Problem Description
Web pages, including ones which normally load in seconds, are sometimes loading at normal speeds but are often taking several minutes or failing to load. I'm using a Wi-Fi connection to my router on my landline at home. My laptop is the only device connected to the router that I know of. The laptop is performing well in other respects. Earlier today I was one of two people connected to a router in a coffee shop. My page loading was as slow as it is at home but the other guy had no problems. Speedtest says I'm getting 16 Mbps. I'm running tbbmeter and the volume of data being downloaded is tiny. (Months ago my router was mysteriously downloading about 1 GB per hour, but not to my laptop. I never found out the cause. I did malware clean-ups with 3 or 4 different tools and the problem went away.)
The slow page-loading problem has happened at least twice this year. I was running Panda Cloud Antivirus and the Windows Firewall. Each time I did clean-ups with Malwarebytes, ASC and Combofix (without a helper.) The problem went away but I never found the cause. Maybe the answer was in the Combofix log, but I never got an expert opinion on it. I still have ComboFix logs from April 8 and 9.
After the problem went away I switched from Panda to MSE but the problem returned yesterday. This time around I have done no clean-ups at all.
Earlier today my Hotmail account was hijacked. There is a ton of spam in my Sent folder. It was all sent at 14.54 hrs today. I was using what I thought was a secure password, 11 characters of numerals and mixed case letters. I've since changed it.
DDS Log
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.21.2
Run by Nick at 15:53:56 on 2013-06-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3997.1532 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kAlienware.exe
C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\Rtlservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\thinkbroadband.com\tbbMeter\tbbmeter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uDefault_Search_URL = hxxp://www.google.com/ie
uProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
mRun: [FAStartup] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {7ECB1A47-6647-4B2C-A8DA-675569C9FF15} - hxxp://www.homeswapper.co.uk/HemsnewWeb ... 0680000000
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/ ... emLite.CAB
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{1227A23A-9A91-485B-88C7-F0A7E0248CF5} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{C8C5D718-624C-449E-BA81-F674636260AF} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{C8C5D718-624C-449E-BA81-F674636260AF}\244575966496 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{C8C5D718-624C-449E-BA81-F674636260AF}\244575966496D277964786D264F4E4 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{C8C5D718-624C-449E-BA81-F674636260AF}\2445F40756E6A7F6E656D235471627265736B637 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{C8C5D718-624C-449E-BA81-F674636260AF}\3736F6F64756273616666656E2765756374737 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{C8C5D718-624C-449E-BA81-F674636260AF}\45865602242756164625F6F6D6 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{EE00774A-B153-4504-862F-3FB90F334D90} : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{EE00774A-B153-4504-862F-3FB90F334D90}\244575966496D277964786D264F4E4 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{EE00774A-B153-4504-862F-3FB90F334D90}\2445F40756E6A7F6E656D284 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{EE00774A-B153-4504-862F-3FB90F334D90}\F54586560234C6F65746 : DHCPNameServer = 10.1.5.153 10.1.5.154
Notify: FastAccess - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli FAPassSync
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\rjpjn0lm.default\
FF - prefs.js: browser.startup.homepage - hxxp://groups.yahoo.com/group/freecycle ... ssages?o=1
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... 109&UM=&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - ExtSQL: 2013-05-15 23:25; ascsurfingprotection@iobit.com; C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\rjpjn0lm.default\extensions\ascsurfingprotection@iobit.com
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-4-28 17720]
R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdflt.sys [2012-10-6 19504]
R1 NNSALPC;NNSALPC;C:\Windows\System32\drivers\NNSAlpc.sys [2012-11-26 89640]
R1 NNSHTTP;NNSHTTP;C:\Windows\System32\drivers\NNSHttp.sys [2012-11-26 114728]
R1 NNSHTTPS;NNSHTTPS;C:\Windows\System32\drivers\NNSHttps.sys [2013-1-9 95712]
R1 NNSIDS;NNSIDS;C:\Windows\System32\drivers\NNSIds.sys [2012-11-26 114216]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;C:\Windows\System32\drivers\NNSNAHSL.sys [2012-10-22 33320]
R1 NNSPICC;NNSPICC;C:\Windows\System32\drivers\NNSpicc.sys [2012-11-26 94248]
R1 NNSPOP3;NNSPOP3;C:\Windows\System32\drivers\NNSPop3.sys [2012-11-26 118312]
R1 NNSPROT;NNSPROT;C:\Windows\System32\drivers\NNSProt.sys [2012-11-26 306216]
R1 NNSPRV;NNSPRV;C:\Windows\System32\drivers\NNSPrv.sys [2012-11-26 116776]
R1 NNSSMTP;NNSSMTP;C:\Windows\System32\drivers\NNSSmtp.sys [2012-11-26 114216]
R1 NNSSTRM;NNSSTRM;C:\Windows\System32\drivers\NNSStrm.sys [2012-11-28 232488]
R1 NNSTLSC;NNSTLSC;C:\Windows\System32\drivers\NNStlsc.sys [2012-11-26 105000]
R1 PSINKNC;PSINKNC;C:\Windows\System32\drivers\PSINKNC.sys [2012-11-9 204328]
R1 RapportCerberus_53984;RapportCerberus_53984;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\53984\RapportCerberus64_53984.sys [2013-5-28 588048]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-4-30 229040]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-3-5 98208]
R2 FAService;FAService;C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2010-4-4 2409800]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-10-5 13336]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-4-28 821592]
R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2012-10-6 60928]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008]
R2 PSINAflt;PSINAflt;C:\Windows\System32\drivers\PSINAflt.sys [2012-11-9 167976]
R2 PSINFile;PSINFile;C:\Windows\System32\drivers\PSINFile.sys [2012-11-9 119848]
R2 PSINProc;PSINProc;C:\Windows\System32\drivers\PSINProc.sys [2012-11-9 123944]
R2 PSINProt;PSINProt;C:\Windows\System32\drivers\PSINProt.sys [2012-11-9 133160]
R2 QDLService2kAlienware;Qualcomm Gobi 2000 Download Service (Alienware);C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kAlienware.exe [2010-3-15 330488]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-4-30 1124632]
R2 Realtek11nCU;Realtek11nCU;C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [2012-10-25 36864]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Acceler.sys [2012-10-6 25648]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
R3 PSSDK42;PSSDK42;C:\Windows\System32\drivers\pssdk42.sys [2012-10-9 53312]
R3 PSSDKLBF;PSSDKLBF;C:\Windows\System32\drivers\pssdklbf.sys [2012-10-9 65600]
S0 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2012-10-5 20392]
S2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2010-5-21 14648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2012-10-5 20984]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2012-10-5 328232]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-10-5 39464]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-9-19 102368]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-25 238848]
S3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-4-28 21384]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-8-18 143472]
S3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2013-4-28 58360]
S3 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2013-4-22 236688]
S3 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-4-30 357712]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-8 19456]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-4-28 33224]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192cu.sys [2012-10-13 848384]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-8 57856]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-4-28 21904]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-6 1255736]
S4 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-1-4 465216]
S4 NNSPIHSW;NNSPIHSW;C:\Windows\System32\drivers\NNSPihsw.sys [2012-11-28 69160]
S4 tbbLoaderService;tbbLoaderService;C:\Program Files (x86)\thinkbroadband.com\tbbMeter\tbbLoaderService.exe [2010-10-9 14848]
.
=============== Created Last 30 ================
.
2013-06-06 13:46:41 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EBCA2E4D-D43C-4F07-B992-52E9137707A2}\mpengine.dll
2013-06-05 17:41:00 29288 ----a-w- C:\Windows\System32\nvhdap64.dll
2013-06-05 17:41:00 155752 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2013-06-05 17:24:42 7493224 ----a-w- C:\Windows\System32\nvwgf2umx.dll
2013-06-05 17:24:01 255080 ----a-w- C:\Windows\System32\nvcod1919.dll
2013-06-05 17:24:01 255080 ----a-w- C:\Windows\System32\nvcod.dll
2013-06-05 17:24:01 2162792 ----a-w- C:\Windows\System32\nvapi64.dll
2013-06-05 16:49:55 -------- d-----w- C:\Users\Nick\AppData\Local\Akamai
2013-06-05 16:46:20 -------- d-----w- C:\NVIDIA
2013-06-05 16:35:02 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-05 05:57:54 9460464 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-28 12:58:04 -------- d-----w- C:\Program Files (x86)\GRETECH
2013-05-24 13:17:33 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-05-23 19:21:46 -------- d-----w- C:\Users\Nick\AppData\Roaming\Philipp Winterberg
2013-05-23 19:21:40 -------- d-----w- C:\Program Files (x86)\Free RAR Extract Frog
2013-05-21 14:32:08 905296 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-05-21 14:32:07 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{03E69BE9-D87D-4B7C-BB60-469063F5B681}\gapaengine.dll
2013-05-16 19:14:21 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2013-05-16 16:37:22 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{594DC557-36BE-47AE-84E0-A7AC5E29C288}\mpengine.dll
2013-05-16 16:25:40 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-05-16 16:17:10 9195912 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-05-16 16:08:21 -------- d-----w- C:\Program Files (x86)\GUMC447.tmp
2013-05-16 15:06:09 -------- d-----w- C:\Program Files\Microsoft Security Client
2013-05-11 10:24:08 -------- d-----w- C:\Program Files (x86)\GUM9DAD.tmp
.
==================== Find3M ====================
.
2013-06-06 14:33:03 65600 ----a-w- C:\Windows\System32\drivers\pssdklbf.sys
2013-06-06 14:33:03 53312 ----a-w- C:\Windows\System32\drivers\pssdk42.sys
2013-05-16 17:17:13 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-16 17:17:13 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-30 00:28:50 236688 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll
2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
.
============= FINISH: 15:55:00.82 ===============
Attach Log
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 05/10/2012 22:15:42
System Uptime: 06/06/2013 09:03:18 (6 hours ago)
.
Motherboard: Alienware | | 0VWGCV
Processor: Genuine Intel(R) CPU U7300 @ 1.30GHz | U2E1 | 1729/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 368.911 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\CPL0002\2&DABA3FF&1
Manufacturer:
Name:
PNP Device ID: ACPI\CPL0002\2&DABA3FF&1
Service:
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
==== System Restore Points ===================
.
RP120: 23/05/2013 15:42:44 - Windows Update
RP121: 27/05/2013 16:43:56 - Windows Update
RP122: 30/05/2013 17:20:42 - Windows Update
RP123: 03/06/2013 17:21:49 - Windows Update
RP124: 05/06/2013 17:34:05 - Installed Java 7 Update 21
.
==== Installed Programs ======================
.
Accelerometer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
Advanced SystemCare 6
Akamai NetSession Interface
µTorrent
Call of Duty(R) 2
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Tool
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 3.0
Canon MP Navigator EX 4.0
Canon MP270 series MP Drivers
Canon MP270 series User Registration
Canon MP495 series MP Drivers
Canon MP495 series User Registration
Canon My Printer
Canon Solution Menu EX
Command Center
DW WLAN Card Utility
Free RAR Extract Frog
GOM Player
Google Chrome
Google Drive
Google Earth Plug-in
Google Update Helper
InstallVC90Support
Intel(R) Control Center
Intel(R) Rapid Storage Technology
IObit Malware Fighter
Java 7 Update 21
Java Auto Updater
JMicron 1394 Filter Driver
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 4 Client Profile
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 21.0 (x86 en-US)
Mozilla Maintenance Service
NVIDIA Control Panel 263.08
NVIDIA Graphics Driver 263.08
NVIDIA HD Audio Driver 1.1.13.1
NVIDIA Install Application
OpenOffice.org 3.4.1
Panda Cloud Antivirus
Picasa 3
Qualcomm Gobi 2000 Package for Alienware
QuickTime
Rapport
Realtek High Definition Audio Driver
REALTEK Wireless LAN Driver and Utility
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Sid Meier's Civilization V
Smart Defrag 2
Steam
Synaptics Pointing Device Driver
tbbMeter
tbbMeter Loader Service
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VLC media player 2.0.5
WIDCOMM Bluetooth Software
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (01/20/2010 6.3.0.3500)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (01/28/2010 6.3.0.3800)
Windows Driver Package - Broadcom HIDClass (09/11/2009 6.3.0.1500)
.
==== Event Viewer Messages From Past Week ========
.
05/06/2013 19:07:41, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
05/06/2013 19:07:39, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Alienware Fusion Service service to connect.
05/06/2013 19:07:39, Error: Service Control Manager [7000] - The Alienware Fusion Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
05/06/2013 19:06:52, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
05/06/2013 19:06:52, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
05/06/2013 19:03:44, Error: Service Control Manager [7001] - The Intel(R) Rapid Storage Technology service depends on the Windows Management Instrumentation service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
05/06/2013 19:01:11, Error: Service Control Manager [7001] - The Server service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
05/06/2013 19:01:11, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
.
==== End Of File ===========================