


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#13 Spencerotaku

Spencerotaku
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 04 June 2013 - 11:32 AM

yeah



#14 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:49 PM

Posted 04 June 2013 - 02:38 PM

yeah

:huh:


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#15 Spencerotaku

Spencerotaku
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:49 PM

Posted 04 June 2013 - 02:53 PM

oh sorry; i thought you said is it running XD; and it now freezes every once in awhile and disconnects from the internet and; twice has it blue screened. this occurs after a small amount of time but it is trigger able when trying to join a lan game






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users