Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Suspicion of Bot Infection

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Suspicion of Bot Infection

Unread postby Davvy123 » February 12th, 2015, 4:12 pm

Hello, a couple months ago I started noticing that a game I frequently played (World of Warcraft) would crash occasionally, either by just freezing, or dumping me to the desktop, or sometimes hanging up the whole PC and requiring me to do a hard reset. I've played this game for many years and my computer has not had these problems at all until then. Then I started seeing Google Chrome sometimes being very slow loading pages, or crashing unexpectedly also. Then VLC video player would do the same things - freeze or crash suddenly. Next, I received email from my internet provider, Comcast, telling me that they have detected a bot on one of my computers. Since the my PC is the only one out of 3 we use in the family that has shown these symptoms, I believe that it is the one that is infected. In the last few days, on several occasions Windows went into a disk check mode on boot up, I've had several crashes to blue screen while doing work with Word, Excel, or again playing WoW, and I've also experienced more and more frequent freezes while using Google Chrome. So I've come here for help, read your introductory post, downloaded DDS.scr, run it, and now I am posting the resulting logs below. I hope you can help me eradicate this infection. Thank you very much for your kind assistance.

DDS.TXT:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17631 BrowserJavaVersion: 10.11.2
Run by usa at 10:54:03 on 2015-02-12
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8169.5430 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe
C:\Windows\ehome\ehRecvr.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files\Cyberlink\Shared files\RichVideo64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Windows\SysWOW64\WebUpdateSvc4.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Silicondust\HDHomeRun\hdhomerun_service.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\WUDFHost.exe
C:\PROGRA~2\Intuit\QUICKB~1.0\QBDBMgrN.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\usa\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\Users\usa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\usa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\usa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\usa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\SplashData\SplashID Safe\SplashID Safe.exe
C:\Users\usa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\usa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\usa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
C:\Program Files (x86)\Orbitdownloader\orbitnet.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = local
BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
uRun: [Google Update] "C:\Users\usa\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/f ... wflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{05E4C2F8-5150-4988-8FAB-270A84A217E0} : DHCPNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: intu-help-qb8 - {CD17C364-2EC8-4929-91A9-C4839A20E909} - C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 15.0\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: intu-help-qb8 - {CD17C364-2EC8-4929-91A9-C4839A20E909} - <orphaned>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\usa\AppData\Roaming\Mozilla\Firefox\Profiles\3f8uirlt.default-1387659716295\
FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\GPAC\nposmozilla.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Winamp Detect\npwachk.dll
FF - plugin: C:\Users\usa\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
.
============= SERVICES / DRIVERS ===============
.
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2014-8-14 116000]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-11-15 274696]
R0 tib;Acronis TIB Manager;C:\Windows\System32\drivers\tib.sys [2014-8-14 1120032]
R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2014-8-14 198432]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2014-8-14 161568]
R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2014-8-14 117024]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2012/05/13 18:57:44];C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [2009-5-7 146928]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-8-14 3873784]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]
R2 DokanCEDriver;DokanCEDriver;C:\Program Files (x86)\PogoplugBackup\dokance.sys [2014-7-17 72416]
R2 DokanCEMounter;DokanCEMounter;C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe [2014-7-17 115936]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-9-20 1148560]
R2 HDHomeRun Service;HDHomeRun Service;C:\Program Files\Silicondust\HDHomeRun\hdhomerun_service.exe [2014-11-24 27184]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2014-9-18 14624]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2012-9-24 231752]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 124560]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-9 1701520]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-9 19823248]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2014-11-7 1248256]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\Cyberlink\Shared files\RichVideo64.exe [2013-6-13 390672]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2012-5-4 996256]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-12-30 410768]
