Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Steam *32 process appears in task manager


  • This topic is locked This topic is locked
2 replies to this topic

#1 lafle2

lafle2

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 09 January 2015 - 07:27 AM

My Acer laptop running windows 7 Home Premium recently began to run slowly about 10 minutes after booting up. The system slowdown always corresponds with the process Steam *32 appearing in the task manager, which isn't there to begin with and only appears roughly 10 minutes after Windows starts. I'm not sure how to go about removing this, any help would be appreciated. Here is the DDS log requested:

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496  BrowserJavaVersion: 10.67.2
Run by The Dude at 16:00:51 on 2015-01-09
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3558.1916 [GMT 11:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Dolby PCEE4\pcee4.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Users\The Dude\AppData\Roaming\Macromedia\CODEXi\Steam
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{062128BB-F719-4191-BE45-4E2BC94A2D25} : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{062128BB-F719-4191-BE45-4E2BC94A2D25}\354716475602C496262716279702F6660265963647F6279616 : DHCPNameServer = 10.5.0.2 10.5.0.8
TCP: Interfaces\{062128BB-F719-4191-BE45-4E2BC94A2D25}\8445340205F627471626C6560284F6473707F647 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{062128BB-F719-4191-BE45-4E2BC94A2D25}\C657C6020786F6E656 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{062128BB-F719-4191-BE45-4E2BC94A2D25}\D40234F6E6E6563647 : DHCPNameServer = 203.56.3.15 203.56.3.16
TCP: Interfaces\{6016254B-0C8D-41B1-B162-6039DDC3DB52} : DHCPNameServer = 10.1.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = www.google.com
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\The Dude\AppData\Roaming\Mozilla\Firefox\Profiles\q9g95dba.default\
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\The Dude\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-5-14 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-5-14 40064]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-14 782360]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-14 343696]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2013-5-14 22648]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2013-5-14 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2013-5-14 62776]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-11-21 244736]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 344064]
R2 AODDriver4.3;AODDriver4.3;C:\Program Files\AMD\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-23 822504]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2013-5-14 352336]
R2 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2013-5-14 872552]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-5-30 36456]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2013-9-29 255376]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2014-11-21 156904]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-11-3 199304]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-11-3 219272]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2011-11-3 182752]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-24 256832]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-27 523944]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2014-6-22 94720]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\drivers\b57xdbd.sys [2011-1-21 67624]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\drivers\b57xdmp.sys [2011-1-21 19496]
R3 bScsiMSa;bScsiMSa;C:\Windows\System32\drivers\bScsiMSa.sys [2011-4-13 51240]
R3 bScsiSDa;bScsiSDa;C:\Windows\System32\drivers\bScsiSDa.sys [2011-1-14 85544]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-2-14 412712]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2008-7-26 50072]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-14 311120]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-14 519576]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-27 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-27 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-27 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-27 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-27 207528]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-5-14 53376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-14 70112]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-6-22 173424]
