Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop has suddenly become very slow


  • This topic is locked This topic is locked
112 replies to this topic

#1 radam9

radam9

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:17 AM

Posted 02 December 2013 - 02:21 AM

Hey there,

 

I am new to the forums and hope i will post everything in the required format, if not just notify me of any thing i have to modify :) .

So the problem is that suddenly my laptop became very slow, it takes a long time before it turns on at the loading windows screen, and quite some tasks take a lot longer time to load than it usually did. I have found out that some functions no longer work on the laptop (most of the function buttons like the one that disables the touchpad, change battery settings to Eco ....etc).

Things i have tried:

-Running Advanced System Care 7 deep scan

-Disk Defragment

-Malwarebytes scan

-rkill.exe & mbar (for rootkill search)

-disabled many apps that load at start up

 

so now i am clueless on what might be causing the problem.

Would appreciate any help.

PS: i am not a tech expert so i just followed most tutorials on what to do if i feel my pc is slow.

Thanks for you time and effort :)

Attached:

-Required attach by dds

-Hijackthis log

-Laptop details/spec and diagnostics by ASC

 

 

DDS Report

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 10.45.2
Run by AnArCo-TekNiK at 8:59:48 on 2013-12-02
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8169.5866 [GMT 2:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://dnn.eng.cu.edu.eg/News/Announcements/CreditHoursAnnouncementsBoard/tabid/65/Default.aspx
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
uURLSearchHooks: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {98FFD412-1A12-4BCE-8AB2-247C78E22227} - hxxps://ssl.plaync.jp/login/activex/NCLoader.7.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{54B56E95-65B1-4B08-8635-A43F59AE8190} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{54B56E95-65B1-4B08-8635-A43F59AE8190}\1486D65646144656C654C6D246565626 : DHCPNameServer = 62.240.110.198 62.240.110.197
TCP: Interfaces\{54B56E95-65B1-4B08-8635-A43F59AE8190}\14E23516C656865476 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{54B56E95-65B1-4B08-8635-A43F59AE8190}\44C496E6B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{54B56E95-65B1-4B08-8635-A43F59AE8190}\4556B6E696B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{54B56E95-65B1-4B08-8635-A43F59AE8190}\469676564716C6020313232363937363836313 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{6F20A6F5-E136-4D9B-984C-A2B49B17B9FF} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: livecall - <Clsid value has no data>
Handler: msnim - <Clsid value has no data>
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll
SSODL: WebCheck - <orphaned>
mASetup: {7E6FA2FF-CC41-4145-9C06-19C1F78DF855} - C:\Program Files (x86)\Microsoft\Microsoft Maren\Bin\reg.exe
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {970EA2E9-E7B8-45E1-9CB5-0DEB37C2C28D} - C:\Windows\System32\regsvr32.exe /s C:\Program Files (x86)\Microsoft\Microsoft Maren\Bin\TextService.dll
IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: AutoUpdate.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: BlueBirdInit.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Deployer.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: livecall - <Clsid value has no data>
x64-Handler: msnim - <Clsid value has no data>
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {970EA2E9-E7B8-45E1-9CB5-0DEB37C2C28D} - C:\Windows\System32\regsvr32.exe /s C:\Program Files (x86)\Microsoft\Microsoft Maren\Bin64\TextService64.dll
x64-IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: AutoUpdate.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: BlueBirdInit.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Deployer.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\AnArCo-TekNiK\AppData\Roaming\Mozilla\Firefox\Profiles\fmdqt34c.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p=
FF - plugin: C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NCSOFT\NCPlugin\npncllm3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-11-21 18:06; ascsurfingprotection@iobit.com; C:\Users\AnArCo-TekNiK\AppData\Roaming\Mozilla\Firefox\Profiles\fmdqt34c.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: 2013-11-21 18:06; iobitapps@mybrowserbar.com; C:\Program Files (x86)\IObit Apps Toolbar\FF
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-10-13 116000]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-8-7 644968]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-8-7 28008]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-10-14 17720]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\rsdrvx64.sys [2013-6-3 26024]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-11-21 878368]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184]
R2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-21 2151200]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-12 14984480]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-10-8 166912]
R3 DABlackFltr;DeathAdder Black Edition Mouse;C:\Windows\System32\drivers\DABlack.sys [2011-11-5 23040]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-9-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-9-30 180736]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-8-12 39712]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-10-13 883928]
R3 VKbms;Virtual HID Minidriver;C:\Windows\System32\drivers\VKbms.sys [2011-11-5 13312]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 androidusb;Google Device Driver;C:\Windows\System32\drivers\wsadb.sys [2013-6-3 40232]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-12-14 58128]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2010-12-14 274432]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2011-9-27 89160]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-8 1431888]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2013-2-5 33736]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2010-12-14 59904]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-29 29720]
S3 ksaud;Creative USB Audio Driver;C:\Windows\System32\drivers\ksaud.sys [2011-9-13 1588608]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-8-10 25928]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2013-11-2 121416]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-18 340240]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-10-13 19152]
S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-10-13 12504]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-2 19456]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-11-25 34336]
S3 Remote Solver for Flow Simulation 2012;Remote Solver for Flow Simulation 2012;C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [2011-8-17 109624]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2011-2-28 307304]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-2 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-2 30208]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-11-25 23016]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-13 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 AIPS;Arp Intelligent Protection Service;C:\Program Files (x86)\NetCutDefender\services\aips.exe [2012-11-17 262144]
S4 CLKMSVC10_38F51D56;CyberLink Product - 2011/03/14 15:51:54;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-29 241648]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-11-25 23048]
S4 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2012-7-16 87368]
S4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 15720]
S4 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-25 335168]
S4 IObitUnlocker;IObitUnlocker;C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2013-11-21 36568]
S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-29 418376]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-29 701512]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-2-8 5087584]
.
=============== Created Last 30 ================
.
2013-11-27 18:19:15 -------- d-----w- C:\Program Files (x86)\MathType
2013-11-21 13:59:57 -------- d-----w- C:\ProgramData\ProductData
2013-11-21 13:59:51 -------- d-----w- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-20 17:53:25 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-20 17:51:38 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2013-11-20 17:09:43 10285968 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9C4795BB-A232-4509-90D1-7CEA071F6580}\mpengine.dll
2013-11-15 15:17:48 395776 ----a-w- C:\Windows\SysWow64\msfrt40.dll
2013-11-15 15:17:41 -------- d-----w- C:\Cosmosm
2013-11-15 15:17:05 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2013-11-15 15:17:05 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2013-11-15 15:17:05 217088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2013-11-15 15:17:04 212992 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2013-11-15 15:16:52 217088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\IScript.dll
2013-11-10 18:55:33 -------- d-----w- C:\ProgramData\Oracle
2013-11-10 18:54:50 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-08 19:34:35 872352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\uninstall\helper.exe
2013-11-05 08:59:59 -------- d-----w- C:\Users\AnArCo-TekNiK\AppData\Roaming\CA87BE4F-406D-4E64-ABFF-132D4E3F0954
2013-11-05 08:14:23 -------- d-----w- C:\Program Files (x86)\ElcomSoft
2013-11-04 16:23:00 -------- d-----w- C:\Program Files (x86)\Seagate
2013-11-04 15:50:43 -------- d-----w- C:\Program Files (x86)\ASM106xSATA
2013-11-02 08:40:01 -------- d-----w- C:\Users\AnArCo-TekNiK\AppData\Roaming\MotioninJoy
2013-11-02 08:39:56 74960 ----a-w- C:\Windows\System32\drivers\xusb21.sys
2013-11-02 08:39:56 328712 ----a-w- C:\Windows\System32\MijFrc.dll
2013-11-02 08:39:56 121416 ----a-w- C:\Windows\System32\drivers\MijXfilt.sys
2013-11-02 08:39:56 -------- d-----w- C:\Program Files\MotioninJoy
2013-11-02 08:38:08 -------- d-----w- C:\Users\AnArCo-TekNiK\AppData\Local\EMU
2013-11-02 07:59:02 -------- d-----w- C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst
.
==================== Find3M  ====================
.
2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-04 21:19:29 269600 ----a-w- C:\Windows\System32\drivers\snapman.sys
2013-11-04 21:19:27 116000 ----a-w- C:\Windows\System32\drivers\fltsrv.sys
2013-10-26 06:23:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-26 06:23:55 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-13 00:37:32 883928 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2013-10-13 00:37:32 74456 ----a-w- C:\Windows\System32\RtNicProp64.dll
2013-10-13 00:37:32 108760 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-09-30 14:26:50 19152 ------w- C:\Windows\System32\pwdrvio.sys
2013-09-30 14:26:48 3050808 ----a-w- C:\Windows\System32\pwNative.exe
2013-09-30 14:26:48 12504 ------w- C:\Windows\System32\pwdspio.sys
2013-09-30 07:16:10 268968 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2013-09-18 08:35:43 281768 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-09-18 08:35:43 281768 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-09-18 08:34:58 271200 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-09-05 13:11:02 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-09-05 13:11:02 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-09-05 13:10:41 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-09-05 13:10:41 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-09-05 13:10:09 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-09-05 13:10:09 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-09-05 13:09:44 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-09-05 13:09:44 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-09-05 13:09:44 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-09-05 13:09:44 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-09-05 13:08:54 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-09-05 13:08:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-09-05 13:08:54 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-09-05 13:03:38 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-09-05 13:03:38 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-09-05 13:03:38 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-09-05 13:03:38 111448 ----a-w- C:\Windows\System32\consent.exe
2013-09-05 13:03:01 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-09-05 13:03:01 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-09-05 13:02:53 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-09-05 13:02:53 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-09-05 13:02:52 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-09-05 13:02:52 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-09-05 13:02:52 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-09-05 13:02:52 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-09-05 13:02:39 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-09-05 13:01:26 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-09-05 13:01:26 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-09-05 13:01:25 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-09-05 13:01:25 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-09-05 13:01:25 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-09-05 13:01:25 112640 ----a-w- C:\Windows\System32\smss.exe
2013-09-05 13:01:01 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-09-05 13:00:28 294912 ----a-w- C:\Windows\System32\browserchoice.exe
.
============= FINISH:  9:00:33.11 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,627 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 07 December 2013 - 02:25 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/516068 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,627 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 12 December 2013 - 02:30 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