R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2014-2-4 7142320]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-8-14 4799760]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-17 450848]
R2 WebUpdate4;Web Update Wizard Service V4;C:\Windows\SysWOW64\WebUpdateSvc4.exe [2008-9-15 262360]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2014-8-14 367200]
R3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2014-4-3 33872]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2010-12-8 122856]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2010-12-8 369640]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-10-27 38248]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-10-27 279152]
R3 cbfs3;EldoS Callback File System driver v3;C:\Windows\System32\drivers\cbfs3.sys [2012-8-19 352144]
R3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-1-17 25632]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-17 351136]
R3 LVUVC64;Logitech HD Webcam C510(UVC);C:\Windows\System32\drivers\LVUVC64.sys [2011-8-19 4865568]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-1-30 366512]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-27 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-12-30 38032]
R3 QuickBooksDB25;QuickBooksDB25;C:\PROGRA~2\Intuit\QUICKB~1.0\QBDBMgrN.exe -hvQuickBooksDB25 --> C:\PROGRA~2\Intuit\QUICKB~1.0\QBDBMgrN.exe -hvQuickBooksDB25 [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-8-27 441176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2010-10-27 55336]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2014-4-29 17480]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2014-4-29 9800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-2-11 114688]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-14 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-27 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-6-14 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-17 1255736]
.
=============== Created Last 30 ================
.
2015-02-11 20:44:56 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1B2C5757-209E-4447-B3DE-471913BA914D}\gapaengine.dll
2015-02-11 20:44:44 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{896A72CC-00A9-460C-A94E-E6D15ECAB090}\mpengine.dll
2015-02-11 14:47:57 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2015-02-11 14:47:57 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2015-02-11 14:47:31 5554112 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-02-11 14:47:30 3972544 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-02-11 14:47:30 3917760 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-02-11 14:47:29 503808 ----a-w- C:\Windows\System32\srcore.dll
2015-02-11 14:47:29 50176 ----a-w- C:\Windows\System32\srclient.dll
2015-02-11 14:47:29 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2015-02-11 14:47:29 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-02-11 14:47:21 406528 ----a-w- C:\Windows\System32\scesrv.dll
2015-02-11 14:47:21 308224 ----a-w- C:\Windows\SysWow64\scesrv.dll
2015-02-11 14:47:20 3201536 ----a-w- C:\Windows\System32\win32k.sys
2015-02-10 16:00:03 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-01-24 20:28:46 -------- d-----w- C:\Windows\Intuit
2015-01-24 20:28:00 4218880 ----a-w- C:\Windows\SysWow64\cdintf400.dll
2015-01-24 20:26:46 -------- d-----w- C:\Users\usa\AppData\Local\Intuit
2015-01-24 20:26:43 -------- d-----w- C:\MOVIES - AVIs
2015-01-24 20:25:45 -------- d-----w- C:\ProgramData\SQL Anywhere 11
2015-01-24 20:21:32 -------- d-----w- C:\Program Files (x86)\Common Files\Nuance
2015-01-24 20:21:22 -------- d-----w- C:\ProgramData\Nuance
2015-01-24 20:19:21 -------- d-----w- C:\Program Files (x86)\Intuit
2015-01-13 20:24:05 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2015-01-13 20:24:04 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2015-01-13 20:24:04 303616 ----a-w- C:\Windows\System32\nlasvc.dll
2015-01-13 20:24:04 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2015-01-13 20:24:02 210432 ----a-w- C:\Windows\System32\profsvc.dll
2015-01-13 20:24:00 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
.
==================== Find3M ====================
.
2015-02-09 02:09:19 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-02-05 07:24:10 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-05 07:24:10 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-01-15 08:14:17 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-01-15 08:14:16 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-01-15 08:09:58 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2015-01-15 08:09:58 136192 ----a-w- C:\Windows\System32\sspicli.dll
2015-01-15 08:09:57 28160 ----a-w- C:\Windows\System32\secur32.dll
2015-01-15 08:09:51 1461760 ----a-w- C:\Windows\System32\lsasrv.dll
2015-01-15 08:09:15 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-01-15 08:08:59 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-01-15 08:06:22 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-01-15 08:06:11 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-01-15 08:04:23 686080 ----a-w- C:\Windows\System32\adtschema.dll