S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-9-6 227904]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-13 203344]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-10 114688]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-14 100912]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-9-27 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2015-01-08 15:57:18    --------    d-----w-    C:\Program Files (x86)\GOG.com
2015-01-08 04:57:10    --------    d-----w-    C:\ProgramData\Remedy
2015-01-08 04:56:08    --------    d-----w-    C:\Program Files (x86)\Games
2015-01-07 09:42:54    --------    d-----w-    C:\Program Files\CCleaner
2015-01-06 22:56:54    11870360    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CA415930-B011-4737-A240-DC7C3BE6A552}\mpengine.dll
2015-01-04 02:48:26    --------    d-----w-    C:\Users\The Dude\AppData\Local\{1E77D681-CD95-4B72-9AE1-C6E8ACF8FB09}
2014-12-30 01:20:57    --------    d-----w-    C:\Users\The Dude\AppData\Local\ElevatedDiagnostics
2014-12-30 00:23:38    --------    d--h--w-    C:\ProgramData\CanonIJEGV
2014-12-30 00:21:24    --------    d-----w-    C:\Program Files (x86)\Canon
2014-12-30 00:09:18    99840    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\CNMPPAQ.DLL
2014-12-30 00:09:18    30208    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\CNMPDAQ.DLL
2014-12-30 00:09:11    373248    ----a-w-    C:\Windows\System32\CNC_AQL.dll
2014-12-30 00:09:11    323584    ----a-w-    C:\Windows\SysWow64\CNC_AQL.dll
2014-12-30 00:09:11    302080    ----a-w-    C:\Windows\System32\CNC_AQC.dll
2014-12-30 00:09:11    17920    ----a-w-    C:\Windows\System32\CNHMCA6.dll
2014-12-30 00:09:11    15872    ----a-w-    C:\Windows\SysWow64\CNHMCA.dll
2014-12-30 00:09:11    114688    ----a-w-    C:\Windows\SysWow64\CNC_AQU.dll
2014-12-30 00:09:11    112128    ----a-w-    C:\Windows\System32\CNC_AQI.dll
2014-12-30 00:09:00    385024    ----a-w-    C:\Windows\System32\CNMLMAQ.DLL
2014-12-30 00:08:58    98304    ----a-w-    C:\Windows\System32\CNC_AQO.dll
2014-12-30 00:08:58    256000    ----a-w-    C:\Windows\System32\CNMIUAQ.DLL
2014-12-29 05:56:18    --------    d-----w-    C:\Users\The Dude\AppData\Local\Macromedia
2014-12-29 05:54:03    --------    d-----w-    C:\Users\The Dude\AppData\Local\Mozilla
2014-12-29 05:44:34    --------    d-sh--w-    C:\Users\The Dude\AppData\Local\EmieBrowserModeList
2014-12-26 02:34:31    203576    ------w-    C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
2014-12-26 02:31:08    --------    d-----w-    C:\Program Files (x86)\Common Files\Microsoft Games
2014-12-26 02:31:02    34304    ------w-    C:\Program Files (x86)\Microsoft Games\Age of Empires III\SetupENU2.dll
2014-12-26 02:24:08    --------    d-----w-    C:\Program Files (x86)\Microsoft Games
2014-12-23 04:32:42    --------    d-----w-    C:\ProgramData\Age of Empires 3
2014-12-22 21:35:57    --------    d-----w-    C:\Program Files (x86)\MSXML 4.0
2014-12-21 20:34:08    --------    d-----w-    C:\Program Files (x86)\AMD AVT
2014-12-18 06:35:35    115712    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-12-18 06:35:34    144384    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-12-13 10:39:36    --------    d-----w-    C:\Users\The Dude\AppData\Roaming\FiraxisLive
2014-12-13 08:52:10    --------    d-----w-    C:\Users\The Dude\AppData\Local\SKIDROW
2014-12-10 12:14:32    3981488    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-12-10 11:11:36    --------    d-----w-    C:\Windows\System32\appraiser
2014-12-10 10:17:25    55808    ----a-w-    C:\Windows\System32\rrinstaller.exe
2014-12-10 10:17:25    50176    ----a-w-    C:\Windows\SysWow64\rrinstaller.exe
2014-12-10 10:17:25    3209728    ----a-w-    C:\Windows\SysWow64\mf.dll
2014-12-10 10:17:25    24576    ----a-w-    C:\Windows\System32\mfpmp.exe
2014-12-10 10:17:25    23040    ----a-w-    C:\Windows\SysWow64\mfpmp.exe
2014-12-10 10:17:25    206848    ----a-w-    C:\Windows\System32\mfps.dll
2014-12-10 10:17:25    2048    ----a-w-    C:\Windows\SysWow64\mferror.dll
2014-12-10 10:17:25    2048    ----a-w-    C:\Windows\System32\mferror.dll
2014-12-10 10:17:25    103424    ----a-w-    C:\Windows\SysWow64\mfps.dll
2014-12-10 10:17:24    4121600    ----a-w-    C:\Windows\System32\mf.dll
2014-12-10 08:40:59    77824    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-12-10 08:38:49    165888    ----a-w-    C:\Windows\System32\charmap.exe
.
==================== Find3M  ====================
.
2015-01-09 02:23:33    129752    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-14 00:59:11    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-14 00:59:11    701616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-04 02:50:55    413184    ----a-w-    C:\Windows\System32\generaltel.dll
2014-12-04 02:50:45    741376    ----a-w-    C:\Windows\System32\invagent.dll
2014-12-04 02:50:40    396800    ----a-w-    C:\Windows\System32\devinv.dll
2014-12-04 02:50:38    830976    ----a-w-    C:\Windows\System32\appraiser.dll
2014-12-04 02:50:37    227328    ----a-w-    C:\Windows\System32\aepdu.dll
2014-12-04 02:50:37    192000    ----a-w-    C:\Windows\System32\aepic.dll
2014-12-04 02:44:48    1083392    ----a-w-    C:\Windows\System32\aeinv.dll
2014-12-01 23:28:44    1232040    ----a-w-    C:\Windows\System32\aitstatic.exe
2014-11-24 03:04:56    275080    ------w-    C:\Windows\System32\MpSigStub.exe
2014-11-22 03:06:23    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39    66560    ----a-w-    C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10    580096    ----a-w-    C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20    88064    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29    114688    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51    814080    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07    6039552    ----a-w-    C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31    968704    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:07:43    501248    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17    62464    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32    47616    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02    64000    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30    620032    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10    1359360    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58    2125312    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26    4299264    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21    2358272    ----a-w-    C:\Windows\System32\wininet.dll
2014-11-22 01:22:49    2052096    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57    1155072    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20    1888256    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-11-21 02:44:42    78432    ----a-w-    C:\Windows\System32\atimpc64.dll
2014-11-21 02:44:42    78432    ----a-w-    C:\Windows\System32\amdpcom64.dll
2014-11-21 02:44:40    71704    ----a-w-    C:\Windows\SysWow64\atimpc32.dll
2014-11-21 02:44:40    71704    ----a-w-    C:\Windows\SysWow64\amdpcom32.dll
2014-11-21 02:44:28    144328    ----a-w-    C:\Windows\System32\atiuxp64.dll
2014-11-21 02:44:26    126848    ----a-w-    C:\Windows\SysWow64\atiuxpag.dll
2014-11-21 02:44:24    118096    ----a-w-    C:\Windows\System32\atiu9p64.dll
2014-11-21 02:44:22    100032    ----a-w-    C:\Windows\SysWow64\atiu9pag.dll
2014-11-21 02:44:20    1348928    ----a-w-    C:\Windows\System32\aticfx64.dll
2014-11-21 02:44:16    1127496    ----a-w-    C:\Windows\SysWow64\aticfx32.dll
2014-11-21 02:44:10    11076784    ----a-w-    C:\Windows\System32\atidxx64.dll
2014-11-21 02:44:04    9401480    ----a-w-    C:\Windows\SysWow64\atidxx32.dll
2014-11-21 02:43:56    7558816    ----a-w-    C:\Windows\SysWow64\atiumdva.dll
2014-11-21 02:43:50    7077776    ----a-w-    C:\Windows\SysWow64\atiumdag.dll
2014-11-21 02:43:42    8379720    ----a-w-    C:\Windows\System32\atiumd6a.dll
2014-11-21 02:43:38    8369408    ----a-w-    C:\Windows\System32\atiumd64.dll
2014-11-21 02:41:36    294600    ----a-w-    C:\Windows\System32\drivers\amdacpksd.sys
2014-11-21 02:40:00    18959360    ----a-w-    C:\Windows\System32\drivers\atikmdag.sys
2014-11-21 02:33:12    235008    ----a-w-    C:\Windows\System32\clinfo.exe
2014-11-21 02:33:06    98816    ----a-w-    C:\Windows\System32\OpenVideo64.dll
2014-11-21 02:33:06    83456    ----a-w-    C:\Windows\SysWow64\OpenVideo.dll
2014-11-21 02:33:04    86528    ----a-w-    C:\Windows\System32\OVDecode64.dll
2014-11-21 02:33:02    73216    ----a-w-    C:\Windows\SysWow64\OVDecode.dll
2014-11-21 02:33:00    47899136    ----a-w-    C:\Windows\System32\amdocl64.dll
2014-11-21 02:32:08    40987136    ----a-w-    C:\Windows\SysWow64\amdocl.dll
2014-11-21 02:31:18    65024    ----a-w-    C:\Windows\System32\OpenCL.dll
2014-11-21 02:31:16    58880    ----a-w-    C:\Windows\SysWow64\OpenCL.dll
2014-11-21 02:24:50    28354560    ----a-w-    C:\Windows\System32\atio6axx.dll
2014-11-21 02:19:36    23621632    ----a-w-    C:\Windows\SysWow64\atioglxx.dll
2014-11-21 02:19:26    49664    ----a-w-    C:\Windows\System32\amdmmcl6.dll
2014-11-21 02:19:22    38912    ----a-w-    C:\Windows\SysWow64\amdmmcl.dll
2014-11-21 02:18:46    127488    ----a-w-    C:\Windows\System32\mantle64.dll
2014-11-21 02:18:42    113664    ----a-w-    C:\Windows\SysWow64\mantle32.dll
2014-11-21 02:18:36    5837312    ----a-w-    C:\Windows\System32\amdmantle64.dll
2014-11-21 02:17:04    367104    ----a-w-    C:\Windows\System32\atiapfxx.exe
2014-11-21 02:17:02    62464    ----a-w-    C:\Windows\System32\aticalrt64.dll
2014-11-21 02:17:02    52224    ----a-w-    C:\Windows\SysWow64\aticalrt.dll
2014-11-21 02:16:58    55808    ----a-w-    C:\Windows\System32\aticalcl64.dll
2014-11-21 02:16:58    49152    ----a-w-    C:\Windows\SysWow64\aticalcl.dll
2014-11-21 02:16:52    15716352    ----a-w-    C:\Windows\System32\aticaldd64.dll
2014-11-21 02:16:04    14302208    ----a-w-    C:\Windows\SysWow64\aticaldd.dll
2014-11-21 02:15:42    4590592    ----a-w-    C:\Windows\SysWow64\amdmantle32.dll
2014-11-21 02:13:12    91648    ----a-w-    C:\Windows\System32\mantleaxl64.dll
2014-11-21 02:13:10    85504    ----a-w-    C:\Windows\SysWow64\mantleaxl32.dll
2014-11-21 02:12:50    442368    ----a-w-    C:\Windows\System32\atidemgy.dll
2014-11-21 02:12:50    31232    ----a-w-    C:\Windows\System32\atimuixx.dll
2014-11-21 02:12:48    774656    ----a-w-    C:\Windows\System32\atieclxx.exe
2014-11-21 02:12:40    244736    ----a-w-    C:\Windows\System32\atiesrxx.exe
2014-11-21 02:12:26    190976    ----a-w-    C:\Windows\System32\atitmm64.dll
2014-11-21 02:10:02    843776    ----a-w-    C:\Windows\System32\coinst_14.50.dll
2014-11-21 02:09:06    1214976    ----a-w-    C:\Windows\System32\atiadlxx.dll
2014-11-21 02:09:04    903168    ----a-w-    C:\Windows\SysWow64\atiadlxy.dll
2014-11-21 02:09:00    75264    ----a-w-    C:\Windows\System32\atig6pxx.dll
2014-11-21 02:09:00    69632    ----a-w-    C:\Windows\SysWow64\atiglpxx.dll
2014-11-21 02:09:00    69632    ----a-w-    C:\Windows\System32\atiglpxx.dll
2014-11-21 02:08:58    146944    ----a-w-    C:\Windows\System32\atig6txx.dll
2014-11-21 02:08:56    133632    ----a-w-    C:\Windows\SysWow64\atigktxx.dll
2014-11-21 02:08:54    589312    ----a-w-    C:\Windows\System32\drivers\atikmpag.sys
2014-11-21 02:08:54    43520    ----a-w-    C:\Windows\System32\drivers\ati2erec.dll
2014-11-20 19:14:22    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-11-20 19:14:12    93400    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-20 19:14:08    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-11-20 10:36:32    51200    ----a-w-    C:\Windows\System32\kdbsdk64.dll
2014-11-20 10:35:00    38912    ----a-w-    C:\Windows\SysWow64\kdbsdk32.dll
.
============= FINISH: 16:01:46.46 ===============
 

 

 

 

 

 

 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:29 AM

Posted 10 January 2015 - 11:01 AM

Hey my friend, :)

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,894 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:29 AM

Posted 14 January 2015 - 10:28 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users