Usually my start up time for the PC takes less than 15 seconds, now it's taking too long, even switching tabs in Chrome. My brother is downloading series through uTorrent, so basically I know where the culprit lies. I will uninstall uTorrent when you instruct me to, since the malware is still on the PC.
I appreciate your help, team. Here are the logs.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428
Run by Skroder at 22:16:21 on 2013-12-24
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.63.1033.18.4044.2210 [GMT -8:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mDefault_Page_URL = hxxp://www.google.com
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{FDE17F4C-22ED-4AB8-BAB0-683FD1C3905A} : DHCPNameServer = 192.168.254.254
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-12-23 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-12-23 207904]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-12-23 1034464]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-12-23 422216]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-12-8 283064]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-12-23 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-23 50344]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-12-8 166720]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-19 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-19 701512]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-12-8 1907896]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-12-8 365376]
R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2013-12-23 79672]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-19 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-12-8 805088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 Blackberry Device Manager;Blackberry Device Manager;C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2013-1-18 577536]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-15 111616]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-8 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-12-8 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-12-8 1255736]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
.
=============== Created Last 30 ================
.
2013-12-25 06:09:27 -------- d-sh--w- C:\$RECYCLE.BIN
2013-12-25 06:02:33 98816 ----a-w- C:\Windows\sed.exe
2013-12-25 06:02:33 256000 ----a-w- C:\Windows\PEV.exe
2013-12-25 06:02:33 208896 ----a-w- C:\Windows\MBR.exe
2013-12-25 06:00:00 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DB8A1415-614E-43DD-B266-FB8C6287D39F}\offreg.dll
2013-12-25 02:54:07 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DB8A1415-614E-43DD-B266-FB8C6287D39F}\mpengine.dll
2013-12-23 10:39:51 -------- d-----w- C:\Users\Skroder\AppData\Roaming\AVAST Software
2013-12-23 10:39:32 79672 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2013-12-23 10:39:32 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-12-23 10:39:32 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-12-23 10:39:32 1034464 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-12-23 10:39:31 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-12-23 10:39:30 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-12-23 10:39:26 43152 ----a-w- C:\Windows\avastSS.scr
2013-12-23 10:39:03 -------- d-----w- C:\Program Files\AVAST Software
2013-12-23 10:38:23 -------- d-----w- C:\ProgramData\AVAST Software
2013-12-23 10:19:00 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-23 10:11:59 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys.bak
2013-12-23 10:05:12 -------- d-----w- C:\Windows\ERUNT
2013-12-23 09:57:24 -------- d-----w- C:\AdwCleaner
2013-12-23 09:01:15 -------- d-----w- C:\Users\Skroder\AppData\Roaming\NVIDIA
2013-12-22 22:28:29 -------- d-----w- C:\Users\Skroder\AppData\Local\CrashDumps
2013-12-22 22:20:13 -------- d-----w- C:\Users\Skroder\AppData\Local\Downloaded Installations
2013-12-22 22:18:04 -------- d-----w- C:\Users\Skroder\AppData\Local\Research In Motion
2013-12-22 22:18:02 -------- d-----w- C:\Users\Skroder\AppData\Roaming\Research In Motion
2013-12-22 22:17:10 44544 ----a-w- C:\Windows\System32\drivers\RimSerial_AMD64.sys
2013-12-22 22:16:52 -------- d-----w- C:\ProgramData\Research In Motion
2013-12-22 22:16:32 -------- d-----w- C:\Program Files (x86)\Research In Motion
2013-12-22 22:16:32 -------- d-----w- C:\Program Files (x86)\Common Files\XCPCSync.OEM
2013-12-22 22:16:32 -------- d-----w- C:\Program Files (x86)\Common Files\Research In Motion
2013-12-21 06:22:37 -------- d-----w- C:\Program Files\CCleaner
2013-12-20 07:00:52 -------- d-----w- C:\Users\Skroder\AppData\Roaming\Malwarebytes
2013-12-20 07:00:48 -------- d-----w- C:\ProgramData\Malwarebytes
2013-12-20 07:00:47 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-12-20 07:00:47 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-20 07:00:30 -------- d-----w- C:\Users\Skroder\AppData\Local\Programs
2013-12-20 06:40:08 -------- d-----w- C:\Windows\Migration
2013-12-20 06:35:23 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-12-20 06:35:23 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-12-20 06:35:23 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-12-20 06:35:23 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-12-20 06:35:23 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-12-20 06:35:23 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-12-20 06:35:23 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-12-12 00:56:33 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-12 00:56:33 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-12 00:56:33 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2013-12-12 00:56:32 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2013-12-11 20:26:31 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-12-11 20:26:31 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-12-11 20:25:14 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-12-11 20:25:14 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-12-11 20:25:13 2871808 ----a-w- C:\Windows\explorer.exe
2013-12-11 20:25:13 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2013-12-11 20:25:12 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-12-11 20:15:10 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-12-11 20:15:10 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-12-11 20:11:29 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-12-11 20:11:29 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-12-11 20:11:21 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-12-11 20:11:21 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-12-11 20:10:53 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2013-12-11 20:10:53 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2013-12-11 20:08:14 202752 ----a-w- C:\Windows\System32\scrrun.dll
2013-12-11 20:08:14 168960 ----a-w- C:\Windows\System32\wscript.exe
2013-12-11 20:08:14 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-12-11 20:08:14 156160 ----a-w- C:\Windows\System32\cscript.exe
2013-12-11 20:08:14 150016 ----a-w- C:\Windows\System32\wshom.ocx
2013-12-11 20:08:14 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2013-12-11 20:08:14 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-12-11 20:08:14 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2013-12-11 20:08:05 67072 ----a-w- C:\Windows\splwow64.exe
2013-12-11 20:08:05 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2013-12-10 06:34:08 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-12-10 06:34:08 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2013-12-10 06:33:56 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2013-12-10 06:33:56 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2013-12-10 06:33:56 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2013-12-10 06:33:56 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2013-12-10 06:33:43 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-12-10 06:33:43 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-12-10 06:30:31 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-12-10 06:30:31 111448 ----a-w- C:\Windows\System32\consent.exe
2013-12-10 06:30:06 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-12-10 06:30:06 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-12-10 06:30:03 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-12-10 06:30:03 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-12-10 06:30:02 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-12-10 06:30:02 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-12-10 06:30:02 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-12-10 06:30:02 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-12-10 06:27:57 368128 ----a-w- C:\Windows\System32\atmfd.dll
2013-12-10 06:26:29 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-12-10 06:26:29 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-12-10 06:26:00 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-12-10 06:24:07 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-12-10 06:24:07 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2013-12-10 06:24:06 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2013-12-10 06:24:06 259584 ----a-w- C:\Windows\System32\WebClnt.dll
2013-12-10 06:24:06 205824 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2013-12-10 06:24:06 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2013-12-10 06:24:06 102400 ----a-w- C:\Windows\System32\davclnt.dll
2013-12-10 06:23:57 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-12-10 06:23:57 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-12-10 06:23:56 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2013-12-10 06:22:01 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2013-12-10 06:22:01 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-12-10 06:22:01 1111552 ----a-w- C:\Windows\System32\rdpcorets.dll
2013-12-10 06:22:00 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-12-10 06:22:00 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-12-10 06:02:29 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-12-10 06:02:29 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-12-10 06:02:28 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-12-10 06:02:28 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-12-10 06:02:28 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-12-10 06:02:26 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-12-10 06:02:26 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-12-10 06:02:08 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-12-10 06:02:08 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-12-10 06:02:08 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-12-10 06:02:07 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-12-10 06:02:07 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-12-10 06:00:11 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-12-10 06:00:11 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-12-10 06:00:03 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-12-10 06:00:03 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-12-10 06:00:02 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-12-10 06:00:02 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-12-10 05:59:31 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-12-10 05:59:31 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-12-10 05:59:31 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-12-10 05:56:05 -------- d-----w- C:\Users\Skroder\AppData\Local\Runic Games
2013-12-10 05:51:52 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-12-10 05:51:52 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-12-10 05:51:52 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-12-10 05:51:52 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-12-10 05:51:52 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-12-10 05:45:01 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-12-09 08:16:13 -------- d-----w- C:\Windows\System32\SPReview
2013-12-09 08:15:54 -------- d-----w- C:\Windows\System32\EventProviders
2013-12-09 07:12:45 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2013-12-09 07:12:41 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2013-12-09 07:09:52 -------- d-----w- C:\Users\Skroder\AppData\Roaming\DAEMON Tools Lite
2013-12-09 07:09:15 -------- d-----w- C:\Users\Skroder\AppData\Roaming\BitTorrent Sync
2013-12-09 07:09:06 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2013-12-09 07:07:59 -------- d-----w- C:\Users\Skroder\AppData\Roaming\uTorrent
2013-12-09 06:51:04 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2013-12-09 06:51:04 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2013-12-09 06:51:00 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2013-12-09 06:49:59 957440 ----a-w- C:\Windows\System32\mblctr.exe
2013-12-09 06:47:44 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2013-12-09 06:47:44 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2013-12-09 06:47:38 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2013-12-09 06:12:44 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive
2013-12-09 06:12:44 -------- d-----r- C:\Users\Skroder\SkyDrive
2013-12-09 06:12:38 -------- d-----w- C:\ProgramData\Microsoft SkyDrive
2013-12-09 05:45:50 2565632 ----a-w- C:\Windows\System32\esent.dll
2013-12-09 05:45:50 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2013-12-09 05:45:50 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2013-12-09 05:45:50 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2013-12-09 05:45:50 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2013-12-09 05:45:49 96768 ----a-w- C:\Windows\System32\fsutil.exe
2013-12-09 05:45:49 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2013-12-09 05:45:49 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2013-12-09 05:45:49 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2013-12-09 05:45:49 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2013-12-09 05:38:18 566480 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-12-09 05:24:34 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2013-12-09 05:15:26 -------- d-----w- C:\Users\Skroder\AppData\Local\cache
2013-12-09 05:14:41 -------- d-----w- C:\Windows\System32\appmgmt
2013-12-09 05:04:41 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04D8D91D-BCD5-4D3A-AB55-7CF735FF0F6E}\gapaengine.dll
2013-12-09 05:03:43 -------- d-----w- C:\Program Files\Microsoft Office 15
2013-12-09 05:01:47 -------- d-----w- C:\Users\Skroder\AppData\Local\Adobe
2013-12-09 04:49:40 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2013-12-09 04:49:31 -------- d-----w- C:\Program Files\Microsoft Security Client
2013-12-09 04:47:08 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2013-12-09 04:28:12 -------- d-----w- C:\Windows\SysWow64\Wat
2013-12-09 04:28:12 -------- d-----w- C:\Windows\System32\Wat
2013-12-09 03:58:05 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-12-09 03:58:04 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-12-09 03:58:04 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-12-09 03:37:39 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-12-09 03:37:39 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-12-09 03:37:39 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-12-09 03:37:39 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-12-09 03:37:39 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-12-09 03:37:39 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-12-09 03:37:39 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-12-09 03:35:10 -------- d-----w- C:\Windows\System32\MRT
2013-12-09 03:32:49 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-12-09 03:32:49 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-12-09 03:32:49 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-12-09 03:26:54 2164224 ----a-w- C:\Program Files\Windows Journal\Journal.exe
2013-12-09 03:26:51 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2013-12-09 03:26:50 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2013-12-09 03:26:41 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2013-12-09 03:26:41 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2013-12-09 03:26:32 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-12-09 03:26:28 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2013-12-09 03:26:28 850944 ----a-w- C:\Windows\SysWow64\sbe.dll
2013-12-09 03:26:28 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2013-12-09 03:26:28 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2013-12-09 03:26:28 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2013-12-09 03:26:28 1118720 ----a-w- C:\Windows\System32\sbe.dll
2013-12-09 03:22:27 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2013-12-09 03:22:27 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2013-12-09 03:22:27 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2013-12-09 03:21:38 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2013-12-09 03:21:38 20992 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2013-12-09 03:21:38 162816 ----a-w- C:\Windows\System32\rdpudd.dll
2013-12-09 03:21:33 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-12-09 03:21:33 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-09 03:21:32 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2013-12-09 03:21:32 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-12-09 03:21:32 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-12-09 03:21:32 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-09 03:20:49 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-12-09 03:20:48 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-12-09 03:20:48 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-12-09 03:20:23 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2013-12-09 03:20:23 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2013-12-09 03:20:23 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2013-12-09 03:20:23 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2013-12-09 03:19:51 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2013-12-09 03:19:51 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2013-12-09 03:19:39 723456 ----a-w- C:\Windows\System32\EncDec.dll
2013-12-09 03:19:39 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2013-12-09 03:17:28 395776 ----a-w- C:\Windows\System32\webio.dll
2013-12-09 03:16:59 33792 ----a-w- C:\Windows\System32\profprov.dll
2013-12-09 03:14:56 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2013-12-09 03:14:56 31232 ----a-w- C:\Windows\System32\prevhost.exe
2013-12-09 03:14:50 95744 ----a-w- C:\Windows\System32\synceng.dll
2013-12-09 03:14:50 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2013-12-09 03:14:49 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-12-09 03:14:44 478208 ----a-w- C:\Windows\System32\dpnet.dll
2013-12-09 03:14:44 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2013-12-09 03:14:44 3072 ----a-w- C:\Windows\System32\dpnaddr.dll
2013-12-09 03:14:44 2560 ----a-w- C:\Windows\SysWow64\dpnaddr.dll
2013-12-09 02:58:36 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{54DBED2A-B3A6-41C3-A537-ACEAF9E5E37D}\mpengine.dll
2013-12-09 02:58:35 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-09 02:53:07 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-12-09 02:53:07 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-12-09 02:53:07 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-12-09 02:39:47 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-12-09 02:39:47 63336 ----a-w- C:\Windows\System32\nvshext.dll
2013-12-09 02:39:47 6200680 ----a-w- C:\Windows\System32\nvcpl.dll
2013-12-09 02:39:47 3536817 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-12-09 02:39:47 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-12-09 02:39:47 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-12-09 02:39:47 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2013-12-09 02:39:25 60776 ----a-w- C:\Windows\System32\OpenCL.dll
2013-12-09 02:39:25 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-12-09 02:39:19 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-12-09 02:39:16 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-12-09 02:30:14 -------- d-----w- C:\ProgramData\Norton
2013-12-09 02:30:09 -------- d-----w- C:\ProgramData\NortonInstaller
2013-12-09 02:30:08 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-12-09 02:30:04 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-12-09 02:29:59 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-12-09 02:29:59 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-12-09 02:29:37 15168 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2013-12-09 02:28:19 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2013-12-09 02:28:14 62784 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2013-12-09 02:27:23 805088 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2013-12-09 02:27:22 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2013-12-09 02:27:22 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-12-09 02:23:28 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2013-12-09 02:23:20 -------- d-----w- C:\Intel
2013-12-09 02:21:12 -------- d-----w- C:\Windows\AsusInstAll
2013-12-09 02:21:06 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2013-12-09 02:20:52 -------- d-sh--w- C:\Windows\Installer
2013-12-09 02:20:38 -------- d-----w- C:\Users\Skroder\AppData\Local\Google
2013-12-09 02:15:17 -------- d-----w- C:\Users\Skroder\AppData\Local\Diagnostics
2013-12-09 02:00:22 -------- d-----w- C:\Windows\Panther
2013-12-09 01:43:25 -------- d-----w- C:\Windows.old
2013-12-08 01:47:33 -------- d-----w- C:\Recovery
.
==================== Find3M ====================
.
2013-12-11 04:19:53 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-09 08:42:39 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2013-12-09 08:42:38 175616 ----a-w- C:\Windows\System32\msclmd.dll
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-27 17:53:06 248240 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-09-27 17:53:06 134944 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
.
============= FINISH: 22:17:00.44 ===============
on2.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12/8/2013 6:12:23 PM
System Uptime: 12/24/2013 9:56:55 PM (1 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | H61M-E
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz | LGA1155 | 2080/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 195 GiB total, 155.125 GiB free.
D: is FIXED (NTFS) - 270 GiB total, 264.087 GiB free.
E: is CDROM (UDF)
F: is FIXED (NTFS) - 0 GiB total, 0.031 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
µTorrent
Adobe Photoshop Lightroom 5.2 64-bit
avast! Free Antivirus
BlackBerry Desktop Software 7.1
CCleaner
DAEMON Tools Lite
Google Chrome
Google Update Helper
Intel(R) Management Engine Components
Intel® Trusted Connect Service Client
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5.1
Microsoft Office 365 Home Premium - en-us
Microsoft Security Client
Microsoft Security Essentials
Microsoft SkyDrive
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
NVIDIA 3D Vision Controller Driver 306.97
NVIDIA 3D Vision Driver 306.97
NVIDIA Control Panel 306.97
NVIDIA Graphics Driver 306.97
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0604
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.10.8
NVIDIA Update Components
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Torchlight 2
WinRAR 5.01 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
12/24/2013 9:57:58 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
12/24/2013 9:57:58 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/24/2013 9:57:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/24/2013 9:57:38 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
12/24/2013 9:57:38 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
12/24/2013 10:07:41 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
12/24/2013 10:07:20 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
.
==== End Of File ===========================