2015-01-15 07:42:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-01-15 07:42:05 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-01-15 07:41:53 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-01-15 07:39:53 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-01-15 07:39:36 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-01-15 07:37:55 686080 ----a-w- C:\Windows\SysWow64\adtschema.dll
2015-01-15 04:22:18 458824 ----a-w- C:\Windows\System32\drivers\cng.sys
2015-01-13 03:10:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2015-01-13 02:49:19 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2015-01-12 03:05:32 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-01-12 03:05:19 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-01-12 02:49:42 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-01-12 02:48:57 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-01-12 02:48:52 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-01-12 02:47:25 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-01-12 02:34:42 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-01-12 02:34:30 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-01-12 02:33:52 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-01-12 02:32:57 6041088 ----a-w- C:\Windows\System32\jscript9.dll
2015-01-12 02:25:28 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-01-12 02:21:19 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-01-12 02:13:27 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-01-12 02:08:09 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-01-12 02:07:51 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-01-12 02:07:06 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-01-12 02:05:36 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-01-12 01:55:47 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-01-12 01:55:00 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-01-12 01:46:29 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-01-12 01:46:00 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-01-12 01:40:43 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-01-12 01:29:46 4300800 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-01-12 01:27:32 2358272 ----a-w- C:\Windows\System32\wininet.dll
2015-01-12 01:23:09 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-01-12 01:22:17 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-01-12 01:00:17 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-01-10 06:48:22 210944 ----a-w- C:\Windows\System32\wdigest.dll
2015-01-10 06:48:19 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2015-01-10 06:48:17 341504 ----a-w- C:\Windows\System32\schannel.dll
2015-01-10 06:48:13 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2015-01-10 06:48:12 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2015-01-10 06:48:10 728064 ----a-w- C:\Windows\System32\kerberos.dll
2015-01-10 06:48:05 22016 ----a-w- C:\Windows\System32\credssp.dll
2015-01-10 06:27:54 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2015-01-10 06:27:51 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2015-01-10 06:27:47 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-01-10 06:27:44 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-01-10 06:27:43 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2015-01-10 06:27:39 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2015-01-10 06:27:32 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-12-31 11:14:31 298120 ------w- C:\Windows\System32\MpSigStub.exe
2014-12-13 08:03:15 6859408 ----a-w- C:\Windows\System32\nvcpl.dll
2014-12-13 08:03:15 3513488 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-12-13 08:03:13 935240 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-12-13 08:03:13 62608 ----a-w- C:\Windows\System32\nvshext.dll
2014-12-13 08:03:13 386368 ----a-w- C:\Windows\System32\nvmctray.dll
2014-12-13 08:03:13 2558608 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-12-13 00:47:38 620176 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-12-13 00:12:24 2210040 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-12-13 00:12:24 1291464 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-12-13 00:12:12 2824504 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-12-13 00:12:12 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-12-12 23:11:01 4151176 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-12-12 05:31:39 1480192 ----a-w- C:\Windows\System32\crypt32.dll
2014-12-12 05:07:26 1174528 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-11-22 10:46:30 38032 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-11-22 10:46:30 35472 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-11-22 10:46:30 32400 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-11-21 14:14:22 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-21 14:14:12 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 14:14:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-18 22:56:48 1202848 ----a-w- C:\Windows\SysWow64\FM20.DLL
2014-11-15 22:46:08 274696 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2014-11-15 22:46:08 124560 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2013-02-17 03:27:32 2174976 ----a-w- C:\Program Files (x86)\Common Files\atimpenc.dll
.
============= FINISH: 11:39:03.46 ===============

ATTACH.TXT

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/16/2011 11:13:18 AM
System Uptime: 2/12/2015 10:27:50 AM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P8P67 REV 3.1
Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz | LGA1155 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 241.688 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 95 GiB total, 26.328 GiB free.
F: is CDROM ()
G: is CDROM ()
H: is CDROM ()
I: is CDROM ()
J: is FIXED (NTFS) - 931 GiB total, 195.054 GiB free.
L: is FIXED (NTFS) - 95 GiB total, 28.543 GiB free.
M: is FIXED (NTFS) - 932 GiB total, 549.333 GiB free.
N: is FIXED (NTFS) - 932 GiB total, 42.058 GiB free.
O: is CDROM (UDF)
Y: is FIXED (NTFS) - 932 GiB total, 63.021 GiB free.
Z: is FIXED (NTFS) - 932 GiB total, 36.149 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP554: 2/4/2015 6:59:44 PM - Removed Adobe Acrobat XI Pro.
RP555: 2/4/2015 7:52:10 PM - Installed Adobe Acrobat XI Pro.
RP556: 2/5/2015 8:59:54 AM - Windows Update
RP557: 2/8/2015 6:10:52 PM - Installed TurboTax 2014 wrapper
RP558: 2/8/2015 6:16:37 PM - Installed TurboTax 2014 wcaiper
RP559: 2/9/2015 1:28:47 AM - Windows Update
RP560: 2/11/2015 8:59:24 AM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
2.1.0
7-Zip 9.20 (x64 edition)
Acronis True Image 2014
Adobe Acrobat XI Pro
Adobe AIR
Adobe Flash Player 16 ActiveX
Adobe Flash Player 16 NPAPI
Adobe Photoshop CS6
Adobe Reader XI (11.0.10)
Age of Empires III
Amazon Kindle
Android SDK Tools
Angry Birds
Angry Birds Rio
Angry Birds Seasons
Angry Birds Space
ANT Drivers Installer x64
Any Video Converter 2.5.9
Any Video Converter Ultimate 5.5.7
AnyDVD
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Asmedia ASM104x USB 3.0 Host Controller Driver
Aspell English Dictionary-0.50-2
aTube Catcher
aTube Catcher version 3.8
Audacity 2.0.2
AutoHotkey 1.1.05.06
Battle.net
Bigasoft WTV Converter 3.6.20.4501
Bluetooth Win7 Suite (64)
Bonjour
calibre
CameraHelperMsi
CCleaner
CDisplayEx 1.9.7
CloneCD
CloneDVD2
CoffeeCup HTML Editor
ComicRack v0.9.175
CopyTrans Control Center Uninstall Only
Corel DVD MovieFactory 7
Corel DVD MovieFactory 7 TBYB
Curse Client
CyberLink PowerDirector 11
CyberLink PowerDirector 11 Content Pack Essential
CyberLink PowerDirector 11 Content Pack Premium
CyberLink PowerDVD 9
Diablo III
Digital Cable Advisor
DiskAid 5.47
DiskAid 6.5.2.0
DivX Setup
DMG Extractor
DriverTuner 3.1.0.1
Dropbox
EaseUS Partition Master 10.0
Elevated Installer
erLT
ESET Online Scanner v3
EZ Vinyl/Tape Converter 10 by Ion Audio
EZ Vinyl/Tape Converter 7.4 by MixMeister
Fallout 3
File Splitter and Joiner (FFSJ v3.3)
FileZilla Client 3.10.0.1
foobar2000 v1.2.9
Garmin City Navigator North America NT 2015.20
Garmin Communicator Plugin
Garmin Communicator Plugin x64
Garmin Express
Garmin Express Tray
GNU Aspell 0.50-3
Google Chrome
Google Earth
Google Update Helper
Grand Theft Auto IV
Guild Wars 2
Half-Life 2
HDHomeRun
HiJackThis
iExplorer 3.0.1.6
ImgBurn
Intel(R) Management Engine Components
Internet TV for Windows Media Center
iPodifier
IrfanView (remove only)
iTunes
IZArc 4.1.6
Java 7 Update 11
Java Auto Updater
Java(TM) 6 Update 29
JavaFX 2.1.1
JDownloader 0.9
Jubler subtitle editor
LAME v3.99.3 (for Windows)
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Magic ISO Maker v5.5 (build 0265)
MagicDisc 2.7.106
MakeMKV v1.7.4
Malwarebytes Anti-Malware version 2.0.4.1028
Microsoft .NET Framework 4.5.1
Microsoft Age of Empires
Microsoft ASP.NET MVC 4 Runtime
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MKVToolNix 6.7.0 (32bit) [20140110-574]
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
Mp3tag v2.66
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MTX
My MP4Box GUI 0.6.0.6
Need for Speed Most Wanted
Netflix in Windows Media Center
NETGEAR Genie
Newblue Art Effects for PowerDirector
NVIDIA 3D Vision Controller Driver 347.09
NVIDIA 3D Vision Driver 347.09
NVIDIA Control Panel 347.09
NVIDIA GeForce Experience 2.1.5
NVIDIA GeForce Experience Service
NVIDIA Graphics Driver 347.09
NVIDIA HD Audio Driver 1.3.33.0
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.14.0702
NVIDIA ShadowPlay 16.18.9
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 16.18.9
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.27
Oblivion
Oblivion - Horse Armor Pack
Oblivion - Knights of the Nine
Oblivion - Mehrunes Razor
Oblivion - Orrery
Oblivion - Spell Tomes
Oblivion - The Fighter's Stronghold
Oblivion - Thieves Den
Oblivion - Vile Lair
Oblivion - Wizard's Tower
Oblivion mod manager 1.1.12
Orbit Downloader
Osmo4/GPAC (remove only)
PDF Image Extraction Wizard 5.01
PDF Settings CS6
PDFCreator
Photo To Sketch 3.1
PlayReady PC Runtime amd64
PowerDirector
qBittorrent 3.0.9
QuickBooks
QuickBooks Enterprise Solutions: Accountant Edition 15.0
QuickBooks Runtime Redistributable
QuickShare
QuickTime 7
Realtek Ethernet Controller Driver
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956097) 32-Bit Edition
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956098) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2920788) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2956099) 32-Bit Edition
SHIELD Streaming
SHIELD Wireless Controller Driver
Sid Meier's Civilization 5
Sigil 0.8.1
Skype™ 6.11
SmartSound Quicktracks 5
SMPlayer 0.6.8
Software Update Wizard (Redistributable) 4.5
SpeedyPC Pro
SplashID Safe 6.2
SplashShopper Desktop 3.1.0
SpyHunter
SpywareBlaster 5.0
Star Wars: The Old Republic
Steam
Subtitle Workshop 2.51
TeamViewer 9
The Elder Scrolls V: Skyrim
The Weather Channel App
ToDo Sync Helper
Todoist
TotalAudioConverter
TouchCopy 11
TurboTax 2011
TurboTax 2011 wcaiper
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax 2012
TurboTax 2012 wcaiper
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wrapper
TurboTax 2013
TurboTax 2013 wcaiper
TurboTax 2013 WinPerFedFormset
TurboTax 2013 WinPerReleaseEngine
TurboTax 2013 WinPerTaxSupport
TurboTax 2013 wrapper
TurboTax 2014
TurboTax 2014 wcaiper
TurboTax 2014 WinPerFedFormset
TurboTax 2014 WinPerReleaseEngine
TurboTax 2014 WinPerTaxSupport
TurboTax 2014 wrapper
Tweaking.com - Windows Repair (All in One)
Universal Adb Driver
Unofficial Oblivion Patch v3.2.0
Unofficial Official Mods Patch v15
Unofficial Shivering Isles Patch v1.4.0
Unreal II
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2956096) 32-Bit Edition
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC12X64Redist
VC12X86Redist
VC80CRTRedist - 8.0.50727.6195
VideoReDo TVSuite Version 4.20.7.638
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
VLC media player 2.0.6
WD Extreme Lighted Combo Win98 USB Driver
Win7codecs
Winamp
Winamp Detector Plug-in
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
Windows Media Center Add-in for Flash
Windows Media Encoder 9 Series
WinRAR archiver
x64 Components v4.1.2
Xilisoft Audio Converter Pro
Xilisoft DVD Copy 2
Xilisoft DVD Creator
Xilisoft DVD Ripper Ultimate
Xilisoft Video Converter Ultimate
.
==== Event Viewer Messages From Past Week ========
.
2/8/2015 6:24:05 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
2/8/2015 6:13:36 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
2/7/2015 10:23:59 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer GLADOS that believes that it is the master browser for the domain on

transport NetBT_Tcpip_{05E4C2F8-5150-4988-8FAB-270A84A217E0}. The master browser is stopping or an election is being forced.
2/5/2015 3:21:17 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR8.
2/5/2015 3:21:09 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
2/12/2015 10:28:21 AM, Error: Service Control Manager [7003] - The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.
2/12/2015 10:28:21 AM, Error: Service Control Manager [7003] - The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed.
2/12/2015 10:28:21 AM, Error: Service Control Manager [7001] - The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the

following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
2/12/2015 10:28:20 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
2/12/2015 10:28:20 AM, Error: Service Control Manager [7000] - The Garmin Core Update Service service failed to start due to the following error: The service did not respond to the start

or control request in a timely fashion.
2/11/2015 12:43:26 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureCommand with the following error: Access is denied.
2/11/2015 12:43:24 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
2/10/2015 8:53:10 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
.
==== End Of File ===========================
Davvy123
Active Member
 
Posts: 2
Joined: February 12th, 2015, 2:47 pm
Advertisement
Register to Remove

Re: Suspicion of Bot Infection

Unread postby Gary R » February 13th, 2015, 2:38 am

There's no obvious signs of infection in the logs you have supplied, however there are clear indications of disk instability, and the symptoms you are describing are also much more symptomatic of disk problems than they are of a malware infection.

==== Event Viewer Messages From Past Week ========
.
2/8/2015 6:24:05 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
2/8/2015 6:13:36 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.


If you haven't already run chkdsk, then I strongly suggest that you do.

To do so ...

Click Start ...
In the Search programs and files box type CMD
Right click on cmd.exe (which will be near the top of the list of items found) and select Run as Administrator
A command window will open, type chkdsk /r at the prompt, then hit enter
You will get a message saying that the computer can't do a check now, and asking if you want to schedule one, click Y and exit out of the command window.
Restart your computer to initiate the check.

Windows will now check your disk for errors, and attempt to fix any that it finds. This can take quite a while so be patient.

When it has finished, please let me know if it has improved your computer's performance.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Suspicion of Bot Infection

Unread postby Davvy123 » February 13th, 2015, 3:29 pm

Hello Gary, thank you very much for having picked up my case.

I ran chkdsk last night, it took quite a long time, I went to bed, woke up this morning and saw that Windows had rebooted, so the chkdsk must have completed properly.

I have started using the computer, but will not be able to spend a lot of time with it today. I will do it this evening when I get home from work. I will then take it through its paces and let you know how it performs.

Thank you again very much for your help!

David
Davvy123
Active Member
 
Posts: 2
Joined: February 12th, 2015, 2:47 pm

Re: Suspicion of Bot Infection

Unread postby Gary R » February 13th, 2015, 6:42 pm

You're welcome David.

I look forward to hearing how your computer performs now.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Suspicion of Bot Infection

Unread postby Gary R » February 17th, 2015, 2:06 am

Due to lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 304 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware