Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Infected. High compuetr usage

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Infected. High compuetr usage

Unread postby jcej2684 » March 27th, 2015, 10:43 pm

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17689
Run by James W at 21:30:46 on 2015-03-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.1732 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall *Enabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ATT\8.4.1.12\ma\bin\MAHostService.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ATT\8.4.1.12\ma\bin\node.exe
C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Windows\system32\lxdjcoms.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoService.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATT\8.4.1.12\ma\bin\pcTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Cyberlink\PowerDVD8\PDVD8Serv.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uSearch Page = hxxp://www.google.com
mStart Page = about:blank
uSearchAssistant = hxxp://www.google.com
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn13\yt.dll
mURLSearchHooks: Yahoo! Axis for IE: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn13\yt.dll
BHO: Yahoo! Axis for IE: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll
BHO: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: {adff4c9a-4f49-4a1f-8885-360e107b7938} - <orphaned>
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll
BHO: {D576D3D1-A2E0-981D-DE7E-098DC1EE7878} - <orphaned>
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: XFINITY Toolbar: {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files (x86)\xfin_portal\comcastdx.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn13\yt.dll
TB: Yahoo! Axis for IE: {035FDC10-9F1D-430E-87DA-573FFBF5608D} - C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoClient_IE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
EB: F12 Developer Tools: {28BCCB9A-E66B-463C-82A4-09F320DE94D7} - C:\Program Files (x86)\Internet Explorer\F12Tools.dll
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
uRun: [BRS] C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRunOnce: [Adobe Speed Launcher] 1427507973
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [CLMLServer] "C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
mRun: [mcpltui_exe] "C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe" /platui /runkey
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
dRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {3D6F2DBA-F4E5-40A6-8725-E99BC96CC23A} - hxxp://108.74.155.10:5050/speco_control.cab
DPF: {A6B11FA9-502E-44BE-8D0F-BC76CE036AE4} - hxxp://108.74.155.10:5050/speco_webviewer.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{4BF773BA-4238-47ED-B727-4331043474BA} : DHCPNameServer = 192.168.15.1
TCP: Interfaces\{F9D0986B-D400-49C6-BA26-8EC6E90926F4} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F9D0986B-D400-49C6-BA26-8EC6E90926F4}\74F6C6463456461627D27657563747 : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{F9D0986B-D400-49C6-BA26-8EC6E90926F4}\84F4D454D223032383 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{F9D0986B-D400-49C6-BA26-8EC6E90926F4}\A416D656377202960586F6E656 : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{F9D0986B-D400-49C6-BA26-8EC6E90926F4}\E45647A55627F6D2534364345323 : DHCPNameServer = 192.168.15.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: {305773EC-2DE8-4E7B-E21E-D856E693935A} - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: {91c58c1b-e763-49ff-9f0b-4fa92f6ff60a} - <orphaned>
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: {D576D3D1-A2E0-981D-DE7E-098DC1EE7878} - <orphaned>
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
x64-Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [ATT_McciTrayApp] "C:\Program Files\ATT\8.4.1.12\ma\bin\pcTrayApp.exe"
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\Windows\System32\rundll32.exe C:\Windows\System32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2014-6-20 786304]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2014-6-20 348560]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-11-15 274696]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-22 172344]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-11-2 203264]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-1-20 77128]
R2 AT&T Troubleshoot & Resolve;AT&T Troubleshoot & Resolve;C:\Program Files (x86)\ATT\8.4.1.12\ma\bin\MAHostService.exe [2014-8-27 321024]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2009-11-2 844320]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-12-31 451416]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-28 335064]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2014-5-6 395640]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-12-11 780152]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [2015-3-5 155368]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2014-10-28 562200]
R2 mccspsvc;McAfee CSP Service;C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [2014-11-21 422632]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-28 335064]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-28 335064]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-28 335064]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-28 335064]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-10-28 1050952]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2014-11-1 221832]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2014-11-1 189920]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-11-15 124560]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-9-24 62720]
