Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

SLUGGISH PC

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

SLUGGISH PC

Unread postby skroder » December 24th, 2013, 10:22 am

I'm running Malwarebytes but my PC is still sluggish. I've downloaded some malware removal tools but I don't know how to use them.

Usually my start up time for the PC takes less than 15 seconds, now it's taking too long, even switching tabs in Chrome. My brother is downloading series through uTorrent, so basically I know where the culprit lies. I will uninstall uTorrent when you instruct me to, since the malware is still on the PC.

I appreciate your help, team. Here are the logs.


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428
Run by Skroder at 22:16:21 on 2013-12-24
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.63.1033.18.4044.2210 [GMT -8:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mDefault_Page_URL = hxxp://www.google.com
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{FDE17F4C-22ED-4AB8-BAB0-683FD1C3905A} : DHCPNameServer = 192.168.254.254
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-12-23 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-12-23 207904]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-12-23 1034464]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-12-23 422216]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-12-8 283064]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-12-23 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-23 50344]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-12-8 166720]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-19 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-19 701512]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-12-8 1907896]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-12-8 365376]
R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2013-12-23 79672]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-19 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-12-8 805088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 Blackberry Device Manager;Blackberry Device Manager;C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2013-1-18 577536]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-15 111616]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-8 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-12-8 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-12-8 1255736]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
.
=============== Created Last 30 ================
.
2013-12-25 06:09:27 -------- d-sh--w- C:\$RECYCLE.BIN
2013-12-25 06:02:33 98816 ----a-w- C:\Windows\sed.exe
2013-12-25 06:02:33 256000 ----a-w- C:\Windows\PEV.exe
2013-12-25 06:02:33 208896 ----a-w- C:\Windows\MBR.exe
2013-12-25 06:00:00 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DB8A1415-614E-43DD-B266-FB8C6287D39F}\offreg.dll
2013-12-25 02:54:07 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DB8A1415-614E-43DD-B266-FB8C6287D39F}\mpengine.dll
2013-12-23 10:39:51 -------- d-----w- C:\Users\Skroder\AppData\Roaming\AVAST Software
2013-12-23 10:39:32 79672 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2013-12-23 10:39:32 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-12-23 10:39:32 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-12-23 10:39:32 1034464 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-12-23 10:39:31 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-12-23 10:39:30 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-12-23 10:39:26 43152 ----a-w- C:\Windows\avastSS.scr
2013-12-23 10:39:03 -------- d-----w- C:\Program Files\AVAST Software
2013-12-23 10:38:23 -------- d-----w- C:\ProgramData\AVAST Software
2013-12-23 10:19:00 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-23 10:11:59 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys.bak
2013-12-23 10:05:12 -------- d-----w- C:\Windows\ERUNT
2013-12-23 09:57:24 -------- d-----w- C:\AdwCleaner
2013-12-23 09:01:15 -------- d-----w- C:\Users\Skroder\AppData\Roaming\NVIDIA
2013-12-22 22:28:29 -------- d-----w- C:\Users\Skroder\AppData\Local\CrashDumps
2013-12-22 22:20:13 -------- d-----w- C:\Users\Skroder\AppData\Local\Downloaded Installations
2013-12-22 22:18:04 -------- d-----w- C:\Users\Skroder\AppData\Local\Research In Motion
2013-12-22 22:18:02 -------- d-----w- C:\Users\Skroder\AppData\Roaming\Research In Motion
2013-12-22 22:17:10 44544 ----a-w- C:\Windows\System32\drivers\RimSerial_AMD64.sys
2013-12-22 22:16:52 -------- d-----w- C:\ProgramData\Research In Motion
2013-12-22 22:16:32 -------- d-----w- C:\Program Files (x86)\Research In Motion
2013-12-22 22:16:32 -------- d-----w- C:\Program Files (x86)\Common Files\XCPCSync.OEM
2013-12-22 22:16:32 -------- d-----w- C:\Program Files (x86)\Common Files\Research In Motion
2013-12-21 06:22:37 -------- d-----w- C:\Program Files\CCleaner
2013-12-20 07:00:52 -------- d-----w- C:\Users\Skroder\AppData\Roaming\Malwarebytes
2013-12-20 07:00:48 -------- d-----w- C:\ProgramData\Malwarebytes
2013-12-20 07:00:47 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-12-20 07:00:47 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-20 07:00:30 -------- d-----w- C:\Users\Skroder\AppData\Local\Programs
2013-12-20 06:40:08 -------- d-----w- C:\Windows\Migration
2013-12-20 06:35:23 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-12-20 06:35:23 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-12-20 06:35:23 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-12-20 06:35:23 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-12-20 06:35:23 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-12-20 06:35:23 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-12-20 06:35:23 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-12-12 00:56:33 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-12 00:56:33 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-12 00:56:33 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2013-12-12 00:56:32 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2013-12-11 20:26:31 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-12-11 20:26:31 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-12-11 20:25:14 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-12-11 20:25:14 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-12-11 20:25:13 2871808 ----a-w- C:\Windows\explorer.exe
2013-12-11 20:25:13 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2013-12-11 20:25:12 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-12-11 20:15:10 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-12-11 20:15:10 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-12-11 20:11:29 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-12-11 20:11:29 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-12-11 20:11:21 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-12-11 20:11:21 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-12-11 20:10:53 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2013-12-11 20:10:53 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2013-12-11 20:08:14 202752 ----a-w- C:\Windows\System32\scrrun.dll
2013-12-11 20:08:14 168960 ----a-w- C:\Windows\System32\wscript.exe
2013-12-11 20:08:14 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-12-11 20:08:14 156160 ----a-w- C:\Windows\System32\cscript.exe
2013-12-11 20:08:14 150016 ----a-w- C:\Windows\System32\wshom.ocx
2013-12-11 20:08:14 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2013-12-11 20:08:14 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-12-11 20:08:14 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2013-12-11 20:08:05 67072 ----a-w- C:\Windows\splwow64.exe
2013-12-11 20:08:05 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2013-12-10 06:34:08 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-12-10 06:34:08 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2013-12-10 06:33:56 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2013-12-10 06:33:56 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2013-12-10 06:33:56 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2013-12-10 06:33:56 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2013-12-10 06:33:43 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-12-10 06:33:43 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-12-10 06:30:31 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-12-10 06:30:31 111448 ----a-w- C:\Windows\System32\consent.exe
2013-12-10 06:30:06 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-12-10 06:30:06 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-12-10 06:30:03 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-12-10 06:30:03 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-12-10 06:30:02 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-12-10 06:30:02 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-12-10 06:30:02 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-12-10 06:30:02 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-12-10 06:27:57 368128 ----a-w- C:\Windows\System32\atmfd.dll
2013-12-10 06:26:29 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-12-10 06:26:29 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-12-10 06:26:00 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-12-10 06:24:07 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-12-10 06:24:07 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2013-12-10 06:24:06 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2013-12-10 06:24:06 259584 ----a-w- C:\Windows\System32\WebClnt.dll
2013-12-10 06:24:06 205824 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2013-12-10 06:24:06 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2013-12-10 06:24:06 102400 ----a-w- C:\Windows\System32\davclnt.dll
2013-12-10 06:23:57 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-12-10 06:23:57 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-12-10 06:23:56 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2013-12-10 06:22:01 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2013-12-10 06:22:01 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-12-10 06:22:01 1111552 ----a-w- C:\Windows\System32\rdpcorets.dll
2013-12-10 06:22:00 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-12-10 06:22:00 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-12-10 06:02:29 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-12-10 06:02:29 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-12-10 06:02:28 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-12-10 06:02:28 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-12-10 06:02:28 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-12-10 06:02:26 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-12-10 06:02:26 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-12-10 06:02:08 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-12-10 06:02:08 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-12-10 06:02:08 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-12-10 06:02:07 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-12-10 06:02:07 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-12-10 06:00:11 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-12-10 06:00:11 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-12-10 06:00:03 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-12-10 06:00:03 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-12-10 06:00:02 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-12-10 06:00:02 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-12-10 05:59:31 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-12-10 05:59:31 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-12-10 05:59:31 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-12-10 05:56:05 -------- d-----w- C:\Users\Skroder\AppData\Local\Runic Games
2013-12-10 05:51:52 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-12-10 05:51:52 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-12-10 05:51:52 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-12-10 05:51:52 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-12-10 05:51:52 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-12-10 05:45:01 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-12-09 08:16:13 -------- d-----w- C:\Windows\System32\SPReview
2013-12-09 08:15:54 -------- d-----w- C:\Windows\System32\EventProviders
2013-12-09 07:12:45 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2013-12-09 07:12:41 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2013-12-09 07:09:52 -------- d-----w- C:\Users\Skroder\AppData\Roaming\DAEMON Tools Lite
2013-12-09 07:09:15 -------- d-----w- C:\Users\Skroder\AppData\Roaming\BitTorrent Sync
2013-12-09 07:09:06 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2013-12-09 07:07:59 -------- d-----w- C:\Users\Skroder\AppData\Roaming\uTorrent
2013-12-09 06:51:04 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2013-12-09 06:51:04 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2013-12-09 06:51:00 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2013-12-09 06:49:59 957440 ----a-w- C:\Windows\System32\mblctr.exe
2013-12-09 06:47:44 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2013-12-09 06:47:44 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2013-12-09 06:47:38 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2013-12-09 06:12:44 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive
2013-12-09 06:12:44 -------- d-----r- C:\Users\Skroder\SkyDrive
2013-12-09 06:12:38 -------- d-----w- C:\ProgramData\Microsoft SkyDrive
2013-12-09 05:45:50 2565632 ----a-w- C:\Windows\System32\esent.dll
2013-12-09 05:45:50 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2013-12-09 05:45:50 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2013-12-09 05:45:50 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2013-12-09 05:45:50 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2013-12-09 05:45:49 96768 ----a-w- C:\Windows\System32\fsutil.exe
2013-12-09 05:45:49 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2013-12-09 05:45:49 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2013-12-09 05:45:49 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2013-12-09 05:45:49 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2013-12-09 05:38:18 566480 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-12-09 05:24:34 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2013-12-09 05:15:26 -------- d-----w- C:\Users\Skroder\AppData\Local\cache
2013-12-09 05:14:41 -------- d-----w- C:\Windows\System32\appmgmt
2013-12-09 05:04:41 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04D8D91D-BCD5-4D3A-AB55-7CF735FF0F6E}\gapaengine.dll
2013-12-09 05:03:43 -------- d-----w- C:\Program Files\Microsoft Office 15
2013-12-09 05:01:47 -------- d-----w- C:\Users\Skroder\AppData\Local\Adobe
2013-12-09 04:49:40 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2013-12-09 04:49:31 -------- d-----w- C:\Program Files\Microsoft Security Client