 

Mod Edit:  Topic reopened at OP PM request - Hamluis.


Edited by hamluis, 12 December 2013 - 07:54 AM.


#4 radam9

radam9
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:17 AM

Posted 12 December 2013 - 08:10 AM

Following the helpbot instructions....
 
1.description in first post.
2. new DDS log and other logs at the end of the post.
3.i dont have an original CD, as the windows came pre-installed in the laptop, i do have the recovery CDs though.
 
-if there is a way to resolve the problem without a fresh installation of windows it would be better as i do have lost quite a couple of sources of the applications installed.
Thanks.
 
DDS Log
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 10.45.2
Run by AnArCo-TekNiK at 15:05:55 on 2013-12-12
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8169.5021 [GMT 2:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razertra.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://dnn.eng.cu.edu.eg/News/Announcements/CreditHoursAnnouncementsBoard/tabid/65/Default.aspx
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
uURLSearchHooks: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {98FFD412-1A12-4BCE-8AB2-247C78E22227} - hxxps://ssl.plaync.jp/login/activex/NCLoader.7.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{54B56E95-65B1-4B08-8635-A43F59AE8190} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{54B56E95-65B1-4B08-8635-A43F59AE8190}\1486D65646144656C654C6D246565626 : DHCPNameServer = 62.240.110.198 62.240.110.197
TCP: Interfaces\{54B56E95-65B1-4B08-8635-A43F59AE8190}\14E23516C656865476 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{54B56E95-65B1-4B08-8635-A43F59AE8190}\44C496E6B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{54B56E95-65B1-4B08-8635-A43F59AE8190}\4556B6E696B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{54B56E95-65B1-4B08-8635-A43F59AE8190}\469676564716C6020313232363937363836313 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{6F20A6F5-E136-4D9B-984C-A2B49B17B9FF} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: livecall - <Clsid value has no data>
Handler: msnim - <Clsid value has no data>
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {7E6FA2FF-CC41-4145-9C06-19C1F78DF855} - C:\Program Files (x86)\Microsoft\Microsoft Maren\Bin\reg.exe
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {970EA2E9-E7B8-45E1-9CB5-0DEB37C2C28D} - C:\Windows\System32\regsvr32.exe /s C:\Program Files (x86)\Microsoft\Microsoft Maren\Bin\TextService.dll
IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: BlueBirdInit.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Deployer.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: IMF.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: livecall - <Clsid value has no data>
x64-Handler: msnim - <Clsid value has no data>
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {970EA2E9-E7B8-45E1-9CB5-0DEB37C2C28D} - C:\Windows\System32\regsvr32.exe /s C:\Program Files (x86)\Microsoft\Microsoft Maren\Bin64\TextService64.dll
x64-IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: BlueBirdInit.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Deployer.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: IMF.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\AnArCo-TekNiK\AppData\Roaming\Mozilla\Firefox\Profiles\fmdqt34c.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p=
FF - plugin: C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NCSOFT\NCPlugin\npncllm3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-11-21 18:06; ascsurfingprotection@iobit.com; C:\Users\AnArCo-TekNiK\AppData\Roaming\Mozilla\Firefox\Profiles\fmdqt34c.default\extensions\ascsurfingprotection@iobit.com
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-10-13 116000]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-8-7 644968]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-8-7 28008]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-10-14 17720]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\rsdrvx64.sys [2013-6-3 26024]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-11-21 878368]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184]
R2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-21 2151200]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-3 1370912]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-12 15128352]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-10-8 166912]
R3 DABlackFltr;DeathAdder Black Edition Mouse;C:\Windows\System32\drivers\DABlack.sys [2011-11-5 23040]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-9-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-9-30 180736]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-12-3 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-10-13 883928]
R3 VKbms;Virtual HID Minidriver;C:\Windows\System32\drivers\VKbms.sys [2011-11-5 13312]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 androidusb;Google Device Driver;C:\Windows\System32\drivers\wsadb.sys [2013-6-3 40232]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-12-14 58128]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2010-12-14 274432]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2011-9-27 89160]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-8 1431888]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2013-2-5 33736]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2010-12-14 59904]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-29 29720]
S3 ksaud;Creative USB Audio Driver;C:\Windows\System32\drivers\ksaud.sys [2011-9-13 1588608]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-8-10 25928]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2013-11-2 121416]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-18 340240]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-10-13 19152]
S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-10-13 12504]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-2 19456]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-11-25 34336]
S3 Remote Solver for Flow Simulation 2012;Remote Solver for Flow Simulation 2012;C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [2011-8-17 109624]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2011-2-28 307304]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-2 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-2 30208]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-11-25 23016]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-13 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 AIPS;Arp Intelligent Protection Service;C:\Program Files (x86)\NetCutDefender\services\aips.exe [2012-11-17 262144]
S4 CLKMSVC10_38F51D56;CyberLink Product - 2011/03/14 15:51:54;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-29 241648]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-11-25 23048]
S4 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2012-7-16 87368]
S4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 15720]
S4 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-25 335168]
S4 IObitUnlocker;IObitUnlocker;C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2013-11-21 36568]
S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-29 418376]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-29 701512]
S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-2-8 5087584]
.
=============== Created Last 30 ================
.
2013-12-03 11:05:01 -------- d-----w- C:\Users\AnArCo-TekNiK\AppData\Local\NVIDIA Corporation
2013-12-03 11:04:57 979744 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2013-12-03 11:04:57 1096480 ----a-w- C:\Windows\System32\nvspcap64.dll
2013-12-03 11:03:54 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-12-03 11:03:54 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-11-27 18:19:15 -------- d-----w- C:\Program Files (x86)\MathType
2013-11-21 13:59:57 -------- d-----w- C:\ProgramData\ProductData
2013-11-21 13:59:51 -------- d-----w- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-20 17:53:25 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-20 17:51:38 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2013-11-20 17:09:43 10285968 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9C4795BB-A232-4509-90D1-7CEA071F6580}\mpengine.dll
2013-11-15 15:17:48 395776 ----a-w- C:\Windows\SysWow64\msfrt40.dll
2013-11-15 15:17:41 -------- d-----w- C:\Cosmosm
2013-11-15 15:17:05 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2013-11-15 15:17:05 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2013-11-15 15:17:05 217088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2013-11-15 15:17:04 212992 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2013-11-15 15:16:52 217088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\IScript.dll
.
==================== Find3M  ====================
.
2013-12-12 11:32:33 281768 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-12-12 11:32:33 281768 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-12-12 11:31:01 271200 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-11 15:02:02 6674208 ----a-w- C:\Windows\System32\nvcpl.dll
2013-11-11 15:02:02 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-11-11 15:01:59 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-11-11 15:01:59 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-11-11 15:01:59 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-11-11 15:01:59 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-11-10 18:54:42 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-04 21:19:29 269600 ----a-w- C:\Windows\System32\drivers\snapman.sys