R2 pcCMService;pcCMService;C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [2014-10-9 369152]
R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2014-10-9 460800]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-5-14 1738200]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-5-14 2081752]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-5-14 171928]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-11-2 240160]
R2 YNanoService;Yahoo! NanoClient Service;C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoService.exe [2012-7-25 157016]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2014-6-20 72136]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-11-2 317480]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2014-6-20 313680]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2014-6-20 526360]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2014-9-19 447440]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-1-30 366512]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-9-18 34872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2015-2-12 197704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-3-10 114688]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2014-9-19 96600]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-10-30 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-11-2 225280]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-10-30 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-20 1255736]
.
=============== Created Last 30 ================
.
2015-03-28 02:06:50 12002392 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{02BDCF9D-F595-45E2-89CC-AF26F07583D7}\mpengine.dll
2015-03-27 02:03:15 1187344 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{472608F0-4EFD-4678-809B-D5E591A57349}\gapaengine.dll
2015-03-27 02:03:03 12002392 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-03-27 01:58:02 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2015-03-27 01:57:47 -------- d-----w- C:\Program Files\Microsoft Security Client
2015-03-24 23:00:43 943616 ----a-w- C:\Windows\System32\appraiser.dll
2015-03-24 23:00:43 677888 ----a-w- C:\Windows\System32\generaltel.dll
2015-03-24 23:00:43 30720 ----a-w- C:\Windows\System32\acmigration.dll
2015-03-24 23:00:43 1107456 ----a-w- C:\Windows\System32\aeinv.dll
2015-03-24 23:00:42 760832 ----a-w- C:\Windows\System32\invagent.dll
2015-03-24 23:00:42 414720 ----a-w- C:\Windows\System32\devinv.dll
2015-03-24 23:00:42 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-03-24 23:00:42 192000 ----a-w- C:\Windows\System32\aepic.dll
2015-03-23 01:43:01 -------- d-----w- C:\Program Files (x86)\CoupSCAnneer
2015-03-20 00:57:33 -------- d-----w- C:\Users\James W\AppData\Roaming\PrintProjects
2015-03-20 00:38:04 -------- d-----w- C:\Users\James W\AppData\Roaming\KODAK AiO Home Center1263220163
2015-03-20 00:27:59 -------- d-----w- C:\Users\James W\AppData\Roaming\KODAK AiO Home Center1831025160
2015-03-11 01:28:13 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2015-03-11 01:28:13 46080 ----a-w- C:\Windows\System32\atmlib.dll
2015-03-11 01:28:13 41984 ----a-w- C:\Windows\System32\lpk.dll
2015-03-11 01:28:13 372224 ----a-w- C:\Windows\System32\atmfd.dll
2015-03-11 01:28:13 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2015-03-11 01:28:13 299008 ----a-w- C:\Windows\SysWow64\atmfd.dll
2015-03-11 01:28:13 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2015-03-11 01:28:13 14336 ----a-w- C:\Windows\System32\dciman32.dll
2015-03-11 01:28:13 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2015-03-11 01:28:13 100864 ----a-w- C:\Windows\System32\fontsub.dll
2015-03-11 01:26:45 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
2015-03-11 01:26:44 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2015-03-11 01:26:44 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2015-03-11 01:26:02 215552 ----a-w- C:\Windows\System32\ubpm.dll
2015-03-11 01:26:02 171520 ----a-w- C:\Windows\SysWow64\ubpm.dll
2015-03-11 01:24:50 1424896 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2015-03-11 01:23:47 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2015-03-11 01:23:46 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2015-03-03 22:02:09 29696 ----a-w- C:\Windows\System32\powertracker.dll
2015-03-03 22:02:08 950272 ----a-w- C:\Windows\System32\perftrack.dll
2015-03-03 22:02:08 91136 ----a-w- C:\Windows\System32\wdi.dll
2015-03-03 22:02:08 76800 ----a-w- C:\Windows\SysWow64\wdi.dll
2015-02-27 22:23:30 -------- d-----w- C:\Program Files\iPod
2015-02-27 22:23:30 -------- d-----w- C:\Program Files (x86)\iTunes
2015-02-27 22:23:29 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-27 22:23:29 -------- d-----w- C:\Program Files\iTunes
.
==================== Find3M ====================
.
2015-03-13 00:57:25 4 ----a-w- C:\Users\James W\AppData\Roaming\appdataFr2.bin
2015-03-06 05:56:10 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-03-06 05:56:10 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-03-06 05:42:39 210944 ----a-w- C:\Windows\System32\wdigest.dll
2015-03-06 05:42:36 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2015-03-06 05:42:35 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2015-03-06 05:42:35 136192 ----a-w- C:\Windows\System32\sspicli.dll
2015-03-06 05:42:33 341504 ----a-w- C:\Windows\System32\schannel.dll
2015-03-06 05:42:33 28160 ----a-w- C:\Windows\System32\secur32.dll
2015-03-06 05:42:29 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2015-03-06 05:42:29 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2015-03-06 05:42:27 728064 ----a-w- C:\Windows\System32\kerberos.dll
2015-03-06 05:42:27 1461760 ----a-w- C:\Windows\System32\lsasrv.dll
2015-03-06 05:42:20 22016 ----a-w- C:\Windows\System32\credssp.dll
2015-03-06 05:41:46 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-03-06 05:41:31 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-03-06 05:39:16 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-03-06 05:38:57 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-03-06 05:36:56 686080 ----a-w- C:\Windows\System32\adtschema.dll
2015-03-06 05:10:34 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2015-03-06 05:10:30 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2015-03-06 05:10:26 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-03-06 05:10:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-03-06 05:10:22 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2015-03-06 05:10:22 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-03-06 05:10:18 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2015-03-06 05:10:11 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2015-03-06 05:09:31 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-03-06 05:09:19 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-03-06 05:07:50 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-03-06 05:07:43 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-03-06 05:06:20 686080 ----a-w- C:\Windows\SysWow64\adtschema.dll
2015-03-03 13:17:35 295552 ------w- C:\Windows\System32\MpSigStub.exe
2015-02-26 03:25:44 3204096 ----a-w- C:\Windows\System32\win32k.sys
2015-02-20 03:06:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-02-20 03:05:49 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-02-20 02:50:14 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-02-20 02:49:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-02-20 02:49:19 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-02-20 02:47:56 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-02-20 02:35:17 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-02-20 02:35:05 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-02-20 02:34:24 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-02-20 02:32:34 6035456 ----a-w- C:\Windows\System32\jscript9.dll
2015-02-20 02:26:12 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-02-20 02:22:35 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-02-20 02:13:57 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-02-20 02:09:08 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-02-20 02:08:59 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-02-20 02:08:13 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-02-20 02:06:44 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-02-20 01:56:54 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-02-20 01:56:07 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-02-20 01:47:06 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-02-20 01:46:45 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-02-20 01:41:52 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-02-20 01:30:39 4300288 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-02-20 01:28:25 2358784 ----a-w- C:\Windows\System32\wininet.dll
2015-02-20 01:24:21 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-02-20 01:23:19 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-02-20 01:01:25 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-02-17 21:04:46 1202848 ----a-w- C:\Windows\SysWow64\FM20.DLL
2015-02-10 01:50:30 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-10 01:50:30 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-02-03 03:34:39 693176 ----a-w- C:\Windows\System32\winload.efi
2015-02-03 03:34:38 5554104 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-02-03 03:34:36 94656 ----a-w- C:\Windows\System32\drivers\mountmgr.sys
2015-02-03 03:33:29 616360 ----a-w- C:\Windows\System32\winresume.efi
2015-02-03 03:30:58 631808 ----a-w- C:\Windows\System32\evr.dll
2015-02-03 03:29:19 8704 ----a-w- C:\Windows\System32\pcaevts.dll
2015-02-03 03:28:49 2048 ----a-w- C:\Windows\System32\mferror.dll
2015-02-03 03:28:14 6656 ----a-w- C:\Windows\System32\apisetschema.dll
2015-02-03 03:19:12 663552 ----a-w- C:\Windows\System32\drivers\PEAuth.sys
2015-02-03 03:16:31 3973048 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-02-03 03:16:31 3917760 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-02-03 03:11:55 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2015-02-03 03:11:48 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2015-02-03 03:11:18 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2015-02-03 03:09:03 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2015-02-03 03:08:07 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2015-02-03 02:32:25 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
2015-01-30 23:56:51 459336 ----a-w- C:\Windows\System32\drivers\cng.sys
2015-01-27 23:36:21 1239720 ----a-w- C:\Windows\System32\aitstatic.exe
2015-01-17 02:48:38 1067520 ----a-w- C:\Windows\System32\msctf.dll
2015-01-17 02:30:42 828928 ----a-w- C:\Windows\SysWow64\msctf.dll
.
============= FINISH: 21:33:54.45 ===============
jcej2684
Active Member
 
Posts: 3
Joined: March 27th, 2015, 10:20 pm
Advertisement
Register to Remove

Re: Infected. High compuetr usage

Unread postby jcej2684 » March 27th, 2015, 10:45 pm

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 9/18/2012 7:15:17 PM
System Uptime: 3/27/2015 8:50:49 PM (1 hours ago)
.
Motherboard: Gateway | | NV73
Processor: AMD Athlon(tm) II Dual-Core M300 | Socket S1G3 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 221 GiB total, 104.395 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: AntiLog32
Device ID: ROOT\LEGACY_ANTILOG32\0000
Manufacturer:
Name: AntiLog32
PNP Device ID: ROOT\LEGACY_ANTILOG32\0000
Service: AntiLog32
.
==== System Restore Points ===================
.
RP262: 2/13/2015 8:07:02 PM - Windows Update
RP263: 2/23/2015 4:08:57 PM - Garmin Express
RP264: 2/23/2015 4:13:31 PM - Garmin Express
RP265: 2/27/2015 11:13:05 PM - Windows Update
RP266: 3/4/2015 3:52:07 PM - Windows Update
RP267: 3/10/2015 8:48:20 PM - Windows Update
RP268: 3/22/2015 8:47:45 PM - Removed Bonjour
RP269: 3/24/2015 7:03:31 PM - Windows Update
RP270: 3/27/2015 9:04:55 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 16 ActiveX
Adobe Flash Player 16 NPAPI
Adobe Reader XI (11.0.10)
aioprnt
aioscnnr
ANT Drivers Installer x64
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Arcadesafari
AT&T Troubleshoot & Resolve
ATI Catalyst Install Manager
C4USelfUpdater
ccc-utility64
CCleaner
center
Compatibility Pack for the 2007 Office system
Elevated Installer
essentials
Garmin Communicator Plugin x64
Garmin Express
Garmin Express Tray
Google Chrome
Google Update Helper
iTunes
Kodak AIO Printer
KODAK AiO Software
McAfee SecurityCenter
McAfee SiteAdvisor
Microsoft .NET Framework 4.5.2
Microsoft Application Error Reporting
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft OneDrive
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
MSVCRT110_amd64
Opera
Performancer
PrintProjects
QuickTime 7
Spybot - Search & Destroy
SUPERAntiSpyware
Synaptics Pointing Device Driver
Unity Web Player
Watchtower Library 2014 - English
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
Windows Live ID Sign-in Assistant
.
==== Event Viewer Messages From Past Week ========
.
3/27/2015 8:57:16 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
3/27/2015 8:57:16 PM, Error: Service Control Manager [7000] - The Garmin Core Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/27/2015 8:53:12 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
3/27/2015 8:53:12 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/27/2015 8:51:09 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
3/27/2015 8:51:09 PM, Error: atikmdag [43029] - Display is not active
3/26/2015 5:56:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.
3/23/2015 7:15:36 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
3/23/2015 7:15:36 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/23/2015 7:15:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/23/2015 7:15:13 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/23/2015 7:15:13 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
3/23/2015 7:14:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
3/23/2015 7:14:27 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Updating Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
jcej2684
Active Member
 
Posts: 3
Joined: March 27th, 2015, 10:20 pm

Re: Infected. High compuetr usage

Unread postby jcej2684 » March 27th, 2015, 10:45 pm

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 9/18/2012 7:15:17 PM
System Uptime: 3/27/2015 8:50:49 PM (1 hours ago)
.
Motherboard: Gateway | | NV73
Processor: AMD Athlon(tm) II Dual-Core M300 | Socket S1G3 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 221 GiB total, 104.395 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: AntiLog32
Device ID: ROOT\LEGACY_ANTILOG32\0000
Manufacturer:
Name: AntiLog32
PNP Device ID: ROOT\LEGACY_ANTILOG32\0000
Service: AntiLog32
.
==== System Restore Points ===================
.
RP262: 2/13/2015 8:07:02 PM - Windows Update
RP263: 2/23/2015 4:08:57 PM - Garmin Express
RP264: 2/23/2015 4:13:31 PM - Garmin Express
RP265: 2/27/2015 11:13:05 PM - Windows Update
RP266: 3/4/2015 3:52:07 PM - Windows Update
RP267: 3/10/2015 8:48:20 PM - Windows Update
RP268: 3/22/2015 8:47:45 PM - Removed Bonjour
RP269: 3/24/2015 7:03:31 PM - Windows Update
RP270: 3/27/2015 9:04:55 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 16 ActiveX
Adobe Flash Player 16 NPAPI
Adobe Reader XI (11.0.10)
aioprnt
aioscnnr
ANT Drivers Installer x64
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Arcadesafari
AT&T Troubleshoot & Resolve
ATI Catalyst Install Manager
C4USelfUpdater
ccc-utility64
CCleaner
center
Compatibility Pack for the 2007 Office system
Elevated Installer
essentials
Garmin Communicator Plugin x64
Garmin Express
Garmin Express Tray
Google Chrome
Google Update Helper
iTunes
Kodak AIO Printer
KODAK AiO Software
McAfee SecurityCenter
McAfee SiteAdvisor
Microsoft .NET Framework 4.5.2
Microsoft Application Error Reporting
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft OneDrive
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
MSVCRT110_amd64
Opera
Performancer
PrintProjects
QuickTime 7
Spybot - Search & Destroy
SUPERAntiSpyware
Synaptics Pointing Device Driver
Unity Web Player
Watchtower Library 2014 - English
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
Windows Live ID Sign-in Assistant
.
==== Event Viewer Messages From Past Week ========
.
3/27/2015 8:57:16 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
3/27/2015 8:57:16 PM, Error: Service Control Manager [7000] - The Garmin Core Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/27/2015 8:53:12 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
3/27/2015 8:53:12 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/27/2015 8:51:09 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
3/27/2015 8:51:09 PM, Error: atikmdag [43029] - Display is not active
3/26/2015 5:56:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.
3/23/2015 7:15:36 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
3/23/2015 7:15:36 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/23/2015 7:15:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/23/2015 7:15:13 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/23/2015 7:15:13 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
3/23/2015 7:14:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
3/23/2015 7:14:27 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Updating Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
jcej2684
Active Member
 
Posts: 3
Joined: March 27th, 2015, 10:20 pm

Re: Infected. High compuetr usage

Unread postby Cypher » March 28th, 2015, 7:37 am

Bumping or Replying to Your Own Topic

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why you should not reply to or try to bump your topic.
Please submit a new log and wait for a helper to reply. Thank you for your understanding.

This topic is now closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 41 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware