So on my first day of work I was instructed to install something by my boss, however in installed PC cleaner aswell because I was destracted while trying to install. (need a hands free kit)
here are the logs.
MBAM
-----------------------
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 09/07/2014
Scan Time: 11:16:32
Logfile: MBAM log detection.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.07.09.03
Rootkit Database: v2014.07.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Luke Fitton
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 350910
Time Elapsed: 45 min, 17 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-126465478-2479770431-1784574984-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [9224801ccdae3501ec97429abd45837d],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-126465478-2479770431-1784574984-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [595de4b8a4d77db98506658d51b2748c],
Registry Values: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-126465478-2479770431-1784574984-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0E1D1S1L2Y1C1O, Quarantined, [595de4b8a4d77db98506658d51b2748c]
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
-------------------------
DDS
-------------------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126
Run by Luke Fitton at 15:12:40 on 2014-07-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8133.6630 [GMT 1:00]
.
AV: ZoneAlarm Extreme Security Antivirus *Disabled/Updated* {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
SP: ZoneAlarm Extreme Security Anti-Spyware *Disabled/Updated* {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Extreme Security Firewall *Disabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\CheckPoint\AKL\AkSVC.exe
C:\Program Files (x86)\CheckPoint\AKL\AkSA.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Skype\Updater\Updater.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
C:\Program Files (x86)\CheckPoint\AntiTheft\Antitheft.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{69811E27-1133-44DD-B9F8-0A928A5D3582} : DHCPNameServer = 192.168.3.1
TCP: Interfaces\{E5414010-5DBE-4DEA-AD4E-AE82AECD1FC6} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F4B222B5-DF14-4703-8CAF-0BB117DBAB24} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [NUSB3MON] "C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
x64-Run: [ISW] "C:\Program Files (x86)\CheckPoint\AKL\AkSA.exe" /icon="hidden"
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Luke Fitton\AppData\Roaming\Mozilla\Firefox\Profiles\ahruq7t2.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.co.uk/
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-11-6 83176]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-11-6 43240]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-4-25 20464]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2014-7-9 29792]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2014-7-9 54104]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2014-7-9 177760]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-4-16 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-4-15 344064]
R2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2014-6-20 936728]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
R2 ISWKL;ZoneAlarm AntiKeylogger ISWKL;C:\Program Files (x86)\CheckPoint\AKL\ISWKL.sys [2014-5-14 54144]
R2 IswSvc;ZoneAlarm AntiKeylogger IswSvc;C:\Program Files (x86)\CheckPoint\AKL\AkSVC.exe [2014-5-14 1143928]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2014-5-29 90936]
R2 ZoneAlarm AntiTheft;ZoneAlarm AntiTheft;C:\Program Files (x86)\CheckPoint\AntiTheft\Antitheft.exe [2014-5-30 3128968]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2013-5-27 106816]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2013-5-27 227648]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-12-19 94720]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2014-6-25 58536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-6-20 169432]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-8-20 138568]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-8-20 416072]
S3 icsak;icsak;C:\Program Files (x86)\CheckPoint\AKL\AK\icsak.sys [2014-5-14 48512]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-20 111616]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-4-25 449496]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-4-25 368624]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-4-25 790000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-4-25 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-6-27 936664]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192Ce.sys [2011-2-23 1142376]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2014-4-25 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-25 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-4-25 29696]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-4-25 1255736]
.
=============== Created Last 30 ================
.
2014-07-09 10:22:16 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{340D9512-C2AE-4ABB-A05F-23E0CC0F00D3}\mpengine.dll
2014-07-09 09:00:26 -------- d-----w- C:\Users\Luke Fitton\AppData\Local\Skype
2014-07-09 09:00:17 -------- d-----r- C:\Program Files (x86)\Skype
2014-07-09 08:52:21 -------- d-----w- C:\Users\Luke Fitton\AppData\Local\paint.net
2014-07-09 08:52:21 -------- d-----w- C:\Program Files\paint.net
2014-07-09 08:32:18 646280 ----a-w- C:\Windows\System32\AntiTheftCredentialProvider.dll
2014-07-09 08:32:01 -------- d-----w- C:\Users\Luke Fitton\AppData\Roaming\CheckPoint
2014-07-09 08:31:49 -------- d-----w- C:\Program Files (x86)\PC Tune-Up
2014-07-09 08:31:45 54104 ----a-w- C:\Windows\System32\drivers\kltdi.sys
2014-07-09 08:31:45 29792 ----a-w- C:\Windows\System32\drivers\klim6.sys
2014-07-09 08:31:45 177760 ----a-w- C:\Windows\System32\drivers\kneps.sys
2014-07-09 08:31:44 7717984 ----a-w- C:\Windows\System32\drivers\kl1.sys
2014-07-09 08:31:43 92768 ----a-w- C:\Windows\System32\drivers\klflt.sys
2014-07-09 08:22:08 -------- d-----w- C:\Program Files (x86)\CheckPoint
2014-07-09 08:21:56 -------- d-----w- C:\ProgramData\CheckPoint
2014-06-27 11:54:23 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-27 11:54:14 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-27 11:54:14 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-06-27 11:54:14 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-06-27 11:54:14 -------- d-----w- C:\ProgramData\Malwarebytes
2014-06-27 11:54:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-27 11:53:59 -------- d-----w- C:\Users\Luke Fitton\AppData\Local\Programs
2014-06-27 10:55:24 936664 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2014-06-27 10:55:24 73800 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-06-27 10:22:20 -------- d-----w- C:\Users\Luke Fitton\AppData\Local\ElevatedDiagnostics
2014-06-25 17:01:12 -------- d-----w- C:\Users\Luke Fitton\AppData\Local\AMD
2014-06-25 17:01:05 -------- d-----w- C:\Users\Luke Fitton\AppData\Local\ATI
2014-06-25 17:00:57 0 ----a-w- C:\Windows\ativpsrm.bin
2014-06-25 17:00:04 -------- d-sh--w- C:\Users\Luke Fitton\AppData\Local\EmieUserList
2014-06-25 17:00:04 -------- d-sh--w- C:\Users\Luke Fitton\AppData\Local\EmieSiteList
2014-06-25 16:59:27 -------- d-----w- C:\Users\Luke Fitton\AppData\Roaming\library_dir
2014-06-25 16:51:47 -------- d-----w- C:\Program Files (x86)\Raptr
2014-06-25 16:51:38 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2014-06-25 16:51:38 -------- d-----w- C:\Program Files (x86)\AMD AVT
2014-06-25 16:51:22 -------- d-----w- C:\ProgramData\AMD
2014-06-25 16:51:11 -------- d-----w- C:\Program Files\AMD
2014-06-25 16:50:45 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2014-06-25 16:47:58 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2014-06-25 16:47:55 58536 ----a-w- C:\Windows\System32\drivers\usbfilter.sys
2014-06-25 16:47:13 -------- d-----w- C:\ProgramData\Package Cache
2014-06-25 16:47:06 -------- d-----w- C:\Program Files\ATI Technologies
2014-06-25 16:47:04 -------- d-----w- C:\Program Files\ATI
2014-06-25 16:46:30 -------- d-----w- C:\AMD
2014-06-20 13:46:13 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-20 13:46:13 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-20 13:41:43 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-06-20 13:40:59 57344 ----a-w- C:\Windows\System32\cngprovider.dll
2014-06-20 13:39:42 28672 ----a-w- C:\Windows\SysWow64\AsIO.dll
2014-06-20 13:39:42 15232 ----a-w- C:\Windows\SysWow64\drivers\AsIO.sys
2014-06-20 13:39:42 -------- d-----w- C:\Program Files\ASUS
2014-06-20 13:39:42 -------- d-----w- C:\Program Files (x86)\ASUS
2014-06-20 13:39:41 2356592 ----a-w- C:\Windows\System32\WudfUpdate_01011.dll
2014-06-20 13:39:41 107008 ----a-w- C:\Windows\System32\drivers\UMDF\ASMBSW.dll
2014-06-20 13:36:54 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2014-06-20 13:34:21 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2014-06-20 13:33:45 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll
2014-06-20 13:33:06 16344 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2014-06-20 13:32:29 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2014-06-20 13:31:55 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2014-06-20 13:31:49 -------- d-----w- C:\Intel
.
==================== Find3M ====================
.
2014-06-27 10:54:54 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-30 01:35:18 450968 ----a-w- C:\Windows\System32\drivers\vsdatant.sys
2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-16 02:39:52 274656 ----a-w- C:\Windows\System32\drivers\amdacpksd.sys
2014-04-16 02:37:30 15376384 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2014-04-16 02:23:38 231424 ----a-w- C:\Windows\System32\clinfo.exe
2014-04-16 02:23:28 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe
2014-04-16 02:23:28 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe
2014-04-16 02:23:26 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe
2014-04-16 02:23:26 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe
2014-04-16 02:23:24 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll
2014-04-16 02:23:18 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2014-04-16 02:23:12 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
2014-04-16 02:23:08 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2014-04-16 02:23:02 28685824 ----a-w- C:\Windows\System32\amdocl64.dll
2014-04-16 02:20:22 24107520 ----a-w- C:\Windows\SysWow64\amdocl.dll
2014-04-16 02:17:56 65024 ----a-w- C:\Windows\System32\OpenCL.dll
2014-04-16 02:17:52 58880 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-04-16 02:13:40 127488 ----a-w- C:\Windows\System32\mantle64.dll
2014-04-16 02:13:20 113664 ----a-w- C:\Windows\SysWow64\mantle32.dll
2014-04-16 02:13:00 5442048 ----a-w- C:\Windows\System32\amdmantle64.dll
2014-04-16 02:12:38 27907584 ----a-w- C:\Windows\System32\atio6axx.dll
2014-04-16 01:58:48 4358656 ----a-w- C:\Windows\SysWow64\amdmantle32.dll
2014-04-16 01:51:34 23409152 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2014-04-16 01:46:32 368128 ----a-w- C:\Windows\System32\atiapfxx.exe
2014-04-16 01:46:24 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2014-04-16 01:46:22 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2014-04-16 01:46:20 91136 ----a-w- C:\Windows\System32\mantleaxl64.dll
2014-04-16 01:46:16 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2014-04-16 01:46:14 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2014-04-16 01:46:08 85504 ----a-w- C:\Windows\SysWow64\mantleaxl32.dll
2014-04-16 01:46:00 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
2014-04-16 01:42:48 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2014-04-16 01:33:08 48128 ----a-w- C:\Windows\System32\amdmmcl6.dll
2014-04-16 01:33:04 37888 ----a-w- C:\Windows\SysWow64\amdmmcl.dll
2014-04-16 01:30:08 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2014-04-16 01:29:56 31232 ----a-w- C:\Windows\System32\atimuixx.dll
2014-04-16 01:29:48 586240 ----a-w- C:\Windows\System32\atieclxx.exe
2014-04-16 01:29:18 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2014-04-16 01:28:24 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2014-04-16 01:19:46 806912 ----a-w- C:\Windows\System32\coinst_14.100.dll
2014-04-16 01:09:00 1177600 ----a-w- C:\Windows\System32\atiadlxx.dll
2014-04-16 01:08:48 848896 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2014-04-16 01:07:48 75264 ----a-w- C:\Windows\System32\atig6pxx.dll
2014-04-16 01:07:42 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2014-04-16 01:07:42 69632 ----a-w- C:\Windows\System32\atiglpxx.dll
2014-04-16 01:07:34 146944 ----a-w- C:\Windows\System32\atig6txx.dll
2014-04-16 01:07:20 133632 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2014-04-16 01:07:04 638976 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2014-04-16 01:04:46 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2014-04-15 21:33:30 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll
2014-04-15 21:28:56 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 15:12:51.25 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 25/06/2014 17:43:52
System Uptime: 09/07/2014 15:11:36 (0 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | A88XM-A
Processor: AMD A4-4000 APU with Radeon(tm) HD Graphics | FM2+ | 3000/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 119 GiB total, 93.887 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 465.657 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_85541043&REV_0C\4&39937546&0&00AA
Manufacturer: Realtek
Name: Realtek PCIe GBE Family Controller #2
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_85541043&REV_0C\4&39937546&0&00AA
Service: RTL8167
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
AMD Accelerated Video Transcoding
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD USB 3.0 Device Detector
AMD Wireless Display v3.0
Asmedia ASM104x USB 3.0 Host Controller Driver
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
FileZilla Client 3.8.1
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4.5.1
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Mozilla Firefox 30.0 (x86 en-GB)
Mozilla Maintenance Service
paint.net
PC Tune-Up
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Skype™ 6.16
ZoneAlarm Antivirus
ZoneAlarm Extreme Security
ZoneAlarm Find My Laptop
ZoneAlarm Firewall
ZoneAlarm Security
.
==== End Of File ===========================
lease help.
P.s. I will only be able to respond out of hours.
here are the logs.
MBAM
-----------------------
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 09/07/2014
Scan Time: 11:16:32
Logfile: MBAM log detection.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.07.09.03
Rootkit Database: v2014.07.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Luke Fitton
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 350910
Time Elapsed: 45 min, 17 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-126465478-2479770431-1784574984-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [9224801ccdae3501ec97429abd45837d],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-126465478-2479770431-1784574984-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [595de4b8a4d77db98506658d51b2748c],
Registry Values: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-126465478-2479770431-1784574984-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0E1D1S1L2Y1C1O, Quarantined, [595de4b8a4d77db98506658d51b2748c]
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
-------------------------
DDS
-------------------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126
Run by Luke Fitton at 15:12:40 on 2014-07-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8133.6630 [GMT 1:00]
.
AV: ZoneAlarm Extreme Security Antivirus *Disabled/Updated* {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
SP: ZoneAlarm Extreme Security Anti-Spyware *Disabled/Updated* {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Extreme Security Firewall *Disabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\CheckPoint\AKL\AkSVC.exe
C:\Program Files (x86)\CheckPoint\AKL\AkSA.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Skype\Updater\Updater.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
C:\Program Files (x86)\CheckPoint\AntiTheft\Antitheft.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{69811E27-1133-44DD-B9F8-0A928A5D3582} : DHCPNameServer = 192.168.3.1
TCP: Interfaces\{E5414010-5DBE-4DEA-AD4E-AE82AECD1FC6} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F4B222B5-DF14-4703-8CAF-0BB117DBAB24} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [NUSB3MON] "C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
x64-Run: [ISW] "C:\Program Files (x86)\CheckPoint\AKL\AkSA.exe" /icon="hidden"
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Luke Fitton\AppData\Roaming\Mozilla\Firefox\Profiles\ahruq7t2.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.co.uk/
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-11-6 83176]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-11-6 43240]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-4-25 20464]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2014-7-9 29792]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2014-7-9 54104]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2014-7-9 177760]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-4-16 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-4-15 344064]
R2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2014-6-20 936728]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
R2 ISWKL;ZoneAlarm AntiKeylogger ISWKL;C:\Program Files (x86)\CheckPoint\AKL\ISWKL.sys [2014-5-14 54144]
R2 IswSvc;ZoneAlarm AntiKeylogger IswSvc;C:\Program Files (x86)\CheckPoint\AKL\AkSVC.exe [2014-5-14 1143928]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2014-5-29 90936]
R2 ZoneAlarm AntiTheft;ZoneAlarm AntiTheft;C:\Program Files (x86)\CheckPoint\AntiTheft\Antitheft.exe [2014-5-30 3128968]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2013-5-27 106816]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2013-5-27 227648]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-12-19 94720]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2014-6-25 58536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-6-20 169432]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-8-20 138568]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-8-20 416072]
S3 icsak;icsak;C:\Program Files (x86)\CheckPoint\AKL\AK\icsak.sys [2014-5-14 48512]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-20 111616]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-4-25 449496]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-4-25 368624]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-4-25 790000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-4-25 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-6-27 936664]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192Ce.sys [2011-2-23 1142376]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2014-4-25 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-25 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-4-25 29696]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-4-25 1255736]
.
=============== Created Last 30 ================
.
2014-07-09 10:22:16 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{340D9512-C2AE-4ABB-A05F-23E0CC0F00D3}\mpengine.dll
2014-07-09 09:00:26 -------- d-----w- C:\Users\Luke Fitton\AppData\Local\Skype
2014-07-09 09:00:17 -------- d-----r- C:\Program Files (x86)\Skype
2014-07-09 08:52:21 -------- d-----w- C:\Users\Luke Fitton\AppData\Local\paint.net
2014-07-09 08:52:21 -------- d-----w- C:\Program Files\paint.net
2014-07-09 08:32:18 646280 ----a-w- C:\Windows\System32\AntiTheftCredentialProvider.dll
2014-07-09 08:32:01 -------- d-----w- C:\Users\Luke Fitton\AppData\Roaming\CheckPoint
2014-07-09 08:31:49 -------- d-----w- C:\Program Files (x86)\PC Tune-Up
2014-07-09 08:31:45 54104 ----a-w- C:\Windows\System32\drivers\kltdi.sys
2014-07-09 08:31:45 29792 ----a-w- C:\Windows\System32\drivers\klim6.sys
2014-07-09 08:31:45 177760 ----a-w- C:\Windows\System32\drivers\kneps.sys
2014-07-09 08:31:44 7717984 ----a-w- C:\Windows\System32\drivers\kl1.sys
2014-07-09 08:31:43 92768 ----a-w- C:\Windows\System32\drivers\klflt.sys
2014-07-09 08:22:08 -------- d-----w- C:\Program Files (x86)\CheckPoint
2014-07-09 08:21:56 -------- d-----w- C:\ProgramData\CheckPoint
2014-06-27 11:54:23 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-27 11:54:14 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-27 11:54:14 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-06-27 11:54:14 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-06-27 11:54:14 -------- d-----w- C:\ProgramData\Malwarebytes
2014-06-27 11:54:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-27 11:53:59 -------- d-----w- C:\Users\Luke Fitton\AppData\Local\Programs
2014-06-27 10:55:24 936664 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2014-06-27 10:55:24 73800 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-06-27 10:22:20 -------- d-----w- C:\Users\Luke Fitton\AppData\Local\ElevatedDiagnostics
2014-06-25 17:01:12 -------- d-----w- C:\Users\Luke Fitton\AppData\Local\AMD
2014-06-25 17:01:05 -------- d-----w- C:\Users\Luke Fitton\AppData\Local\ATI
2014-06-25 17:00:57 0 ----a-w- C:\Windows\ativpsrm.bin
2014-06-25 17:00:04 -------- d-sh--w- C:\Users\Luke Fitton\AppData\Local\EmieUserList
2014-06-25 17:00:04 -------- d-sh--w- C:\Users\Luke Fitton\AppData\Local\EmieSiteList
2014-06-25 16:59:27 -------- d-----w- C:\Users\Luke Fitton\AppData\Roaming\library_dir
2014-06-25 16:51:47 -------- d-----w- C:\Program Files (x86)\Raptr
2014-06-25 16:51:38 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2014-06-25 16:51:38 -------- d-----w- C:\Program Files (x86)\AMD AVT
2014-06-25 16:51:22 -------- d-----w- C:\ProgramData\AMD
2014-06-25 16:51:11 -------- d-----w- C:\Program Files\AMD
2014-06-25 16:50:45 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2014-06-25 16:47:58 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2014-06-25 16:47:55 58536 ----a-w- C:\Windows\System32\drivers\usbfilter.sys
2014-06-25 16:47:13 -------- d-----w- C:\ProgramData\Package Cache
2014-06-25 16:47:06 -------- d-----w- C:\Program Files\ATI Technologies
2014-06-25 16:47:04 -------- d-----w- C:\Program Files\ATI
2014-06-25 16:46:30 -------- d-----w- C:\AMD
2014-06-20 13:46:13 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-20 13:46:13 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-20 13:41:43 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-06-20 13:40:59 57344 ----a-w- C:\Windows\System32\cngprovider.dll
2014-06-20 13:39:42 28672 ----a-w- C:\Windows\SysWow64\AsIO.dll
2014-06-20 13:39:42 15232 ----a-w- C:\Windows\SysWow64\drivers\AsIO.sys
2014-06-20 13:39:42 -------- d-----w- C:\Program Files\ASUS
2014-06-20 13:39:42 -------- d-----w- C:\Program Files (x86)\ASUS
2014-06-20 13:39:41 2356592 ----a-w- C:\Windows\System32\WudfUpdate_01011.dll
2014-06-20 13:39:41 107008 ----a-w- C:\Windows\System32\drivers\UMDF\ASMBSW.dll
2014-06-20 13:36:54 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2014-06-20 13:34:21 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2014-06-20 13:33:45 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll
2014-06-20 13:33:06 16344 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2014-06-20 13:32:29 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2014-06-20 13:31:55 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2014-06-20 13:31:49 -------- d-----w- C:\Intel
.
==================== Find3M ====================
.
2014-06-27 10:54:54 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-30 01:35:18 450968 ----a-w- C:\Windows\System32\drivers\vsdatant.sys
2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-16 02:39:52 274656 ----a-w- C:\Windows\System32\drivers\amdacpksd.sys
2014-04-16 02:37:30 15376384 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2014-04-16 02:23:38 231424 ----a-w- C:\Windows\System32\clinfo.exe
2014-04-16 02:23:28 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe
2014-04-16 02:23:28 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe
2014-04-16 02:23:26 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe
2014-04-16 02:23:26 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe
2014-04-16 02:23:24 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll
2014-04-16 02:23:18 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2014-04-16 02:23:12 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
2014-04-16 02:23:08 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2014-04-16 02:23:02 28685824 ----a-w- C:\Windows\System32\amdocl64.dll
2014-04-16 02:20:22 24107520 ----a-w- C:\Windows\SysWow64\amdocl.dll
2014-04-16 02:17:56 65024 ----a-w- C:\Windows\System32\OpenCL.dll
2014-04-16 02:17:52 58880 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-04-16 02:13:40 127488 ----a-w- C:\Windows\System32\mantle64.dll
2014-04-16 02:13:20 113664 ----a-w- C:\Windows\SysWow64\mantle32.dll
2014-04-16 02:13:00 5442048 ----a-w- C:\Windows\System32\amdmantle64.dll
2014-04-16 02:12:38 27907584 ----a-w- C:\Windows\System32\atio6axx.dll
2014-04-16 01:58:48 4358656 ----a-w- C:\Windows\SysWow64\amdmantle32.dll
2014-04-16 01:51:34 23409152 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2014-04-16 01:46:32 368128 ----a-w- C:\Windows\System32\atiapfxx.exe
2014-04-16 01:46:24 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2014-04-16 01:46:22 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2014-04-16 01:46:20 91136 ----a-w- C:\Windows\System32\mantleaxl64.dll
2014-04-16 01:46:16 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2014-04-16 01:46:14 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2014-04-16 01:46:08 85504 ----a-w- C:\Windows\SysWow64\mantleaxl32.dll
2014-04-16 01:46:00 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
2014-04-16 01:42:48 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2014-04-16 01:33:08 48128 ----a-w- C:\Windows\System32\amdmmcl6.dll
2014-04-16 01:33:04 37888 ----a-w- C:\Windows\SysWow64\amdmmcl.dll
2014-04-16 01:30:08 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2014-04-16 01:29:56 31232 ----a-w- C:\Windows\System32\atimuixx.dll
2014-04-16 01:29:48 586240 ----a-w- C:\Windows\System32\atieclxx.exe
2014-04-16 01:29:18 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2014-04-16 01:28:24 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2014-04-16 01:19:46 806912 ----a-w- C:\Windows\System32\coinst_14.100.dll
2014-04-16 01:09:00 1177600 ----a-w- C:\Windows\System32\atiadlxx.dll
2014-04-16 01:08:48 848896 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2014-04-16 01:07:48 75264 ----a-w- C:\Windows\System32\atig6pxx.dll
2014-04-16 01:07:42 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2014-04-16 01:07:42 69632 ----a-w- C:\Windows\System32\atiglpxx.dll
2014-04-16 01:07:34 146944 ----a-w- C:\Windows\System32\atig6txx.dll
2014-04-16 01:07:20 133632 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2014-04-16 01:07:04 638976 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2014-04-16 01:04:46 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2014-04-15 21:33:30 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll
2014-04-15 21:28:56 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 15:12:51.25 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 25/06/2014 17:43:52
System Uptime: 09/07/2014 15:11:36 (0 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | A88XM-A
Processor: AMD A4-4000 APU with Radeon(tm) HD Graphics | FM2+ | 3000/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 119 GiB total, 93.887 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 465.657 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_85541043&REV_0C\4&39937546&0&00AA
Manufacturer: Realtek
Name: Realtek PCIe GBE Family Controller #2
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_85541043&REV_0C\4&39937546&0&00AA
Service: RTL8167
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
AMD Accelerated Video Transcoding
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD USB 3.0 Device Detector
AMD Wireless Display v3.0
Asmedia ASM104x USB 3.0 Host Controller Driver
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
FileZilla Client 3.8.1
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4.5.1
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Mozilla Firefox 30.0 (x86 en-GB)
Mozilla Maintenance Service
paint.net
PC Tune-Up
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Skype™ 6.16
ZoneAlarm Antivirus
ZoneAlarm Extreme Security
ZoneAlarm Find My Laptop
ZoneAlarm Firewall
ZoneAlarm Security
.
==== End Of File ===========================
lease help.
P.s. I will only be able to respond out of hours.