2013-11-04 21:19:27 116000 ----a-w- C:\Windows\System32\drivers\fltsrv.sys
2013-10-30 17:02:58 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-10-26 06:23:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-26 06:23:55 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-13 00:37:32 883928 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2013-10-13 00:37:32 74456 ----a-w- C:\Windows\System32\RtNicProp64.dll
2013-10-13 00:37:32 108760 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-09-30 14:26:50 19152 ------w- C:\Windows\System32\pwdrvio.sys
2013-09-30 14:26:48 3050808 ----a-w- C:\Windows\System32\pwNative.exe
2013-09-30 14:26:48 12504 ------w- C:\Windows\System32\pwdspio.sys
2013-09-30 07:16:10 268968 ----a-w- C:\Windows\SysWow64\sqlite3.dll
.
============= FINISH: 15:06:08.54 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10-Aug-11 10:32:56
System Uptime: 12-Dec-13 09:31:01 (6 hours ago)
.
Motherboard: MEDION | | X681X
Processor: Intel® Core™ i7-2630QM CPU @ 2.00GHz | SOCKET 0 | 2001/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 668 GiB total, 180.248 GiB free.
D: is FIXED (NTFS) - 30 GiB total, 11.195 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP360: 30-Nov-13 13:40:09 - Scheduled Checkpoint
RP361: 07-Dec-13 22:17:04 - Scheduled Checkpoint
.
==== Image File Execution Options =============
.
IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: BlueBirdInit.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Deployer.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: IMF.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: IMFsrv.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: IMF_ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: IObitCommunities.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: IWsIMF.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: mbampt.exe - "C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
IFEO: mbamscheduler.exe - "C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
IFEO: Promote.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: rpcapd.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Scheduler.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: SDInit.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: SendBugReport.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: SmartDefrag.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: TaskSchedule.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: UpdateDB.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: BlueBirdInit.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Deployer.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: DriverBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: IMF.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: IMFsrv.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: IMF_ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: IObitCommunities.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: IWsIMF.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: mbampt.exe - "C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
x64-IFEO: mbamscheduler.exe - "C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
x64-IFEO: Promote.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: rpcapd.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Scheduler.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: SDInit.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: SendBugReport.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: SmartDefrag.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: TaskSchedule.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: UpdateDB.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
.
==== Installed Programs ======================
.
????????? ?? Ver1.2
µTorrent
7-Zip 9.20 (x64 edition)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.8) MUI
Advanced SystemCare 7
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Asmedia ASM106x SATA Host Controller Driver
Bandisoft MPEG-1 Decoder
Bonjour
Call of Duty Modern Warfare 2
Call of Duty® 4 - Modern Warfare™
Call of Duty® 4 - Modern Warfare™ 1.6 Patch
Call of Duty® 4 - Modern Warfare™ 1.7 Patch
Combined Community Codec Pack 2011-11-11
Command & Conquer Generals
Command and ConquerTM Generals Zero Hour
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
COSMOS/M 2.6
CyberLink LabelPrint
CyberLink Power2Go
CyberLink PowerDVD 10
CyberLink PowerDVD Copy
CyberLink PowerProducer
CyberLink YouCam
DivX Setup
Driver Booster
Dropbox
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych
Galeria de Fotografias do Windows Live
Game Booster 3
GameRanger
GeForce Experience NvStream Client Components
Google Chrome
Google Update Helper
HTC Sync Manager
Human Japanese 2.0
Intel PROSet Wireless
Intel® Management Engine Components
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® PROSet/Wireless WiFi Software
Intel® Rapid Storage Technology
IObit Malware Fighter
IObit Uninstaller
IObit Unlocker
IPTInstaller
iTunes
JanRyuMon
Java 7 Update 45
Java Auto Updater
Java™ 6 Update 24
Java™ 6 Update 24 (64-bit)
JDownloader 2
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
LOGO!Soft Comfort V5.0
Mal Updater 2.95
Malwarebytes Anti-Malware version 1.75.0.1300
Mathcad PDSi viewable support
Mathcad Prime 2.0
MathType 6
MATLAB R2013b
Medion Home Cinema
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Access MUI (English) 2013
Microsoft Access Setup Metadata MUI (English) 2013
Microsoft Application Error Reporting
Microsoft DCF MUI (English) 2013
Microsoft Excel MUI (English) 2013
Microsoft Groove MUI (English) 2013
Microsoft InfoPath MUI (English) 2013
Microsoft Lync MUI (English) 2013
Microsoft Maren
Microsoft Office 2003 Web Components
Microsoft Office 32-bit Components 2013
Microsoft Office OSM MUI (English) 2013
Microsoft Office OSM UX MUI (English) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (English) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Shared 32-bit MUI (English) 2013
Microsoft Office Shared MUI (English) 2013
Microsoft Office Shared Setup Metadata MUI (English) 2013
Microsoft OneNote MUI (English) 2013
Microsoft Outlook MUI (English) 2013
Microsoft PowerPoint MUI (English) 2013
Microsoft Publisher MUI (English) 2013
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2005 Tools for Applications - ENU
Microsoft Word MUI (English) 2013
MotioninJoy Gamepad tool 0.7.1001
Mozilla Firefox 25.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB973688)
MT Mahjong Online (desktop version)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst
NCLauncher (NCSOFT)
NVIDIA Control Panel 331.82
NVIDIA Display Control Panel
NVIDIA GeForce Experience 1.8
NVIDIA Graphics Driver 331.82
NVIDIA HD Audio Driver 1.3.26.4
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.10.5
NVIDIA Update 10.10.5
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.12
Outils de vérification linguistique 2013 de Microsoft Office - Français
PCSX2 - Playstation 2 Emulator
PlayNCLauncher
PlayReady PC Runtime amd64
QuickTime
Razer DeathAdder Black Edition Mouse
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Realtek USB 2.0 Reader Driver
Renesas Electronics USB 3.0 Host Controller Driver
SeaTools for Windows
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
SHIELD Streaming
ShockWave 1.1
Skype Click to Call
Skype™ 6.11
Smart Defrag 2
smartmontools
Sniper Elite V2
SolidWorks 2012 x64 Edition SP0
SolidWorks eDrawings 2012 x64 Edition SP0
SolidWorks Explorer 2012 SP0 x64 Edition
SolidWorks Flow Simulation 2012 SP0 x64 Edition
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
Steam
Surfing Protection
Synaptics Pointing Device Driver
TeamViewer 8
Tom Clancy's Splinter Cell® Blacklist™
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Uplay
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi
VC80CRTRedist - 8.0.50727.6195
VLC media player 2.0.8
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX-objekt til fjernforbindelser
Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Remote Client Resources
Windows Live Remote Service Resources
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.2
WinRAR archiver
WorkingModel2005
XCOM: Enemy Unknown
Zoom Player (remove only)
.
==== Event Viewer Messages From Past Week ========
.
12-Dec-13 13:56:09, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
12-Dec-13 09:32:41, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12-Dec-13 09:31:48, Error: Service Control Manager [7001] - The Bluetooth OBEX Service service depends on the Bluetooth Support Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12-Dec-13 09:31:42, Error: Microsoft-Windows-BitLocker-Driver [24620] - Encrypted volume check: Volume information on \\?\Volume{18c0e6c5-c375-11e0-8171-806e6f6e6963} cannot be read.
12-Dec-13 09:31:34, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.
12-Dec-13 09:31:34, Error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12-Dec-13 09:31:09, Error: volmgr [46] - Crash dump initialization failed!
07-Dec-13 17:51:54, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
05-Dec-13 23:51:57, Error: Microsoft-Windows-BitLocker-Driver [24620] - Encrypted volume check: Volume information on \\?\Volume{cd61c04f-1805-11e1-95a0-6c626d2cf95f} cannot be read.
.
==== End Of File ===========================

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 15:07:39, on 12-Dec-13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)

FIREFOX: 25.0.1 (en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razertra.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\AnArCo-TekNiK\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dnn.eng.cu.edu.eg/News/Announcements/CreditHoursAnnouncementsBoard/tabid/65/Default.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O16 - DPF: {98FFD412-1A12-4BCE-8AB2-247C78E22227} - https://ssl.plaync.jp/login/activex/NCLoader.7.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Solver for Flow Simulation 2012 - Mentor Graphics Corporation - C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 11598 bytes

Attached Files


Edited by Oh My, 12 December 2013 - 09:38 AM.
Logs posted


#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 12 December 2013 - 09:34 AM

Greetings radam9 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please run this program for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 radam9

radam9
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:17 AM

Posted 12 December 2013 - 01:18 PM

Hey there Gary,

 

My name is Adam, and its nice to meet you.

I will do my best to follow the instructions you have given :D , and i wont be using any software unless instructed :) .

Most of the time i will be answering without a couple of hours from your message, but in case that doesnt happen i almost always answer within maximum 24 hours.

At the bottom of the message you will find the requested logs. (i used the scan function in the given program)

Thank you for your time and effort.

Adam.

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-12-2013

Ran by AnArCo-TekNiK (administrator) on TEKNIK on 12-12-2013 20:12:32
Running from C:\Users\AnArCo-TekNiK\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Razer\DeathAdderBlackEdition\razertra.exe
(BitTorrent Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MPC-HC Team) C:\Program Files (x86)\Combined Community Codec Pack\MPC\mpc-hc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2328360 2010-09-16] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-18] (Intel® Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-11-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-11-09] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-11-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [Advanced SystemCare 7] - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2283296 2013-10-28] (IObit)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
MountPoints2: {8f8628c7-9b93-11e2-b9b4-6c626d2cf95f} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {e0e3ffdd-c374-11e0-ae7f-6c626d2cf95f} - F:\setup.exe
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
IFEO\ActionCenterDownloader.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\BlueBirdInit.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\Deployer.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\DriverBooster.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\IMF.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\IMFsrv.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\IMF_ActionCenterDownloader.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\IObitCommunities.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\IWsIMF.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\mbampt.exe: [Debugger] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
IFEO\mbamscheduler.exe: [Debugger] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
IFEO\Promote.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\rpcapd.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\Scheduler.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SDInit.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SendBugReport.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\SmartDefrag.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\TaskSchedule.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO\UpdateDB.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
BootExecute: autocheck autochk * SmartDefragBootTime.exe
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
URLSearchHook: HKCU - (No Name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0DD64341-3BF8-4EB0-9191-6462F4D65703} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File
DPF: HKLM-x32 {98FFD412-1A12-4BCE-8AB2-247C78E22227} https://ssl.plaync.jp/login/activex/NCLoader.7.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler: livecall - No CLSID Value - 
Handler: msnim - No CLSID Value - 
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - No CLSID Value - 
Handler-x32: msnim - No CLSID Value - 
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\AnArCo-TekNiK\AppData\Roaming\Mozilla\Firefox\Profiles\fmdqt34c.default
FF user.js: detected! => C:\Users\AnArCo-TekNiK\AppData\Roaming\Mozilla\Firefox\Profiles\fmdqt34c.default\user.js
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @ncsoft.com/Plugin - C:\Program Files (x86)\NCSOFT\NCPlugin\npncllm3.dll (NCSOFT Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\AnArCo-TekNiK\AppData\Roaming\Mozilla\Firefox\Profiles\fmdqt34c.default\Extensions\ascsurfingprotection@iobit.com
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: mr.google
CHR DefaultSearchProvider: Mr.Google
CHR DefaultNewTabURL: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Click to Call) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Google\Chrome\Application\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Google\Chrome\Application\plugins\nprpjplug.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Translate) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0
CHR Extension: (Flash Video Download) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\anadfmbemnidomdljfcdgdoomhghoclk\1.3.14_0
CHR Extension: (YouTube) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Tampermonkey) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.5.3630.77_0
CHR Extension: (Stylish) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2_0
CHR Extension: (AccelerateTab) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0
CHR Extension: (TinEye Reverse Image Search) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.3_0
CHR Extension: (Reader Plus) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhcknjkmaaeinhdjgimjnophgpbdgfmg\4.0.1_0
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\18.1_0
CHR Extension: (AirDroid) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd\2.0.4_0
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0
CHR Extension: (Domain Error Assistant) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.1_0
CHR Extension: (RedirectionHelper) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\kggfakgbdfhbmapgfddgkkhgghabdjjh\4.0.4_0
CHR Extension: (Skype Click to Call) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Refresh Monkey) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljngnafhejmefmijjoedbclkadhacebd\1.3_0
CHR Extension: (Illimitux) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\mamnihopcnbfnbfnnneplcohmnkkpipb\1.0_0
CHR Extension: (Slick Savings) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0
CHR Extension: (Pocket) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk\0.600_0
CHR Extension: ( "name":"Advanced SystemCare Surfing Protection",) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0
CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\1.5.6_0
CHR Extension: (ClipConverter) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\njjjgjlocdhecpgdcfjblcnfebfnmhpp\1.3.0_0
CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.2_0
CHR Extension: (Google Wallet) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Better Pop Up Blocker) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Auto Refresh Plus) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih\1.8.9.22_0
CHR Extension: (AD Block) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkdcodhlkmiakbangobnmdhieapagic\1.0.0_0
CHR Extension: (AT_DJTiesto) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\okmcbgkkeagngnijeiighgblfljbekip\2_0
CHR Extension: (Gmail) - C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx
 
==================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [878368 2013-10-25] (IObit)
S4 AIPS; C:\Program Files (x86)\NetCutDefender\services\AIPS.exe [262144 2011-07-28] (Arcai.com)
S4 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2010-11-29] (CyberLink)
S4 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-07-16] (Nero AG)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S4 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22072 2012-09-12] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-06-14] ()
S3 Remote Solver for Flow Simulation 2012; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [109624 2011-08-17] (Mentor Graphics Corporation)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
 
==================== Drivers (Whitelisted) ====================
 
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40232 2013-06-03] (Google Inc)
R3 DABlackFltr; C:\Windows\System32\drivers\DABlack.sys [23040 2010-11-29] (Razer (Asia-Pacific) Pte Ltd)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
S3 ksaud; C:\Windows\System32\drivers\ksaud.sys [1588608 2011-09-13] (Creative Technology Ltd.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34336 2013-03-26] (IObit.com)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-08-10] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-03-26] (IObit.com)
U3 av0pc37r; C:\Windows\System32\Drivers\av0pc37r.sys [0 ] (Microsoft Corporation)
S3 clwvd; system32\DRIVERS\clwvd.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-12-12 20:12 - 2013-12-12 20:12 - 00029239 _____ C:\Users\AnArCo-TekNiK\Desktop\FRST.txt
2013-12-12 20:12 - 2013-12-12 20:12 - 00000000 ____D C:\FRST
2013-12-12 20:11 - 2013-12-12 20:08 - 01927106 _____ (Farbar) C:\Users\AnArCo-TekNiK\Desktop\FRST64.exe
2013-12-12 20:06 - 2013-12-12 20:08 - 01927106 _____ (Farbar) C:\Users\AnArCo-TekNiK\Downloads\FRST64.exe
2013-12-12 15:07 - 2013-12-12 15:07 - 00015024 _____ C:\Users\AnArCo-TekNiK\Desktop\Attachv2.txt
2013-12-12 15:07 - 2013-12-12 15:07 - 00011600 _____ C:\Users\AnArCo-TekNiK\Desktop\hijackthisv2.log
2013-12-12 15:06 - 2013-12-12 15:06 - 00026069 _____ C:\Users\AnArCo-TekNiK\Desktop\DDSv2.txt
2013-12-12 10:00 - 2013-12-12 10:00 - 00000119 _____ C:\Users\AnArCo-TekNiK\Desktop\▶ -بلا حدود مع مستشار الرئيس مرسي يحيي حامد يكشف كواليس واسرار الانقلاب-- - YouTube.url
2013-12-11 23:12 - 2013-12-11 23:12 - 00000306 _____ C:\Users\AnArCo-TekNiK\Desktop\-احداث كلية هندسة من يوم 28 نوفمبر حتي 10 ديسمبر.-.url
2013-12-03 17:14 - 2013-12-03 17:14 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-12-03 17:09 - 2013-11-14 13:58 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-03 17:09 - 2013-11-14 13:58 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-12-03 17:09 - 2013-11-14 13:58 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-12-03 17:09 - 2013-11-14 13:58 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-12-03 13:05 - 2013-12-03 13:05 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Local\NVIDIA Corporation
2013-12-03 13:04 - 2013-11-29 18:56 - 01096480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-12-03 13:04 - 2013-11-29 18:56 - 00979744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-12-03 13:03 - 2013-10-30 19:03 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-12-03 13:03 - 2013-10-30 19:02 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-12-02 09:15 - 2013-12-02 09:15 - 00032028 _____ C:\Users\AnArCo-TekNiK\Desktop\ASCDiagnoseReport.txt
2013-12-02 09:00 - 2013-12-12 15:06 - 00026069 _____ C:\Users\AnArCo-TekNiK\Desktop\dds.txt
2013-12-02 09:00 - 2013-12-12 15:06 - 00015024 _____ C:\Users\AnArCo-TekNiK\Desktop\attach.txt
2013-12-02 08:58 - 2013-12-02 08:58 - 00688992 ____R (Swearware) C:\Users\AnArCo-TekNiK\Downloads\dds.exe
2013-12-02 08:45 - 2013-12-02 08:46 - 02799296 _____ (Sysinternals - www.sysinternals.com) C:\Users\AnArCo-TekNiK\Downloads\procexp.exe
2013-12-02 08:36 - 2013-12-02 08:36 - 00009954 _____ C:\Users\AnArCo-TekNiK\Desktop\hijackthis.log
2013-11-30 10:39 - 2013-11-30 10:39 - 00000000 _____ C:\asc_rdflag
2013-11-29 19:48 - 2013-11-29 19:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\AnArCo-TekNiK\Downloads\HijackThis.exe
2013-11-27 20:19 - 2013-11-27 20:20 - 00000000 ____D C:\Program Files (x86)\MathType
2013-11-25 21:01 - 2013-11-25 21:01 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-11-25 20:15 - 2013-11-25 20:16 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\AnArCo-TekNiK\Downloads\rkill.exe
2013-11-22 13:48 - 2013-11-30 10:39 - 98500608 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2013-11-22 13:48 - 2013-11-30 10:39 - 00311296 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2013-11-22 13:48 - 2013-11-30 10:39 - 00057344 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2013-11-22 13:48 - 2013-11-30 10:39 - 00028672 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2013-11-22 13:48 - 2013-11-22 13:48 - 94953472 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2013-11-21 16:11 - 2013-11-21 16:11 - 94953472 _____ C:\Windows\system32\config\COMPONENTS.iobit
2013-11-21 16:00 - 2013-11-21 16:00 - 00003110 _____ C:\Windows\System32\Tasks\ASC7_PerformanceMonitor
2013-11-21 15:59 - 2013-12-07 17:15 - 00000000 ____D C:\ProgramData\ProductData
2013-11-21 15:59 - 2013-11-21 15:59 - 00002866 _____ C:\Windows\System32\Tasks\ASC7_SkipUac_AnArCo-TekNiK
2013-11-21 15:59 - 2013-11-21 15:59 - 00001251 _____ C:\Users\AnArCo-TekNiK\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-11-21 15:59 - 2013-11-21 15:59 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-20 19:53 - 2013-11-20 20:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-20 19:51 - 2013-11-20 19:51 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-20 19:41 - 2013-11-20 19:43 - 12576792 _____ (Malwarebytes Corp.) C:\Users\AnArCo-TekNiK\Downloads\mbar-1.07.0.1007.exe
2013-11-19 20:53 - 2013-11-19 20:54 - 00000000 ____D C:\Users\AnArCo-TekNiK\Downloads\Coursera
2013-11-15 17:17 - 2013-11-15 17:17 - 00000000 ____D C:\Cosmosm
2013-11-15 17:17 - 1997-10-01 17:09 - 00395776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfrt40.dll
2013-11-15 17:16 - 2013-11-15 17:16 - 00003318 _____ C:\Windows\System32\Tasks\{B326E1B7-0A7B-47AC-A445-81B00BC29184}
 
==================== One Month Modified Files and Folders =======
 
2013-12-12 20:12 - 2013-12-12 20:12 - 00029239 _____ C:\Users\AnArCo-TekNiK\Desktop\FRST.txt
2013-12-12 20:12 - 2013-12-12 20:12 - 00000000 ____D C:\FRST
2013-12-12 20:11 - 2012-07-03 17:42 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Roaming\uTorrent
2013-12-12 20:08 - 2013-12-12 20:11 - 01927106 _____ (Farbar) C:\Users\AnArCo-TekNiK\Desktop\FRST64.exe
2013-12-12 20:08 - 2013-12-12 20:06 - 01927106 _____ (Farbar) C:\Users\AnArCo-TekNiK\Downloads\FRST64.exe
2013-12-12 19:36 - 2011-08-10 10:29 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-12 18:47 - 2011-08-10 10:29 - 01173190 _____ C:\Windows\WindowsUpdate.log
2013-12-12 18:43 - 2013-05-27 17:49 - 00000000 ____D C:\Users\AnArCo-TekNiK\Downloads\Utorrent
2013-12-12 16:36 - 2011-08-10 10:29 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-12 15:46 - 2012-10-13 17:16 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Roaming\vlc
2013-12-12 15:07 - 2013-12-12 15:07 - 00015024 _____ C:\Users\AnArCo-TekNiK\Desktop\Attachv2.txt
2013-12-12 15:07 - 2013-12-12 15:07 - 00011600 _____ C:\Users\AnArCo-TekNiK\Desktop\hijackthisv2.log
2013-12-12 15:06 - 2013-12-12 15:06 - 00026069 _____ C:\Users\AnArCo-TekNiK\Desktop\DDSv2.txt
2013-12-12 15:06 - 2013-12-02 09:00 - 00026069 _____ C:\Users\AnArCo-TekNiK\Desktop\dds.txt
2013-12-12 15:06 - 2013-12-02 09:00 - 00015024 _____ C:\Users\AnArCo-TekNiK\Desktop\attach.txt
2013-12-12 14:48 - 2011-08-16 16:34 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Roaming\Media Player Classic
2013-12-12 13:32 - 2011-08-10 23:55 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-12-12 13:32 - 2011-08-10 20:59 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-12-12 13:31 - 2011-08-10 20:59 - 00271200 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-12-12 13:08 - 2013-10-31 20:42 - 00000562 _____ C:\Windows\Tasks\MATLAB R2013b Startup Accelerator.job
2013-12-12 10:00 - 2013-12-12 10:00 - 00000119 _____ C:\Users\AnArCo-TekNiK\Desktop\▶ -بلا حدود مع مستشار الرئيس مرسي يحيي حامد يكشف كواليس واسرار الانقلاب-- - YouTube.url
2013-12-12 09:37 - 2009-07-14 06:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-12 09:37 - 2009-07-14 06:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-12 09:32 - 2013-09-29 09:30 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2013-12-12 09:32 - 2012-04-09 20:48 - 00000440 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-12 09:32 - 2011-11-21 01:12 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2013-12-12 09:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-11 23:12 - 2013-12-11 23:12 - 00000306 _____ C:\Users\AnArCo-TekNiK\Desktop\-احداث كلية هندسة من يوم 28 نوفمبر حتي 10 ديسمبر.-.url
2013-12-11 14:17 - 2013-09-28 12:16 - 00000000 ____D C:\Users\AnArCo-TekNiK\Downloads\University
2013-12-09 21:48 - 2013-11-02 21:50 - 00000000 ____D C:\Users\AnArCo-TekNiK\Downloads\Anasheed
2013-12-09 19:14 - 2012-09-29 09:50 - 00000000 ____D C:\Program Files\JDownloader 2
2013-12-08 18:39 - 2009-07-14 07:13 - 00781162 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-07 23:27 - 2011-12-11 15:38 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Roaming\Skype
2013-12-07 21:27 - 2011-12-11 15:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-07 21:27 - 2011-12-11 15:38 - 00000000 ____D C:\ProgramData\Skype
2013-12-07 17:50 - 2012-01-24 13:23 - 00000000 ____D C:\ProgramData\IObit
2013-12-07 17:15 - 2013-11-21 15:59 - 00000000 ____D C:\ProgramData\ProductData
2013-12-07 17:13 - 2013-01-10 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-06 18:41 - 2013-08-19 16:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-06 14:49 - 2013-04-06 21:07 - 00617472 ___SH C:\Users\AnArCo-TekNiK\Desktop\Thumbs.db
2013-12-05 16:31 - 2011-08-10 10:29 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-05 16:31 - 2011-08-10 10:29 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-04 22:19 - 2012-10-28 21:36 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Local\James_Parks
2013-12-03 18:37 - 2011-10-21 20:05 - 00000000 ____D C:\Users\AnArCo-TekNiK\Desktop\Adam
2013-12-03 17:14 - 2013-12-03 17:14 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-12-03 17:13 - 2011-02-28 20:38 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-03 13:06 - 2013-08-12 00:12 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Local\NVIDIA
2013-12-03 13:05 - 2013-12-03 13:05 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Local\NVIDIA Corporation
2013-12-03 13:05 - 2011-02-28 20:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-03 13:04 - 2011-02-28 20:37 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-03 13:04 - 2011-02-28 20:37 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-02 09:15 - 2013-12-02 09:15 - 00032028 _____ C:\Users\AnArCo-TekNiK\Desktop\ASCDiagnoseReport.txt
2013-12-02 08:58 - 2013-12-02 08:58 - 00688992 ____R (Swearware) C:\Users\AnArCo-TekNiK\Downloads\dds.exe
2013-12-02 08:46 - 2013-12-02 08:45 - 02799296 _____ (Sysinternals - www.sysinternals.com) C:\Users\AnArCo-TekNiK\Downloads\procexp.exe
2013-12-02 08:39 - 2013-10-14 00:44 - 00003182 _____ C:\Windows\System32\Tasks\SmartDefragUpdate
2013-12-02 08:36 - 2013-12-02 08:36 - 00009954 _____ C:\Users\AnArCo-TekNiK\Desktop\hijackthis.log
2013-11-30 10:39 - 2013-11-30 10:39 - 00000000 _____ C:\asc_rdflag
2013-11-30 10:39 - 2013-11-22 13:48 - 98500608 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2013-11-30 10:39 - 2013-11-22 13:48 - 00311296 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2013-11-30 10:39 - 2013-11-22 13:48 - 00057344 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2013-11-30 10:39 - 2013-11-22 13:48 - 00028672 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2013-11-30 10:39 - 2011-08-10 10:32 - 00000000 ____D C:\Users\AnArCo-TekNiK
2013-11-29 19:49 - 2013-11-29 19:48 - 00388608 _____ (Trend Micro Inc.) C:\Users\AnArCo-TekNiK\Downloads\HijackThis.exe
2013-11-29 18:56 - 2013-12-03 13:04 - 01096480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-11-29 18:56 - 2013-12-03 13:04 - 00979744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-11-29 08:46 - 2009-07-14 06:45 - 00505104 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-27 20:21 - 2011-08-10 10:33 - 00134752 _____ C:\Users\AnArCo-TekNiK\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-27 20:20 - 2013-11-27 20:19 - 00000000 ____D C:\Program Files (x86)\MathType
2013-11-27 20:08 - 2011-11-21 01:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-11-26 20:49 - 2013-02-05 10:31 - 00000000 ___RD C:\Users\AnArCo-TekNiK\Dropbox
2013-11-25 21:01 - 2013-11-25 21:01 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-11-25 20:16 - 2013-11-25 20:15 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\AnArCo-TekNiK\Downloads\rkill.exe
2013-11-25 20:06 - 2012-01-24 13:22 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Roaming\IObit
2013-11-25 20:06 - 2012-01-24 13:22 - 00000000 ____D C:\Program Files (x86)\IObit
2013-11-23 16:45 - 2013-08-02 10:39 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-23 16:45 - 2013-07-26 19:11 - 00000000 ____D C:\Windows\Minidump
2013-11-22 13:49 - 2013-10-11 10:03 - 00000300 _____ C:\Windows\Tasks\Driver Booster Update.job
2013-11-22 13:48 - 2013-11-22 13:48 - 94953472 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2013-11-21 23:53 - 2013-10-11 10:03 - 00002592 _____ C:\Windows\System32\Tasks\Driver Booster Update
2013-11-21 16:13 - 2011-02-10 20:44 - 00000000 ____D C:\Windows\Panther
2013-11-21 16:11 - 2013-11-21 16:11 - 94953472 _____ C:\Windows\system32\config\COMPONENTS.iobit
2013-11-21 16:00 - 2013-11-21 16:00 - 00003110 _____ C:\Windows\System32\Tasks\ASC7_PerformanceMonitor
2013-11-21 15:59 - 2013-11-21 15:59 - 00002866 _____ C:\Windows\System32\Tasks\ASC7_SkipUac_AnArCo-TekNiK
2013-11-21 15:59 - 2013-11-21 15:59 - 00001251 _____ C:\Users\AnArCo-TekNiK\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-11-21 15:59 - 2013-11-21 15:59 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-21 15:57 - 2012-06-01 19:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-21 15:57 - 2011-08-10 13:17 - 00001945 _____ C:\Windows\epplauncher.mif
2013-11-21 15:57 - 2011-08-10 13:17 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-21 15:53 - 2013-02-05 03:48 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Local\HTC MediaHub
2013-11-20 20:49 - 2013-11-20 19:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-20 19:51 - 2013-11-20 19:51 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-20 19:43 - 2013-11-20 19:41 - 12576792 _____ (Malwarebytes Corp.) C:\Users\AnArCo-TekNiK\Downloads\mbar-1.07.0.1007.exe
2013-11-19 20:54 - 2013-11-19 20:53 - 00000000 ____D C:\Users\AnArCo-TekNiK\Downloads\Coursera
2013-11-19 12:21 - 2010-11-21 05:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-19 00:21 - 2012-12-08 13:21 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Local\TempSWBackupDirectory
2013-11-19 00:00 - 2012-12-08 12:33 - 00000000 ____D C:\Users\AnArCo-TekNiK\AppData\Roaming\SolidWorks
2013-11-18 20:42 - 2011-10-14 18:31 - 00000000 ____D C:\Users\AnArCo-TekNiK\Documents\MATLAB
2013-11-15 17:17 - 2013-11-15 17:17 - 00000000 ____D C:\Cosmosm
2013-11-15 17:17 - 2011-02-28 20:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-15 17:16 - 2013-11-15 17:16 - 00003318 _____ C:\Windows\System32\Tasks\{B326E1B7-0A7B-47AC-A445-81B00BC29184}
2013-11-14 13:58 - 2013-12-03 17:09 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-11-14 13:58 - 2013-12-03 17:09 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-11-14 13:58 - 2013-12-03 17:09 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-11-14 13:58 - 2013-12-03 17:09 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-11-14 13:58 - 2013-08-12 00:07 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-11-14 13:58 - 2011-02-28 20:23 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-11-14 13:58 - 2011-02-28 20:23 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-11-14 13:58 - 2011-02-28 20:23 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-11-14 13:58 - 2011-02-28 20:23 - 00023754 _____ C:\Windows\system32\nvinfo.pb
2013-11-12 18:54 - 2013-11-02 09:59 - 00000000 ____D C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst
 
Some content of TEMP:
====================
C:\Users\AnArCo-TekNiK\AppData\Local\Temp\RSPUpgradeInstaller.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-12-10 20:46
 
==================== End Of Log ============================
 
Addition.txt
 
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 48%
Total physical RAM: 8169.5 MB
Available physical RAM: 4197.29 MB
Total Pagefile: 16337.18 MB
Available Pagefile: 12161.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
 
==================== Drives ================================
 
Drive c: (Mastermind) (Fixed) (Total:667.54 GB) (Free:173.58 GB) NTFS
Drive d: (Recover) (Fixed) (Total:30 GB) (Free:11.19 GB) NTFS
Drive l: (E) (Fixed) (Total:931.51 GB) (Free:144.64 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=668 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
 
========================================================
Disk: 1 (Size: 932 GB) (Disk ID: E8900690)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 12 December 2013 - 03:19 PM

Hi Adam and welcome aboard. Let's jump right to it.

Please consider and complete the following for me, if you would.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Scan
  • Upon completion click Clean and close programs if necessary
  • Click OK twice to reboot your computer
  • Copy and paste the contents of the text file on your desktop in your reply
  • You can also find the logfile at C:\AdwCleaner.txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

RogueKiller by Tigzy

--------------------
  • Download RogueKiller and save it to your desktop
  • Close all running programs
  • For Vista/7 users right click on the icon and select Run as Administrator
  • For Windows XP simply double click on the icon
  • When prompted, Click Scan
  • When the Status box shows Scan Finished click Delete
  • Click Report
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it winlogon.exe (or winlogon.com) and try again
  • Copy and paste the contents of the report in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • AdwCleaner log
  • Junkware log
  • RogueKiller log
  • How is your computer running?

Edited by Oh My, 13 December 2013 - 12:00 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 radam9

radam9
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:17 AM

Posted 13 December 2013 - 06:53 AM

ok so i clicked the Adwcleaner link you gave me but it wasnt working so i searched on the forums for a link to the app, but when i downloaded it and runned it, it didnt give me the same things you told me in your steps.

I have a search function and then after the search is done i get a clean function. so i thought it would be better not to use it to make sure its the same version and function you asked me to perform.

so i didnt run the other apps either in case the order of execution was important.

PS: i searched through the scanned files and it says it will delete the Chrome preferences. are those my browser settings and user names?

Thanks :)



#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 13 December 2013 - 12:02 PM

Sorry about the post. I have modified it. No need to worry about losing your information.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 radam9

radam9
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:17 AM

Posted 13 December 2013 - 01:51 PM

I have completed the 3 scans, i restarted the Laptop to see if it would start up faster or not, but it didnt really start up any faster.

 

AdwCleaner[S0].txt

 

# AdwCleaner v3.015 - Report created 13/12/2013 at 20:04:33

# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : AnArCo-TekNiK - TEKNIK
# Running from : C:\Users\AnArCo-TekNiK\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\Secure Speed Dial
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\AnArCo-TekNiK\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\AnArCo-TekNiK\AppData\Roaming\thinstall
Folder Deleted : C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Deleted : C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
File Deleted : C:\END
File Deleted : C:\Users\AnArCo-TekNiK\AppData\Roaming\Mozilla\Firefox\Profiles\fmdqt34c.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7601.17514
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ File : C:\Users\AnArCo-TekNiK\AppData\Roaming\Mozilla\Firefox\Profiles\fmdqt34c.default\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\AnArCo-TekNiK\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3683 octets] - [13/12/2013 13:47:28]
AdwCleaner[R1].txt - [3743 octets] - [13/12/2013 20:02:33]
AdwCleaner[S0].txt - [3640 octets] - [13/12/2013 20:04:33]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3700 octets] ##########
 
 
JRT.txt
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by AnArCo-TekNiK on 13-Dec-13 at 20:22:02.64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\AnArCo-TekNiK\AppData\Roaming\mozilla\firefox\profiles\fmdqt34c.default\minidumps [72 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13-Dec-13 at 20:26:36.47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
RKreport[0]_S_12132013_203358.txt (Scan)
 
RogueKiller V8.7.11 [Dec  3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : AnArCo-TekNiK [Admin rights]
Mode : Scan -- Date : 12/13/2013 20:33:58
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 30 ¤¤¤
[IFEO] HKLM\[...]\ActionCenterDownloader.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\BlueBirdInit.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\Deployer.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\DriverBooster.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\IMF.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\IMFsrv.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\IMF_ActionCenterDownloader.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\IObitCommunities.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\IWsIMF.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\mbampt.exe : Debugger ("C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe" [7]) -> FOUND
[IFEO] HKLM\[...]\mbamscheduler.exe : Debugger ("C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe" [7]) -> FOUND
[IFEO] HKLM\[...]\Promote.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\rpcapd.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\Scheduler.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\SDInit.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\SendBugReport.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\SmartDefrag.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\TaskSchedule.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[IFEO] HKLM\[...]\UpdateDB.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ SMENU][PUM] HKLM\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ SMENU][PUM] HKLM\[...]\Advanced : Start_ShowRun (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1 activation.acronis.com
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS547575A9E384 SCSI Disk Device +++++
--- User ---
[MBR] 6a60f811e8891efd7e797c6e238af636
[BSP] 877337a55d4ce1c1859df313f28ad7c9 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 683557 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1400131584 | Size: 30720 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1463046144 | Size: 1025 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x18] The program issued a command but the command length is incorrect. )
 
Finished : << RKreport[0]_S_12132013_203358.txt >>
 
 
 
RKreport[0]_D_12132013_203420.txt(Remove)
 
RogueKiller V8.7.11 [Dec  3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : AnArCo-TekNiK [Admin rights]
Mode : Remove -- Date : 12/13/2013 20:34:20
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 30 ¤¤¤
[IFEO] HKLM\[...]\ActionCenterDownloader.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\BlueBirdInit.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\Deployer.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\DriverBooster.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\IMF.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\IMFsrv.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\IMF_ActionCenterDownloader.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\IObitCommunities.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\IWsIMF.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\mbampt.exe : Debugger ("C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe" [7]) -> DELETED
[IFEO] HKLM\[...]\mbamscheduler.exe : Debugger ("C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe" [7]) -> DELETED
[IFEO] HKLM\[...]\Promote.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\rpcapd.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\Scheduler.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\SDInit.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\SendBugReport.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\SmartDefrag.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\TaskSchedule.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[IFEO] HKLM\[...]\UpdateDB.exe : Debugger (C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe [7]) -> DELETED
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REPLACED (1)
[HJ SMENU][PUM] HKLM\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ SMENU][PUM] HKLM\[...]\Advanced : Start_ShowRun (0) -> REPLACED (1)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1 activation.acronis.com
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS547575A9E384 SCSI Disk Device +++++
--- User ---
[MBR] 6a60f811e8891efd7e797c6e238af636
[BSP] 877337a55d4ce1c1859df313f28ad7c9 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 683557 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1400131584 | Size: 30720 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1463046144 | Size: 1025 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x18] The program issued a command but the command length is incorrect. )
 
Finished : << RKreport[0]_D_12132013_203420.txt >>
RKreport[0]_S_12132013_203358.txt
 
 
 


#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 13 December 2013 - 01:59 PM

Hi Adam,

Thanks for running those. Please do this.

===================================================

Temporary File Cleaner (TFC)

--------------------
  • Download TFC by OldTimer to your desktop.
  • Close any open windows
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run
  • Click the Start button to begin the process
  • Allow TFC to run uninterrupted
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine, if it doesn't, manually reboot to ensure a complete clean
NOTE: It's normal for the computer to boot more slowly the first time after running TFC

TFC will clear out all temporary folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder. TFC only cleans temporary folders and will not clean URL history, prefetch, or cookies


===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Any difference?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 radam9

radam9
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:17 AM

Posted 13 December 2013 - 02:29 PM

So i ran the TFC.exe , and it deleted 244 MBs .

and restarted a couple of times since you said that the first restart could be slow, but unfortunately no really improvement :S .



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 13 December 2013 - 02:44 PM

Hi Adam,

 

Can you describe exactly what is happening, i.e. boot up slow, loading web pages slow, programs slow/don't run.  I just need an update on the symptoms.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 radam9

radam9
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:17 AM

Posted 13 December 2013 - 03:02 PM

the main problem is when i start up the laptop, at the windows home screen before the logon window shows.

the LED with the cylinder on top of it (the one that i think indicates the HDD being used) is on and doesnt flash.

and the pc takes quite some time until it turns on and gets to the logon screen, then when i type the password and logon it takes another long bit before it gets to the desktop, and then it keeps on loading for a while before everything is done and the laptop is ready for heavy use.

the second problem is that the laptop keyboard functions (like the one for changing power settings to power saving, the one to disable touchpad....etc) dont work.

applications work good, maybe they start a bit slowly but its not that grave.



#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:17 PM

Posted 13 December 2013 - 03:29 PM

Excellent description, thanks. Please do this.

===================================================

Running Startup Repair

--------------------
  • Reboot your computer and gently tap F8 to enter the Advanced Boot Options menu
  • Highlight Repair Your Computer and press Enter
  • Click Next
  • Enter the password information if necessary then click OK
  • Click Startup Repair and allow the process to complete
  • Restart the computer if required
  • Boot your computer into Normal Mode and check the performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Results?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users