2013-12-09 04:47:08 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2013-12-09 04:28:12 -------- d-----w- C:\Windows\SysWow64\Wat
2013-12-09 04:28:12 -------- d-----w- C:\Windows\System32\Wat
2013-12-09 03:58:05 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-12-09 03:58:04 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-12-09 03:58:04 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-12-09 03:37:39 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-12-09 03:37:39 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-12-09 03:37:39 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-12-09 03:37:39 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-12-09 03:37:39 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-12-09 03:37:39 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-12-09 03:37:39 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-12-09 03:35:10 -------- d-----w- C:\Windows\System32\MRT
2013-12-09 03:32:49 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-12-09 03:32:49 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-12-09 03:32:49 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-12-09 03:26:54 2164224 ----a-w- C:\Program Files\Windows Journal\Journal.exe
2013-12-09 03:26:51 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2013-12-09 03:26:50 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2013-12-09 03:26:41 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2013-12-09 03:26:41 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2013-12-09 03:26:32 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-12-09 03:26:28 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2013-12-09 03:26:28 850944 ----a-w- C:\Windows\SysWow64\sbe.dll
2013-12-09 03:26:28 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2013-12-09 03:26:28 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2013-12-09 03:26:28 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2013-12-09 03:26:28 1118720 ----a-w- C:\Windows\System32\sbe.dll
2013-12-09 03:22:27 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2013-12-09 03:22:27 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2013-12-09 03:22:27 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2013-12-09 03:21:38 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2013-12-09 03:21:38 20992 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2013-12-09 03:21:38 162816 ----a-w- C:\Windows\System32\rdpudd.dll
2013-12-09 03:21:33 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-12-09 03:21:33 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-09 03:21:32 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2013-12-09 03:21:32 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-12-09 03:21:32 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-12-09 03:21:32 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-09 03:20:49 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-12-09 03:20:48 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-12-09 03:20:48 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-12-09 03:20:23 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2013-12-09 03:20:23 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2013-12-09 03:20:23 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2013-12-09 03:20:23 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2013-12-09 03:19:51 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2013-12-09 03:19:51 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2013-12-09 03:19:39 723456 ----a-w- C:\Windows\System32\EncDec.dll
2013-12-09 03:19:39 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2013-12-09 03:17:28 395776 ----a-w- C:\Windows\System32\webio.dll
2013-12-09 03:16:59 33792 ----a-w- C:\Windows\System32\profprov.dll
2013-12-09 03:14:56 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2013-12-09 03:14:56 31232 ----a-w- C:\Windows\System32\prevhost.exe
2013-12-09 03:14:50 95744 ----a-w- C:\Windows\System32\synceng.dll
2013-12-09 03:14:50 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2013-12-09 03:14:49 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-12-09 03:14:44 478208 ----a-w- C:\Windows\System32\dpnet.dll
2013-12-09 03:14:44 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2013-12-09 03:14:44 3072 ----a-w- C:\Windows\System32\dpnaddr.dll
2013-12-09 03:14:44 2560 ----a-w- C:\Windows\SysWow64\dpnaddr.dll
2013-12-09 02:58:36 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{54DBED2A-B3A6-41C3-A537-ACEAF9E5E37D}\mpengine.dll
2013-12-09 02:58:35 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-09 02:53:07 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-12-09 02:53:07 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-12-09 02:53:07 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-12-09 02:39:47 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-12-09 02:39:47 63336 ----a-w- C:\Windows\System32\nvshext.dll
2013-12-09 02:39:47 6200680 ----a-w- C:\Windows\System32\nvcpl.dll
2013-12-09 02:39:47 3536817 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-12-09 02:39:47 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-12-09 02:39:47 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-12-09 02:39:47 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2013-12-09 02:39:25 60776 ----a-w- C:\Windows\System32\OpenCL.dll
2013-12-09 02:39:25 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-12-09 02:39:19 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-12-09 02:39:16 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-12-09 02:30:14 -------- d-----w- C:\ProgramData\Norton
2013-12-09 02:30:09 -------- d-----w- C:\ProgramData\NortonInstaller
2013-12-09 02:30:08 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-12-09 02:30:04 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-12-09 02:29:59 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-12-09 02:29:59 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-12-09 02:29:37 15168 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2013-12-09 02:28:19 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2013-12-09 02:28:14 62784 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2013-12-09 02:27:23 805088 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2013-12-09 02:27:22 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2013-12-09 02:27:22 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-12-09 02:23:28 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2013-12-09 02:23:20 -------- d-----w- C:\Intel
2013-12-09 02:21:12 -------- d-----w- C:\Windows\AsusInstAll
2013-12-09 02:21:06 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2013-12-09 02:20:52 -------- d-sh--w- C:\Windows\Installer
2013-12-09 02:20:38 -------- d-----w- C:\Users\Skroder\AppData\Local\Google
2013-12-09 02:15:17 -------- d-----w- C:\Users\Skroder\AppData\Local\Diagnostics
2013-12-09 02:00:22 -------- d-----w- C:\Windows\Panther
2013-12-09 01:43:25 -------- d-----w- C:\Windows.old
2013-12-08 01:47:33 -------- d-----w- C:\Recovery
.
==================== Find3M ====================
.
2013-12-11 04:19:53 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-09 08:42:39 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2013-12-09 08:42:38 175616 ----a-w- C:\Windows\System32\msclmd.dll
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-27 17:53:06 248240 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-09-27 17:53:06 134944 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
.
============= FINISH: 22:17:00.44 ===============


on2.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12/8/2013 6:12:23 PM
System Uptime: 12/24/2013 9:56:55 PM (1 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | H61M-E
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz | LGA1155 | 2080/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 195 GiB total, 155.125 GiB free.
D: is FIXED (NTFS) - 270 GiB total, 264.087 GiB free.
E: is CDROM (UDF)
F: is FIXED (NTFS) - 0 GiB total, 0.031 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
µTorrent
Adobe Photoshop Lightroom 5.2 64-bit
avast! Free Antivirus
BlackBerry Desktop Software 7.1
CCleaner
DAEMON Tools Lite
Google Chrome
Google Update Helper
Intel(R) Management Engine Components
Intel® Trusted Connect Service Client
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5.1
Microsoft Office 365 Home Premium - en-us
Microsoft Security Client
Microsoft Security Essentials
Microsoft SkyDrive
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
NVIDIA 3D Vision Controller Driver 306.97
NVIDIA 3D Vision Driver 306.97
NVIDIA Control Panel 306.97
NVIDIA Graphics Driver 306.97
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0604
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.10.8
NVIDIA Update Components
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Torchlight 2
WinRAR 5.01 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
12/24/2013 9:57:58 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
12/24/2013 9:57:58 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/24/2013 9:57:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/24/2013 9:57:38 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
12/24/2013 9:57:38 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
12/24/2013 10:07:41 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
12/24/2013 10:07:20 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
.
==== End Of File ===========================
skroder
Active Member
 
Posts: 1
Joined: December 24th, 2013, 10:17 am
Advertisement
Register to Remove

Re: SLUGGISH PC

Unread postby deltalima » December 24th, 2013, 5:16 pm

checking your post - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: SLUGGISH PC

Unread postby deltalima » December 24th, 2013, 5:29 pm

Hi skroder,

Welcome to the forum.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please do not run any scans or make any changes to the system unless I ask you too.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Windows 7, 8 and Vista users
The programs I ask you to run need to be run in Administrator Mode by... Right clicking the program file and selecting: Run as Administrator.
Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
When prompted, please select: Allow. Reference: User Account Control (UAC) and Running as Administrator

Remove P2P Programs

  • I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

    µTorrent


  • Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
  • Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

  • Click on start
  • Then Run
  • In the open text entry box please copy/paste appwiz.cpl Then click enter.
  • Press the "Remove" or "Change/Remove"...button to uninstall the programs listed above (in red) and any other P2P you have installed NOW.
  • Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.


CKScanner

  • Please download CKScanner from here to your Desktop.
  • Make sure that CKScanner.exe is on the your Desktop before running the application!
  • Double-click on CKScanner.exe and click Search For Files (Right click and choose "Run as administrator" in Vista/Win7).
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved
  • Double-click on the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Next

  • Please download this tool from Microsoft.
  • Double click on MGADiag.exe to run it (Right click and choose "Run as administrator" in Vista/Win7).
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.


Please let me know if the computer is used for business in any way.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: SLUGGISH PC

Unread postby deltalima » December 27th, 2013, 4:11 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 307 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware