Inactive Random keystrokes virus running on Win 7

[GermanDk]

My computer just started to act almost a day ago when random keystrokes were appearing that I never entered in. By just pressing one key, it would output a bunch of keystrokes and start to control the mouse pointer. I have no idea what it is and how to fix, so if someone would please help me, I would appreciate it. Thank you.I have the logs you required post below.

 

[GermanDk]

Malwarebytes Anti-Malware log:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.12.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Slurpee :: SLURPEE-MSI [administrator]

Protection: Disabled

8/12/2012 11:48:19 PM
mbam-log-2012-08-12 (23-48-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216002
Time elapsed: 3 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\$Recycle.Bin\S-1-5-21-2075413165-2350788026-619881878-1001\$RX2L38G\Need for Speed - Hot Pursuit offline activator.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

(end)

 

[GermanDk]

GMER log:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-08-13 11:12:06
Windows 6.1.7601 Service Pack 1
Running: cutpice8.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77372aa246
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77372aa246@7056815eeab7 0x62 0x12 0x62 0x3A ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77372aa246 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77372aa246@7056815eeab7 0x62 0x12 0x62 0x3A ...

---- EOF - GMER 1.0.15 ----

 

[GermanDk]

DDS logs:

DDS.txt-

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Slurpee at 11:13:16 on 2012-08-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.3809 [GMT -4:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\S-Bar\MSIService.exe
C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
C:\Program Files (x86)\Norton Security Suite\Engine\6.2.1.5\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\SafeConnect\scManager.sys
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Security Suite\Engine\6.2.1.5\ccSvcHst.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\S-Bar\S-Bar.exe
C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
C:\Users\Slurpee\Downloads\cutpice8.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://msi.msn.com
uDefault_Page_URL = hxxp://msi.msn.com
mStart Page = hxxp://msi.msn.com
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\6.2.1.5\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\6.2.1.5\IPS\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\6.2.1.5\coIEPlg.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [S-Bar] %PROGRAMFILES%\S-Bar\S-Bar.exe
mRun: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
mRun: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\windows\UpdReg.EXE
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [<NO NAME>]
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\Slurpee\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{4C48A2CF-E8D5-48D9-AE59-4852DBDA4F03} : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{4C48A2CF-E8D5-48D9-AE59-4852DBDA4F03}\25343547574656E64737 : DhcpNameServer = 10.10.20.17 10.10.20.18
TCP: Interfaces\{4C48A2CF-E8D5-48D9-AE59-4852DBDA4F03}\3747164796F6E6 : DhcpNameServer = 192.168.9.1
TCP: Interfaces\{65164AC9-C256-4840-AC67-57A93FF1DAF9} : DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\6.2.1.5\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\6.2.1.5\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\6.2.1.5\coIEPlg.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [S-Bar] %PROGRAMFILES%\S-Bar\S-Bar.exe
mRun-x64: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
mRun-x64: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
mRun-x64: [UpdReg] C:\windows\UpdReg.EXE
mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun-x64: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [(Default)]
mRun-x64: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm
AppInit_DLLs-X64: C:\windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Slurpee\AppData\Roaming\Mozilla\Firefox\Profiles\qslnwzd3.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Slurpee\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Slurpee\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Users\Slurpee\AppData\Roaming\Mozilla\Firefox\Profiles\qslnwzd3.default\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll
FF - plugin: C:\Users\Slurpee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Slurpee\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys --> C:\windows\system32\DRIVERS\nvpciflt.sys [?]
R0 SymDS;Symantec Data Store;C:\windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS --> C:\windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS --> C:\windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120804.001\BHDrvx64.sys [2012-8-4 1161376]
R1 ccSet_N360;Norton Security Suite Settings Manager;C:\windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys --> C:\windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120810.001\IDSviA64.sys [2012-8-10 509088]
R1 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS --> C:\windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\system32\Drivers\N360x64\0602010.005\SYMNETS.SYS --> C:\windows\system32\Drivers\N360x64\0602010.005\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-1 659976]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-6-18 1095616]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-6-18 1333184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-6-18 1124288]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-3-8 135952]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-21 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-12 655944]
R2 Micro Star SCM;Micro Star SCM;C:\Program Files (x86)\S-Bar\MSIService.exe [2011-6-7 160768]
R2 MSI Foundation Service;MSI Foundation Service;C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [2010-7-16 12800]
R2 MSI_SuperCharger;MSI_SuperCharger;C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-7-19 142904]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\6.2.1.5\ccsvchst.exe [2012-8-12 138232]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service --> C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-8-10 1258856]
R2 SCManager;SafeConnect Manager;C:\Program Files (x86)\SafeConnect\scManager.sys servicestart --> C:\Program Files (x86)\SafeConnect\scManager.sys servicestart [?]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\system32\DRIVERS\TurboB.sys --> C:\windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-7-21 2656536]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-4-17 2671376]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\windows\system32\DRIVERS\AMPPAL.sys --> C:\windows\system32\DRIVERS\AMPPAL.sys [?]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys --> C:\windows\system32\DRIVERS\dtsoftbus01.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-12 138912]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\system32\drivers\ETD.sys --> C:\windows\system32\drivers\ETD.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 iwdbus;IWD Bus Enumerator;C:\windows\system32\DRIVERS\iwdbus.sys --> C:\windows\system32\DRIVERS\iwdbus.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]
R3 MBfilt;MBfilt;C:\windows\system32\drivers\MBfilt64.sys --> C:\windows\system32\drivers\MBfilt64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\windows\system32\drivers\HECIx64.sys --> C:\windows\system32\drivers\HECIx64.sys [?]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\windows\system32\DRIVERS\MijXfilt.sys --> C:\windows\system32\DRIVERS\MijXfilt.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\Netwsw00.sys --> C:\windows\system32\DRIVERS\Netwsw00.sys [?]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-7-19 14136]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\system32\drivers\nusb3hub.sys --> C:\windows\system32\drivers\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\system32\drivers\nusb3xhc.sys --> C:\windows\system32\drivers\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-8 150016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-24 136176]
S2 NIS;Norton Internet Security;"C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [?]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\windows\system32\DRIVERS\amppal.sys --> C:\windows\system32\DRIVERS\amppal.sys [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 btmaudio;Intel Bluetooth Audio Service;C:\windows\system32\drivers\btmaud.sys --> C:\windows\system32\drivers\btmaud.sys [?]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\system32\DRIVERS\btmaux.sys --> C:\windows\system32\DRIVERS\btmaux.sys [?]
S3 btmhsf;btmhsf;C:\windows\system32\DRIVERS\btmhsf.sys --> C:\windows\system32\DRIVERS\btmhsf.sys [?]
S3 cphs;Intel(R) Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-5-21 276288]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-24 136176]
S3 iBtFltCoex;iBtFltCoex;C:\windows\system32\DRIVERS\iBtFltCoex.sys --> C:\windows\system32\DRIVERS\iBtFltCoex.sys [?]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\system32\drivers\intelaud.sys --> C:\windows\system32\drivers\intelaud.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-7-19 113120]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [2012-7-19 33592]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-4-17 273168]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2012-7-19 14136]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUVStor.sys --> C:\windows\system32\Drivers\RtsUVStor.sys [?]
S3 rzdaendpt;%rzdaendpt.SvcDesc%;C:\windows\system32\DRIVERS\rzdaendpt.sys --> C:\windows\system32\DRIVERS\rzdaendpt.sys [?]
S3 rzudd;Razer Mouse Driver;C:\windows\system32\DRIVERS\rzudd.sys --> C:\windows\system32\DRIVERS\rzudd.sys [?]
S3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\windows\system32\DRIVERS\rzvkeyboard.sys --> C:\windows\system32\DRIVERS\rzvkeyboard.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-13 03:46:2324904----a-w-C:\windows\System32\drivers\mbam.sys
2012-08-13 00:16:06328712----a-w-C:\windows\System32\MijFrc.dll
2012-08-13 00:16:06115272----a-w-C:\windows\System32\drivers\MijXfilt.sys
2012-08-13 00:16:06--------d-----w-C:\Users\Slurpee\AppData\Roaming\MotioninJoy
2012-08-13 00:16:05--------d-----w-C:\Program Files\MotioninJoy
2012-08-12 21:40:39--------d-----w-C:\Program Files (x86)\Intel Corporation
2012-08-12 21:40:39--------d-----w-C:\Program Files (x86)\Common Files\Intel Corporation
2012-08-12 21:36:45--------d-----w-C:\Program Files (x86)\Cisco
2012-08-12 20:46:58--------d-----w-C:\Users\Slurpee\AppData\Local\Intel WiDi
2012-08-12 20:38:20--------d-----w-C:\windows\pss
2012-08-12 20:36:32737912----a-w-C:\windows\System32\drivers\N360x64\0602010.005\srtsp64.sys
2012-08-12 20:36:32451192----a-r-C:\windows\System32\drivers\N360x64\0602010.005\symds64.sys
2012-08-12 20:36:32405624----a-r-C:\windows\System32\drivers\N360x64\0602010.005\symnets.sys
2012-08-12 20:36:3237496----a-w-C:\windows\System32\drivers\N360x64\0602010.005\srtspx64.sys
2012-08-12 20:36:32190072----a-r-C:\windows\System32\drivers\N360x64\0602010.005\ironx64.sys
2012-08-12 20:36:32167048----a-r-C:\windows\System32\drivers\N360x64\0602010.005\ccsetx64.sys
2012-08-12 20:36:321092728----a-r-C:\windows\System32\drivers\N360x64\0602010.005\symefa64.sys
2012-08-12 20:36:29--------d-----w-C:\windows\System32\drivers\N360x64\0602010.005
2012-08-12 20:33:00--------d-----w-C:\windows\System32\drivers\N360x64
2012-08-12 20:32:57--------d-----w-C:\Program Files (x86)\Norton Security Suite
2012-08-12 20:29:507062----a-w-C:\windows\SysWow64\audiopid.vxd
2012-08-12 18:37:1754072----a-w-C:\windows\System32\drivers\aswRdr2.sys
2012-08-12 18:37:16958400----a-w-C:\windows\System32\drivers\aswSnx.sys
2012-08-12 18:36:54--------d-----w-C:\ProgramData\AVAST Software
2012-08-12 18:36:54--------d-----w-C:\Program Files\AVAST Software
2012-08-12 13:11:15--------d-----w-C:\Program Files\Symantec
2012-08-12 13:06:37--------d-----w-C:\ProgramData\PCSettings
2012-08-12 12:56:54--------d-----w-C:\Users\Slurpee\AppData\Roaming\Malwarebytes
2012-08-12 12:56:49--------d-----w-C:\ProgramData\Malwarebytes
2012-08-12 12:56:49--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-11 02:37:56--------d-----w-C:\Program Files (x86)\EA Games
2012-08-10 20:10:25--------d-----w-C:\ProgramData\EA Logs
2012-08-10 20:06:37--------d-----w-C:\windows\SysWow64\NV
2012-08-10 20:06:37--------d-----w-C:\windows\System32\NV
2012-08-10 20:04:27891240----a-w-C:\windows\System32\nvvsvc.exe
2012-08-10 20:04:27865128----a-w-C:\windows\System32\nv3dappshext.dll
2012-08-10 20:04:2763336----a-w-C:\windows\System32\nvshext.dll
2012-08-10 20:04:276193000----a-w-C:\windows\System32\nvcpl.dll
2012-08-10 20:04:2755144----a-w-C:\windows\System32\nv3dappshextr.dll
2012-08-10 20:04:273266408----a-w-C:\windows\System32\nvsvc64.dll
2012-08-10 20:04:272667062----a-w-C:\windows\System32\nvcoproc.bin
2012-08-10 20:04:272557800----a-w-C:\windows\System32\nvsvcr.dll
2012-08-10 20:04:27118120----a-w-C:\windows\System32\nvmctray.dll
2012-08-10 20:04:1220992----a-w-C:\windows\System32\OpenCL.dll
2012-08-10 20:04:1217920----a-w-C:\windows\SysWow64\OpenCL.dll
2012-08-10 20:04:06--------d-----w-C:\ProgramData\NVIDIA Corporation
2012-08-10 19:30:28--------d--h--w-C:\Program Files (x86)\Common Files\EAInstaller
2012-08-10 04:20:50--------d-----w-C:\Users\Slurpee\AppData\Local\Razer
2012-08-09 23:44:09--------d-----w-C:\Program Files (x86)\uTorrent
2012-08-09 23:43:43--------d-----w-C:\Users\Slurpee\AppData\Roaming\uTorrent
2012-08-09 21:40:04--------d-----w-C:\ProgramData\Solidshield
2012-08-09 21:31:00--------d-----w-C:\ProgramData\EA Core
2012-08-07 23:56:223130440----a-w-C:\windows\SysWow64\pbsvc_blr.exe
2012-08-07 23:56:16--------d-----w-C:\Perfect World Entertainment
2012-08-07 20:51:40--------d-----w-C:\Users\Slurpee\AppData\Local\PMB Files
2012-08-07 20:51:39--------d-----w-C:\ProgramData\PMB Files
2012-08-07 20:51:23--------d-----w-C:\Program Files (x86)\Pando Networks
2012-08-07 18:16:02--------d-----w-C:\Program Files (x86)\World of Warcraft
2012-08-07 17:52:24--------d-----w-C:\Users\Slurpee\AppData\Local\Skyrim
2012-08-07 17:22:59--------d-----w-C:\Program Files (x86)\The Elder Scrolls V Skyrim
2012-08-07 05:13:04--------d-----w-C:\Program Files (x86)\JDownloader
2012-08-07 03:34:00--------d-----w-C:\Users\Slurpee\AppData\Local\Facebook
2012-08-05 16:43:25--------d-----w-C:\Users\Slurpee\AppData\Local\4A Games
2012-08-05 14:38:57--------d-----w-C:\Program Files (x86)\THQ
2012-07-27 14:48:55--------d-----w-C:\ProgramData\VirtualizedApplications
2012-07-27 05:23:16--------d-----w-C:\Users\Slurpee\AppData\Local\SoftGrid Client
2012-07-27 05:23:15--------d-----w-C:\Users\Slurpee\AppData\Roaming\SoftGrid Client
2012-07-27 05:22:36--------d-----w-C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-07-27 05:22:25--------d-----w-C:\Users\Slurpee\AppData\Roaming\TP
2012-07-27 04:44:38--------d-----w-C:\ProgramData\BioWare
2012-07-27 04:44:22--------d-----w-C:\Users\Slurpee\AppData\Roaming\NVIDIA
2012-07-26 22:44:26--------d--h--w-C:\windows\msdownld.tmp
2012-07-24 17:58:43--------d-----w-C:\Program Files\PeerBlock
2012-07-24 17:48:19--------d-----w-C:\Users\Slurpee\AppData\Local\Google
2012-07-23 22:31:02--------d-----w-C:\Program Files (x86)\SafeConnect
2012-07-20 22:20:31--------d-----w-C:\Users\Slurpee\AppData\Roaming\PunkBuster
2012-07-20 20:37:39912504----a-w-C:\windows\System32\drivers\NISx64\1207020.003\symefa64.sys
2012-07-20 20:37:39744568----a-w-C:\windows\System32\drivers\NISx64\1207020.003\srtsp64.sys
2012-07-20 20:37:39450680----a-w-C:\windows\System32\drivers\NISx64\1207020.003\symds64.sys
2012-07-20 20:37:3940568----a-w-C:\windows\System32\drivers\NISx64\1207020.003\srtspx64.sys
2012-07-20 20:37:39386168----a-w-C:\windows\System32\drivers\NISx64\1207020.003\symnets.sys
2012-07-20 20:37:39171128----a-w-C:\windows\System32\drivers\NISx64\1207020.003\ironx64.sys
2012-07-20 20:37:34--------d-----w-C:\windows\System32\drivers\NISx64\1207020.003
2012-07-20 19:29:4674960----a-w-C:\windows\System32\drivers\xusb21.sys
2012-07-20 15:55:20--------d-----w-C:\Users\Slurpee\AppData\Local\Spotify
2012-07-20 15:55:01--------d-----w-C:\Users\Slurpee\AppData\Roaming\Spotify
2012-07-20 15:22:24298016----a-w-C:\windows\SysWow64\PnkBstrB.ex0
2012-07-20 15:22:24283032----a-w-C:\windows\SysWow64\PnkBstrB.exe
2012-07-20 15:22:12283032----a-w-C:\windows\SysWow64\PnkBstrB.xtr
2012-07-20 15:22:0476888----a-w-C:\windows\SysWow64\PnkBstrA.exe
2012-07-20 15:22:02--------d-----w-C:\Users\Slurpee\AppData\Local\PunkBuster
2012-07-20 15:22:01--------d-----w-C:\Users\Slurpee\AppData\Roaming\Ubisoft
2012-07-20 15:19:46--------d-----w-C:\Users\Slurpee\AppData\Local\Ubisoft Game Launcher
2012-07-20 03:36:11--------d-----w-C:\Users\Slurpee\AppData\Local\Macromedia
2012-07-20 03:31:0170344----a-w-C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-20 03:31:01426184----a-w-C:\windows\SysWow64\FlashPlayerApp.exe
2012-07-19 23:12:52--------d-----w-C:\windows\SysWow64\directx
2012-07-19 22:46:36283200----a-w-C:\windows\System32\drivers\dtsoftbus01.sys
2012-07-19 22:46:33--------d-----w-C:\Users\Slurpee\AppData\Roaming\DAEMON Tools Lite
2012-07-19 22:46:32--------d-----w-C:\Program Files (x86)\DAEMON Tools Lite
2012-07-19 22:45:05--------d-----w-C:\ProgramData\DAEMON Tools Lite
2012-07-19 16:56:38--------d-----w-C:\ProgramData\Blizzard Entertainment
2012-07-19 16:56:38--------d-----w-C:\Program Files (x86)\Diablo III
2012-07-19 16:56:38--------d-----w-C:\Program Files (x86)\Common Files\Blizzard Entertainment
2012-07-19 16:54:52--------d-----w-C:\ProgramData\Battle.net
2012-07-19 16:49:06--------d-----w-C:\Program Files (x86)\Origin Games
2012-07-19 16:49:00--------d-----w-C:\Users\Slurpee\AppData\Local\Origin
2012-07-19 16:49:00--------d-----w-C:\ProgramData\Origin
2012-07-19 16:47:49--------d-----w-C:\Users\Slurpee\AppData\Roaming\Origin
2012-07-19 16:45:25--------d-----w-C:\ProgramData\Electronic Arts
2012-07-19 16:45:14--------d-----w-C:\Program Files (x86)\Origin
2012-07-19 16:43:49--------d-----w-C:\Program Files (x86)\Common Files\Steam
2012-07-19 16:43:48--------d-----w-C:\Program Files (x86)\Steam
2012-07-19 16:40:59913888----a-w-C:\Program Files (x86)\Mozilla Firefox\firefox.exe
2012-07-19 16:36:24--------d-----w-C:\Users\Slurpee\AppData\Local\Apple Computer
2012-07-19 16:35:5834152----a-w-C:\windows\System32\drivers\GEARAspiWDM.sys
2012-07-19 16:35:58126312----a-w-C:\windows\System32\GEARAspi64.dll
2012-07-19 16:35:58107368----a-w-C:\windows\SysWow64\GEARAspi.dll
2012-07-19 16:35:39--------d-----w-C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-07-19 16:35:39--------d-----w-C:\Program Files\iTunes
2012-07-19 16:35:39--------d-----w-C:\Program Files\iPod
2012-07-19 16:35:39--------d-----w-C:\Program Files (x86)\iTunes
2012-07-19 16:34:57--------d-----w-C:\Users\Slurpee\AppData\Local\Apple
2012-07-19 16:34:42--------d-----w-C:\Program Files\Bonjour
2012-07-19 16:34:42--------d-----w-C:\Program Files (x86)\Bonjour
2012-07-19 16:24:47--------d-----w-C:\NVIDIA
2012-07-19 16:02:12--------d-----w-C:\Program Files (x86)\Oracle
2012-07-19 16:01:50772544----a-w-C:\windows\SysWow64\npDeployJava1.dll
2012-07-19 16:01:50687544----a-w-C:\windows\SysWow64\deployJava1.dll
2012-07-19 15:54:3174344----a-w-C:\windows\System32\RtNicProp64.dll
2012-07-19 15:54:31676968----a-w-C:\windows\System32\drivers\Rt64win7.sys
2012-07-19 15:54:31107624----a-w-C:\windows\System32\RTNUninst64.dll
2012-07-19 15:50:14--------d--h--w-C:\SuperChargerProfile
2012-07-19 15:43:575632----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-07-19 15:08:25--------d-----w-C:\Users\Slurpee\AppData\Local\ElevatedDiagnostics
2012-07-19 14:58:44--------d-----w-C:\ProgramData\Intel.sav
2012-07-19 14:54:07--------d--h--w-C:\windows\System32\WLANProfiles
2012-07-19 14:49:23121344----a-w-C:\windows\System32\IntelOpenCL64.dll
2012-07-19 14:49:2086528----a-w-C:\windows\SysWow64\IntelOpenCL32.dll
2012-07-19 14:44:53--------d-----w-C:\Program Files (x86)\SystemRequirementsLab
2012-07-19 14:33:3480384----a-w-C:\windows\System32\drivers\BTHUSB.SYS
2012-07-19 14:33:34552960----a-w-C:\windows\System32\drivers\bthport.sys
2012-07-19 14:32:14--------d-----w-C:\Users\Slurpee\AppData\Roaming\FLEXnet
2012-07-19 14:31:52--------d-----w-C:\windows\SysWow64\Wat
2012-07-19 14:31:52--------d-----w-C:\windows\System32\Wat
2012-07-19 14:23:563148800----a-w-C:\windows\System32\win32k.sys
2012-07-19 14:13:38--------d-----w-C:\Program Files (x86)\MSXML 4.0
2012-07-19 13:54:0381408----a-w-C:\windows\System32\imagehlp.dll
2012-07-19 13:54:035120----a-w-C:\windows\SysWow64\wmi.dll
2012-07-19 13:54:035120----a-w-C:\windows\System32\wmi.dll
2012-07-19 13:54:0323408----a-w-C:\windows\System32\drivers\fs_rec.sys
2012-07-19 13:54:03220672----a-w-C:\windows\System32\wintrust.dll
2012-07-19 13:54:03172544----a-w-C:\windows\SysWow64\wintrust.dll
2012-07-19 13:54:03159232----a-w-C:\windows\SysWow64\imagehlp.dll
2012-07-19 13:47:521544704----a-w-C:\windows\System32\DWrite.dll
2012-07-19 13:46:307680----a-w-C:\windows\SysWow64\instnm.exe
2012-07-19 13:45:44805376----a-w-C:\windows\SysWow64\cdosys.dll
2012-07-19 02:42:10480256----a-w-C:\windows\SysWow64\rzdevicedll.dll
2012-07-18 22:11:56--------d-----w-C:\Users\Slurpee\AppData\Local\CrashDumps
2012-07-18 22:11:47--------d-----w-C:\Users\Slurpee\AppData\Roaming\Nuance
2012-07-18 22:11:44--------d-----w-C:\Users\Slurpee\AppData\Roaming\Zeon
2012-07-18 22:02:1511264----a-r-C:\Users\Slurpee\AppData\Roaming\Microsoft\Installer\{98613C99-1399-416C-A07C-1EE1C585D872}\Icon98613C992.exe
2012-07-18 22:02:15--------d-----w-C:\Program Files (x86)\Seagate
2012-07-18 20:59:42--------d-----w-C:\Program Files (x86)\Common Files\Symantec Shared
2012-07-18 20:34:42826880----a-w-C:\windows\SysWow64\rdpcore.dll
2012-07-18 20:34:4223552----a-w-C:\windows\System32\drivers\tdtcp.sys
2012-07-18 20:34:421031680----a-w-C:\windows\System32\rdpcore.dll
2012-07-18 20:32:142622464----a-w-C:\windows\System32\wucltux.dll
2012-07-18 20:32:1099840----a-w-C:\windows\System32\wudriver.dll
2012-07-18 20:32:0436864----a-w-C:\windows\System32\wuapp.exe
2012-07-18 20:32:04186752----a-w-C:\windows\System32\wuwebv.dll
2012-07-18 20:31:14--------d-----w-C:\Users\Slurpee\AppData\Local\MSI
2012-07-18 20:29:56--------d-sh--w-C:\Recovery
2012-07-16 02:38:2026112----a-w-C:\windows\System32\drivers\rzdaendpt.sys
2012-07-16 02:38:187168----a-w-C:\windows\System32\drivers\rzkbdhid.sys
2012-07-16 02:38:1822528----a-w-C:\windows\System32\drivers\rzvkeyboard.sys
2012-07-16 02:38:14101376----a-w-C:\windows\System32\drivers\rzudd.sys
2012-07-16 02:32:52143360----a-w-C:\windows\SysWow64\rztouchdll.dll
2012-07-16 02:32:48165888----a-w-C:\windows\SysWow64\rzaudiodll.dll
.
==================== Find3M ====================
.
2012-08-12 20:33:43175736----a-w-C:\windows\System32\drivers\SYMEVENT64x86.SYS
2012-07-12 22:01:216----a-w-C:\windows\silentOnce.tmp
2012-07-09 19:27:0660928----a-w-C:\windows\System32\drivers\iBtFltCoex.sys
2012-06-18 18:33:14392576----a-w-C:\windows\System32\mbtleapi.dll
2012-06-18 18:33:14305024----a-w-C:\windows\SysWow64\mbtleapi.dll
2012-06-18 18:32:0053632----a-w-C:\windows\System32\opphelper.dll
2012-06-09 18:51:44849408----a-w-C:\windows\System32\drivers\btmhsf.sys
2012-06-06 06:06:162004480----a-w-C:\windows\System32\msxml6.dll
2012-06-06 06:06:161881600----a-w-C:\windows\System32\msxml3.dll
2012-06-06 06:02:541133568----a-w-C:\windows\System32\cdosys.dll
2012-06-06 05:05:521390080----a-w-C:\windows\SysWow64\msxml6.dll
2012-06-06 05:05:521236992----a-w-C:\windows\SysWow64\msxml3.dll
2012-06-02 12:12:172311680----a-w-C:\windows\System32\jscript9.dll
2012-06-02 12:05:281392128----a-w-C:\windows\System32\wininet.dll
2012-06-02 12:04:501494528----a-w-C:\windows\System32\inetcpl.cpl
2012-06-02 12:01:40173056----a-w-C:\windows\System32\ieUnatt.exe
2012-06-02 11:57:082382848----a-w-C:\windows\System32\mshtml.tlb
2012-06-02 08:33:251800192----a-w-C:\windows\SysWow64\jscript9.dll
2012-06-02 08:25:081129472----a-w-C:\windows\SysWow64\wininet.dll
2012-06-02 08:25:031427968----a-w-C:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33142848----a-w-C:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:522382848----a-w-C:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10458704----a-w-C:\windows\System32\drivers\cng.sys
2012-06-02 05:48:1695600----a-w-C:\windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16151920----a-w-C:\windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31340992----a-w-C:\windows\System32\schannel.dll
2012-06-02 05:44:21307200----a-w-C:\windows\System32\ncrypt.dll
2012-06-02 04:40:4222016----a-w-C:\windows\SysWow64\secur32.dll
2012-06-02 04:40:39225280----a-w-C:\windows\SysWow64\schannel.dll
2012-06-02 04:39:10219136----a-w-C:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34:0996768----a-w-C:\windows\SysWow64\sspicli.dll
2012-05-21 16:17:56276288----a-w-C:\windows\SysWow64\IntelCpHeciSvc.exe
2012-05-21 16:17:545890880----a-w-C:\windows\System32\GfxUI.exe
2012-05-21 16:17:54509248----a-w-C:\windows\System32\igfxsrvc.exe
2012-05-21 16:17:54440128----a-w-C:\windows\System32\igfxpers.exe
2012-05-21 16:17:54398656----a-w-C:\windows\System32\hkcmd.exe
2012-05-21 16:17:54249664----a-w-C:\windows\System32\igfxext.exe
2012-05-21 16:17:54184640----a-w-C:\windows\System32\difx64.exe
2012-05-21 16:17:54170304----a-w-C:\windows\System32\igfxtray.exe
2012-05-21 16:13:1690112----a-w-C:\windows\System32\igfxCoIn_v2761.dll
2012-05-21 16:04:308089088----a-w-C:\windows\System32\igdumd64.dll
2012-05-21 16:04:2014759520----a-w-C:\windows\System32\drivers\igdkmd64.sys
2012-05-21 16:03:3279360----a-w-C:\windows\System32\igdde64.dll
2012-05-21 15:59:406122496----a-w-C:\windows\SysWow64\igdumd32.dll
2012-05-21 15:57:5258880----a-w-C:\windows\SysWow64\igdde32.dll
2012-05-21 15:55:069606144----a-w-C:\windows\System32\igd10umd64.dll
2012-05-21 15:43:307795712----a-w-C:\windows\SysWow64\igd10umd32.dll
2012-05-21 14:58:2018138624----a-w-C:\windows\System32\ig4icd64.dll
2012-05-21 14:47:3613214720----a-w-C:\windows\SysWow64\ig4icd32.dll
2012-05-21 14:43:50388608----a-w-C:\windows\System32\igfxpph.dll
2012-05-21 14:43:4628672----a-w-C:\windows\System32\igfxexps.dll
2012-05-21 14:43:3062976----a-w-C:\windows\System32\igfxsrvc.dll
2012-05-21 14:43:04110592----a-w-C:\windows\System32\hccutils.dll
2012-05-21 14:42:56172032----a-w-C:\windows\System32\gfxSrvc.dll
2012-05-21 14:42:549216----a-w-C:\windows\System32\IGFXDEVLib.dll
2012-05-21 14:42:54436224----a-w-C:\windows\System32\igfxdev.dll
2012-05-21 14:42:18286208----a-w-C:\windows\System32\igfxrenu.lrc
2012-05-21 14:42:129007616----a-w-C:\windows\System32\igfxress.dll
2012-05-21 14:42:12142336----a-w-C:\windows\System32\igfxdo.dll
2012-05-21 14:40:5825088----a-w-C:\windows\SysWow64\igfxexps32.dll
2012-05-21 14:39:56325632----a-w-C:\windows\SysWow64\igfxdv32.dll
2012-05-21 12:39:1280896----a-w-C:\windows\System32\drivers\btmaud.sys
2012-05-21 12:39:12111104----a-w-C:\windows\System32\drivers\btmaux.sys
.
============= FINISH: 11:13:58.73 ===============

 

[GermanDk]

Attach.txt-

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 7/18/2012 4:30:05 PM
System Uptime: 8/13/2012 10:55:14 AM (1 hours ago)
.
Motherboard: Micro-Star International Co., Ltd. | | MS-1491
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz | SOCKET 0 | 2301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 273 GiB total, 127.5 GiB free.
D: is FIXED (NTFS) - 182 GiB total, 182.162 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP58: 8/11/2012 6:23:20 PM - Scheduled Checkpoint
RP59: 8/12/2012 2:36:38 PM - avast! Free Antivirus Setup
RP60: 8/12/2012 3:55:03 PM - Installed Intel(R) My WiFi Dashboard
RP61: 8/12/2012 4:02:09 PM - Installed Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
RP62: 8/12/2012 4:15:42 PM - Restore Operation
RP63: 8/12/2012 4:45:19 PM - Installed Intel(R) WiDi.
RP64: 8/12/2012 5:00:34 PM - Installed Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
RP65: 8/12/2012 5:07:36 PM - Removed Intel(R) WiDi.
RP66: 8/12/2012 5:26:47 PM - Installed Intel® PROSet/Wireless WiFi Software
RP67: 8/12/2012 5:31:06 PM - Removed Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed
RP68: 8/12/2012 5:36:18 PM - Installed Intel® PROSet/Wireless WiFi Software
RP69: 8/12/2012 5:40:19 PM - Installed Intel(R) WiDi.
RP70: 8/12/2012 6:12:08 PM - Removed Fantapper Updater
RP71: 8/12/2012 6:12:44 PM - Removed Fantapper Player
RP72: 8/12/2012 6:43:19 PM - Installed Intel(R) My WiFi Dashboard
RP73: 8/12/2012 7:41:51 PM - Device Driver Package Install: www.MotioninJoy.com Microsoft Common Controller For Windows Class
RP74: 8/12/2012 8:17:42 PM - Device Driver Package Install: www.MotioninJoy.com Microsoft Common Controller For Windows Class
.
==== Installed Programs ======================
.
µTorrent
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Apple Application Support
Apple Software Update
Assassin's Creed Brotherhood
Battery Calibration
Battlefield Heroes
Bing Bar
Blacklight Retribution
BurnRecovery
Cinema ProII Setup
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
D3DX10
DAEMON Tools Lite
Diablo III
EasyFace2
EasyViewer
Facebook Video Calling 1.2.0.159
Firebird SQL Server - MAGIX Edition
Galerie de photos Windows Live
Galería fotográfica de Windows Live
Google Chrome
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Intel(R) Management Engine Components
Intel(R) OpenCL CPU Runtime
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) WiDi
Java Auto Updater
Java(TM) 7 Update 5
JavaFX 2.1.1
JDownloader 0.9
Junk Mail filter update
Live Update 5
MAGIX Music Maker 16 Download Version
MAGIX Photo Manager 9
MAGIX Screenshare
MAGIX Speed burnR
MAGIX Video easy SE
Malwarebytes Anti-Malware version 1.62.0.1300
Mass Effect™ 3
Mesh Runtime
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSI HOUSE
MSI Software Install
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Need for Speed(TM) Hot Pursuit
Norton Internet Security
Norton Online Backup
Norton Security Suite
Nuance PDF Reader
NVIDIA PhysX
Origin
Pando Media Booster
PunkBuster Services
Razer Synapse 2.0
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Reader Driver
Renesas Electronics USB 3.0 Host Controller Driver
S-Bar
SafeConnect
SeaTools for Windows
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Spotify
Steam
Stone Giant 1.0
Super-Charger
System Requirements Lab for Intel
Text-To-Speech-Runtime
THX TruStudio Pro
Tom Clancy's Ghost Recon Future Soldier
Ubisoft Game Launcher
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
World of Warcraft
.
==== Event Viewer Messages From Past Week ========
.
8/8/2012 2:16:26 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
8/8/2012 10:03:57 AM, Error: volsnap [27] - The shadow copies of volume F: were aborted during detection because a critical control file could not be opened.
8/7/2012 8:13:27 AM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107.
8/7/2012 8:13:27 AM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
8/7/2012 4:45:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
8/7/2012 4:44:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
8/7/2012 4:44:16 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
8/7/2012 12:41:40 AM, Error: volsnap [14] - The shadow copies of volume F: were aborted because of an IO failure on volume F:.
8/13/2012 10:56:56 AM, Error: Service Control Manager [7000] - The Norton Internet Security service failed to start due to the following error: The system cannot find the file specified.
8/12/2012 6:51:33 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
8/12/2012 6:46:21 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
8/12/2012 5:33:29 PM, Error: Service Control Manager [7000] - The Intel(R) PROSet/Wireless Zero Configuration Service service failed to start due to the following error: The system cannot find the file specified.
8/12/2012 5:33:17 PM, Error: Service Control Manager [7000] - The Intel(R) PROSet/Wireless Registry Service service failed to start due to the following error: The system cannot find the file specified.
8/12/2012 5:32:56 PM, Error: Service Control Manager [7000] - The Intel(R) PROSet/Wireless Event Log service failed to start due to the following error: The system cannot find the file specified.
8/12/2012 5:32:49 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\IWMSSvc.dll Error Code: 126
8/12/2012 5:28:51 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 0, function 1. Please contact your system vendor for technical assistance.
8/12/2012 4:20:54 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 SymIRON
8/12/2012 4:20:49 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
8/12/2012 2:29:57 PM, Error: Service Control Manager [7031] - The Norton Security Suite service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
8/11/2012 12:06:38 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
.
==== End Of File ===========================

 

[Broni]

Welcome aboard

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===========================================

I still need Attach.txt part of DDS.

I don't see much there.

Did you try different keyboard?

 

[GermanDk]

yea and it worked fine for a while but then it happened again. It would just start at a random time and keep on going.

 

[GermanDk]

Do you want me to re-post Attach.txt?

 

[Broni]

You're fine.
I didn't see Attach log when I replied.

yea and it worked fine for a while but then it happened again

Different keyboard?

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

http://download.bleepingcomputer.com/grinler/beta/rkill.exe
http://download.bleepingcomputer.com/grinler/beta/iExplore.exe

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

=================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

 

[GermanDk]

Yes,it also started to happend when I decided to use a different keyboard but it would happen randomally, like when I was typing or not typing. Pretty wierd. Anyways, here are the files.

Rkill.txt-

Rkill 2.1.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/13/2012 12:31:06 PM in x64 mode.
Windows Version: Windows 7

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Slurpee\Desktop\rkill-backup\rkill-08-13-2012-12-31-08.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Restarting Explorer.exe in order to apply changes.

Program finished at: 08/13/2012 12:31:23 PM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)

 

[GermanDk]

aswMBR.txt-

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-13 12:31:55
-----------------------------
12:31:55.037 OS Version: Windows x64 6.1.7601 Service Pack 1
12:31:55.037 Number of processors: 4 586 0x2A07
12:31:55.037 ComputerName: SLURPEE-MSI UserName: Slurpee
12:31:56.347 Initialize success
12:33:10.340 AVAST engine defs: 12081300
12:33:57.436 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:33:57.452 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
12:33:57.467 Disk 0 MBR read successfully
12:33:57.467 Disk 0 MBR scan
12:33:57.483 Disk 0 Windows 7 default MBR code
12:33:57.483 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10260 MB offset 2048
12:33:57.498 Disk 0 Partition 2 80 (A) 27 Hidden NTFS WinRE NTFS 100 MB offset 21014528
12:33:57.514 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 279947 MB offset 21219328
12:33:57.530 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 186631 MB offset 594550784
12:33:57.561 Disk 0 scanning C:\windows\system32\drivers
12:34:04.581 Service scanning
12:34:22.692 Modules scanning
12:34:22.708 Disk 0 trace - called modules:
12:34:23.223 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
12:34:23.238 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007bd8060]
12:34:23.254 3 CLASSPNP.SYS[fffff88001d6043f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006957050]
12:34:24.798 AVAST engine scan C:\windows
12:34:26.811 AVAST engine scan C:\windows\system32
12:36:44.278 AVAST engine scan C:\windows\system32\drivers
12:36:57.211 AVAST engine scan C:\Users\Slurpee
12:41:54.438 AVAST engine scan C:\ProgramData
12:42:59.912 Scan finished successfully
12:45:00.141 Disk 0 MBR has been saved successfully to "F:\MBR.dat"
12:45:00.157 The log file has been saved successfully to "F:\aswMBR.txt"

 

[Broni]

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
• Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

http://download.bleepingcomputer.com/grinler/beta/rkill.exe
http://download.bleepingcomputer.com/grinler/beta/iExplore.exe

Restart computer in safe mode

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

Please post BOTH logs, rKill.txt and Combofix.txt.

 

[GermanDk]

I tried to do combofix but my computer would not let me kill off norton security because of the virus running all over the place. Do I have to run combofix in safe mode?

 

[Broni]

Yes, go ahead.

 

[GermanDk]

ComboKill is finished.

ComboKill.txt-

ComboFix 12-08-13.01 - Slurpee 08/13/2012 13:51:57.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6051.5300 [GMT -4:00]
Running from: c:\users\Slurpee\Desktop\ComboFix.exe
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
((((((((((((((((((((((((( Files Created from 2012-07-13 to 2012-08-13 )))))))))))))))))))))))))))))))
.
.
2012-08-13 17:57 . 2012-08-13 17:57--------d-----w-c:\users\Default\AppData\Local\temp
2012-08-13 03:46 . 2012-07-03 17:4624904----a-w-c:\windows\system32\drivers\mbam.sys
2012-08-13 00:16 . 2011-11-10 22:32115272----a-w-c:\windows\system32\drivers\MijXfilt.sys
2012-08-13 00:16 . 2010-05-03 20:12328712----a-w-c:\windows\system32\MijFrc.dll
2012-08-13 00:16 . 2012-08-13 00:16--------d-----w-c:\program files\MotioninJoy
2012-08-12 21:40 . 2012-08-12 21:40--------d-----w-c:\program files (x86)\Common Files\Intel Corporation
2012-08-12 21:40 . 2012-08-12 21:40--------d-----w-c:\program files (x86)\Intel Corporation
2012-08-12 21:36 . 2012-08-12 21:36--------d-----w-c:\program files (x86)\Cisco
2012-08-12 20:33 . 2012-08-12 20:41--------d-----w-c:\windows\system32\drivers\N360x64
2012-08-12 20:32 . 2012-08-12 20:33--------d-----w-c:\program files (x86)\Norton Security Suite
2012-08-12 20:29 . 2003-06-13 03:257062----a-w-c:\windows\SysWow64\audiopid.vxd
2012-08-12 18:37 . 2012-07-03 16:2154072----a-w-c:\windows\system32\drivers\aswRdr2.sys
2012-08-12 18:37 . 2012-07-03 16:21958400----a-w-c:\windows\system32\drivers\aswSnx.sys
2012-08-12 18:36 . 2012-08-12 18:36--------d-----w-c:\programdata\AVAST Software
2012-08-12 18:36 . 2012-08-12 18:36--------d-----w-c:\program files\AVAST Software
2012-08-12 13:11 . 2012-08-12 20:34--------d-----w-c:\program files\Symantec
2012-08-12 13:06 . 2012-08-12 13:06--------d-----w-c:\programdata\PCSettings
2012-08-12 12:56 . 2012-08-13 03:46--------d-----w-c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-12 12:56 . 2012-08-12 12:56--------d-----w-c:\programdata\Malwarebytes
2012-08-11 02:37 . 2012-08-11 02:37--------d-----w-c:\program files (x86)\EA Games
2012-08-10 20:10 . 2012-08-12 19:24--------d-----w-c:\programdata\EA Logs
2012-08-10 20:06 . 2012-08-11 21:19--------d-----w-c:\windows\SysWow64\NV
2012-08-10 20:06 . 2012-08-11 21:19--------d-----w-c:\windows\system32\NV
2012-08-10 19:58 . 2012-06-29 03:37969064----a-w-c:\windows\system32\nvumdshimx.dll
2012-08-10 19:30 . 2012-08-10 19:30--------d--h--w-c:\program files (x86)\Common Files\EAInstaller
2012-08-10 04:20 . 2012-08-10 04:21--------d-----w-c:\program files (x86)\Razer
2012-08-10 04:20 . 2012-08-10 04:20--------d-----w-c:\programdata\Razer
2012-08-09 23:44 . 2012-08-09 23:44--------d-----w-c:\program files (x86)\uTorrent
2012-08-09 21:41 . 2012-08-09 21:41--------d-----w-c:\program files (x86)\Electronic Arts
2012-08-09 21:40 . 2012-08-09 23:32--------d-----w-c:\programdata\Solidshield
2012-08-09 21:31 . 2012-08-09 21:31--------d-----w-c:\programdata\EA Core
2012-08-07 23:56 . 2011-12-19 22:163130440----a-w-c:\windows\SysWow64\pbsvc_blr.exe
2012-08-07 23:56 . 2012-08-07 23:56--------d-----w-C:\Perfect World Entertainment
2012-08-07 20:51 . 2012-08-07 20:53--------d-----w-c:\programdata\PMB Files
2012-08-07 20:51 . 2012-08-07 20:51--------d-----w-c:\program files (x86)\Pando Networks
2012-08-07 18:16 . 2012-08-10 19:13--------d-----w-c:\program files (x86)\World of Warcraft
2012-08-07 17:22 . 2012-08-07 17:48--------d-----w-c:\program files (x86)\The Elder Scrolls V Skyrim
2012-08-07 05:13 . 2012-08-10 03:09--------d-----w-c:\program files (x86)\JDownloader
2012-08-05 14:38 . 2012-08-05 14:38--------d-----w-c:\program files (x86)\THQ
2012-07-27 14:48 . 2012-08-02 01:35--------d-----w-c:\programdata\VirtualizedApplications
2012-07-27 05:22 . 2012-07-29 15:41--------d-----w-c:\program files (x86)\Microsoft Application Virtualization Client
2012-07-27 05:22 . 2012-07-27 05:22--------d-----w-c:\program files\Microsoft Office
2012-07-27 04:44 . 2012-07-27 04:44--------d-----w-c:\programdata\BioWare
2012-07-26 22:44 . 2012-08-04 19:30--------d--h--w-c:\windows\msdownld.tmp
2012-07-24 17:58 . 2012-08-10 02:40--------d-----w-c:\program files\PeerBlock
2012-07-24 17:48 . 2012-07-24 17:48--------d-----w-c:\program files\Google
2012-07-24 17:48 . 2012-07-24 17:48--------d-----w-c:\program files (x86)\Google
2012-07-24 17:47 . 2012-07-24 17:47--------d-----w-c:\program files (x86)\Common Files\Adobe
2012-07-23 22:31 . 2012-08-09 05:41--------d-----w-c:\program files (x86)\SafeConnect
2012-07-20 22:26 . 2012-07-20 22:26--------d-----w-c:\programdata\Ubisoft
2012-07-20 22:11 . 2012-07-20 22:20--------d-----w-c:\program files (x86)\Ubisoft
2012-07-20 20:37 . 2012-08-12 20:19--------d-----w-c:\windows\system32\drivers\NISx64\1207020.003
2012-07-20 19:29 . 2011-12-07 23:4274960----a-w-c:\windows\system32\drivers\xusb21.sys
2012-07-20 15:22 . 2012-08-13 01:02283032----a-w-c:\windows\SysWow64\PnkBstrB.exe
2012-07-20 15:22 . 2012-08-13 00:55298016----a-w-c:\windows\SysWow64\PnkBstrB.ex0
2012-07-20 15:22 . 2012-08-13 01:02283032----a-w-c:\windows\SysWow64\PnkBstrB.xtr
2012-07-20 15:22 . 2012-08-11 14:1476888----a-w-c:\windows\SysWow64\PnkBstrA.exe
2012-07-20 03:31 . 2012-07-28 18:5770344----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-20 03:31 . 2012-07-28 18:57426184----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-20 03:31 . 2012-07-20 03:31--------d-----w-c:\windows\system32\Macromed
2012-07-19 22:46 . 2012-07-19 22:46283200----a-w-c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-19 22:46 . 2012-07-19 22:46--------d-----w-c:\program files (x86)\DAEMON Tools Lite
2012-07-19 22:45 . 2012-07-19 22:50--------d-----w-c:\programdata\DAEMON Tools Lite
2012-07-19 16:56 . 2012-08-07 18:17--------d-----w-c:\program files (x86)\Common Files\Blizzard Entertainment
2012-07-19 16:56 . 2012-08-07 18:17--------d-----w-c:\programdata\Blizzard Entertainment
2012-07-19 16:56 . 2012-07-19 17:21--------d-----w-c:\program files (x86)\Diablo III
2012-07-19 16:54 . 2012-07-19 16:56--------d-----w-c:\programdata\Battle.net
2012-07-19 16:49 . 2012-08-10 18:26--------d-----w-c:\program files (x86)\Origin Games
2012-07-19 16:49 . 2012-08-12 20:19--------d-----w-c:\programdata\Origin
2012-07-19 16:45 . 2012-08-10 20:11--------d-----w-c:\programdata\Electronic Arts
2012-07-19 16:45 . 2012-08-10 18:21--------d-----w-c:\program files (x86)\Origin
2012-07-19 16:43 . 2012-08-05 14:52--------d-----w-c:\program files (x86)\Common Files\Steam
2012-07-19 16:43 . 2012-08-07 17:53--------d-----w-c:\program files (x86)\Steam
2012-07-19 16:41 . 2012-07-19 16:41--------d-----w-c:\program files (x86)\Mozilla Maintenance Service
2012-07-19 16:35 . 2009-05-18 17:1734152----a-w-c:\windows\system32\drivers\GEARAspiWDM.sys
2012-07-19 16:34 . 2012-07-19 16:34--------d-----w-c:\programdata\Apple
2012-07-19 16:24 . 2012-08-08 13:08--------d-----w-C:\NVIDIA
2012-07-19 16:02 . 2012-07-19 16:02--------d-----w-c:\program files (x86)\Common Files\Java
2012-07-19 16:02 . 2012-07-19 16:02--------d-----w-c:\program files (x86)\Oracle
2012-07-19 16:01 . 2012-07-06 02:06772544----a-w-c:\windows\SysWow64\npDeployJava1.dll
2012-07-19 16:01 . 2012-07-06 02:06687544----a-w-c:\windows\SysWow64\deployJava1.dll
2012-07-19 16:01 . 2012-07-19 16:01--------d-----w-c:\program files (x86)\Java
2012-07-19 16:01 . 2012-07-19 16:01--------d-----w-c:\programdata\McAfee
2012-07-19 15:54 . 2012-02-16 17:4274344----a-w-c:\windows\system32\RtNicProp64.dll
2012-07-19 15:54 . 2012-02-16 17:42676968----a-w-c:\windows\system32\drivers\Rt64win7.sys
2012-07-19 15:54 . 2012-02-16 17:42107624----a-w-c:\windows\system32\RTNUninst64.dll
2012-07-19 15:50 . 2012-08-12 20:19--------d-----w-C:\SuperChargerProfile
2012-07-19 15:43 . 2005-11-14 03:195632----a-w-c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-07-19 14:55 . 2012-08-12 21:40--------d-----w-c:\programdata\Intel
2012-07-19 14:54 . 2012-07-19 14:54--------d--h--w-c:\windows\system32\WLANProfiles
2012-07-19 14:49 . 2012-03-11 06:17121344----a-w-c:\windows\system32\IntelOpenCL64.dll
2012-07-19 14:49 . 2012-03-11 06:0986528----a-w-c:\windows\SysWow64\IntelOpenCL32.dll
2012-07-19 14:44 . 2012-07-19 14:44--------d-----w-c:\program files (x86)\SystemRequirementsLab
2012-07-19 14:33 . 2011-04-28 03:55552960----a-w-c:\windows\system32\drivers\bthport.sys
2012-07-19 14:33 . 2011-04-28 03:5480384----a-w-c:\windows\system32\drivers\BTHUSB.SYS
2012-07-19 14:31 . 2012-07-19 14:31--------d-----w-c:\windows\SysWow64\Wat
2012-07-19 14:31 . 2012-07-19 14:31--------d-----w-c:\windows\system32\Wat
2012-07-19 14:23 . 2012-06-12 03:083148800----a-w-c:\windows\system32\win32k.sys
2012-07-19 14:13 . 2012-07-19 14:13--------d-----w-c:\program files (x86)\MSXML 4.0
2012-07-19 14:04 . 2012-07-03 07:1959701280----a-w-c:\windows\system32\MRT.exe
2012-07-19 13:54 . 2012-03-01 06:4623408----a-w-c:\windows\system32\drivers\fs_rec.sys
2012-07-19 13:54 . 2012-03-01 06:38220672----a-w-c:\windows\system32\wintrust.dll
2012-07-19 13:54 . 2012-03-01 06:3381408----a-w-c:\windows\system32\imagehlp.dll
2012-07-19 13:54 . 2012-03-01 06:285120----a-w-c:\windows\system32\wmi.dll
2012-07-19 13:54 . 2012-03-01 05:37172544----a-w-c:\windows\SysWow64\wintrust.dll
2012-07-19 13:54 . 2012-03-01 05:33159232----a-w-c:\windows\SysWow64\imagehlp.dll
2012-07-19 13:54 . 2012-03-01 05:295120----a-w-c:\windows\SysWow64\wmi.dll
2012-07-19 13:47 . 2012-03-03 06:351544704----a-w-c:\windows\system32\DWrite.dll
2012-07-19 13:46 . 2011-07-16 05:41362496----a-w-c:\windows\system32\wow64win.dll
2012-07-19 13:45 . 2012-06-06 06:05495616----a-w-c:\program files\Common Files\System\ado\msadox.dll
2012-07-19 02:42 . 2012-07-19 02:42480256----a-w-c:\windows\SysWow64\rzdevicedll.dll
2012-07-18 22:02 . 2012-07-18 22:02--------d-----w-c:\program files (x86)\Seagate
2012-07-18 20:59 . 2012-08-12 20:42--------d-----w-c:\program files (x86)\Common Files\Symantec Shared
2012-07-18 20:34 . 2012-02-17 06:381031680----a-w-c:\windows\system32\rdpcore.dll
2012-07-18 20:34 . 2012-02-17 05:34826880----a-w-c:\windows\SysWow64\rdpcore.dll
2012-07-18 20:34 . 2012-02-17 04:5723552----a-w-c:\windows\system32\drivers\tdtcp.sys
2012-07-18 20:32 . 2012-06-02 22:192428952----a-w-c:\windows\system32\wuaueng.dll
2012-07-18 20:32 . 2012-06-02 22:1957880----a-w-c:\windows\system32\wuauclt.exe
2012-07-18 20:32 . 2012-06-02 22:1944056----a-w-c:\windows\system32\wups2.dll
2012-07-18 20:32 . 2012-06-02 22:152622464----a-w-c:\windows\system32\wucltux.dll
2012-07-18 20:32 . 2012-06-02 22:1938424----a-w-c:\windows\system32\wups.dll
2012-07-18 20:32 . 2012-06-02 22:19701976----a-w-c:\windows\system32\wuapi.dll
2012-07-18 20:32 . 2012-06-02 22:1599840----a-w-c:\windows\system32\wudriver.dll
2012-07-18 20:32 . 2012-06-02 19:19186752----a-w-c:\windows\system32\wuwebv.dll
2012-07-18 20:32 . 2012-06-02 19:1536864----a-w-c:\windows\system32\wuapp.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-12 20:33 . 2011-07-21 20:10175736----a-w-c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-07-18 20:38 . 2010-06-24 18:3319736----a-w-c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-12 22:01 . 2012-07-12 22:016----a-w-c:\windows\silentOnce.tmp
2012-07-09 19:27 . 2012-07-09 19:2760928----a-w-c:\windows\system32\drivers\iBtFltCoex.sys
2012-06-18 18:33 . 2012-06-18 18:33392576----a-w-c:\windows\system32\mbtleapi.dll
2012-06-18 18:33 . 2012-06-18 18:33305024----a-w-c:\windows\SysWow64\mbtleapi.dll
2012-06-18 18:32 . 2012-06-18 18:3253632----a-w-c:\windows\system32\opphelper.dll
2012-06-09 18:51 . 2012-06-09 18:51849408----a-w-c:\windows\system32\drivers\btmhsf.sys
2012-05-21 16:17 . 2012-05-21 16:17276288----a-w-c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-05-21 16:17 . 2012-05-21 16:175890880----a-w-c:\windows\system32\GfxUI.exe
2012-05-21 16:17 . 2012-05-21 16:17509248----a-w-c:\windows\system32\igfxsrvc.exe
2012-05-21 16:17 . 2012-05-21 16:17440128----a-w-c:\windows\system32\igfxpers.exe
2012-05-21 16:17 . 2012-05-21 16:17398656----a-w-c:\windows\system32\hkcmd.exe
2012-05-21 16:17 . 2012-05-21 16:17249664----a-w-c:\windows\system32\igfxext.exe
2012-05-21 16:17 . 2012-05-21 16:17184640----a-w-c:\windows\system32\difx64.exe
2012-05-21 16:17 . 2012-05-21 16:17170304----a-w-c:\windows\system32\igfxtray.exe
2012-05-21 16:13 . 2012-05-21 16:1390112----a-w-c:\windows\system32\igfxCoIn_v2761.dll
2012-05-21 16:04 . 2011-07-21 17:338089088----a-w-c:\windows\system32\igdumd64.dll
2012-05-21 16:04 . 2012-05-21 16:0414759520----a-w-c:\windows\system32\drivers\igdkmd64.sys
2012-05-21 16:03 . 2012-05-21 16:0379360----a-w-c:\windows\system32\igdde64.dll
2012-05-21 15:59 . 2012-03-19 20:266122496----a-w-c:\windows\SysWow64\igdumd32.dll
2012-05-21 15:57 . 2012-05-21 15:5758880----a-w-c:\windows\SysWow64\igdde32.dll
2012-05-21 15:55 . 2012-05-21 15:559606144----a-w-c:\windows\system32\igd10umd64.dll
2012-05-21 15:43 . 2012-05-21 15:437795712----a-w-c:\windows\SysWow64\igd10umd32.dll
2012-05-21 14:58 . 2012-05-21 14:5818138624----a-w-c:\windows\system32\ig4icd64.dll
2012-05-21 14:47 . 2012-05-21 14:4713214720----a-w-c:\windows\SysWow64\ig4icd32.dll
2012-05-21 14:44 . 2012-05-21 14:44439296----a-w-c:\windows\system32\igfxrrom.lrc
2012-05-21 14:44 . 2012-05-21 14:44438784----a-w-c:\windows\system32\igfxrhrv.lrc
2012-05-21 14:44 . 2012-05-21 14:44438272----a-w-c:\windows\system32\igfxrsky.lrc
2012-05-21 14:44 . 2012-05-21 14:44437760----a-w-c:\windows\system32\igfxrtrk.lrc
2012-05-21 14:44 . 2012-05-21 14:44437760----a-w-c:\windows\system32\igfxrsve.lrc
2012-05-21 14:44 . 2012-05-21 14:44437760----a-w-c:\windows\system32\igfxrslv.lrc
2012-05-21 14:44 . 2012-05-21 14:44437248----a-w-c:\windows\system32\igfxrtha.lrc
2012-05-21 14:44 . 2012-05-21 14:44439808----a-w-c:\windows\system32\igfxresn.lrc
2012-05-21 14:44 . 2012-05-21 14:44439296----a-w-c:\windows\system32\igfxrrus.lrc
2012-05-21 14:44 . 2012-05-21 14:44438784----a-w-c:\windows\system32\igfxrptg.lrc
2012-05-21 14:44 . 2012-05-21 14:44438784----a-w-c:\windows\system32\igfxrplk.lrc
2012-05-21 14:44 . 2012-05-21 14:44437760----a-w-c:\windows\system32\igfxrptb.lrc
2012-05-21 14:44 . 2012-05-21 14:44438784----a-w-c:\windows\system32\igfxrita.lrc
2012-05-21 14:44 . 2012-05-21 14:44437760----a-w-c:\windows\system32\igfxrnor.lrc
2012-05-21 14:44 . 2012-05-21 14:44432128----a-w-c:\windows\system32\igfxrjpn.lrc
2012-05-21 14:44 . 2012-05-21 14:44430592----a-w-c:\windows\system32\igfxrkor.lrc
2012-05-21 14:44 . 2012-05-21 14:44440320----a-w-c:\windows\system32\igfxrell.lrc
2012-05-21 14:44 . 2012-05-21 14:44438784----a-w-c:\windows\system32\igfxrdeu.lrc
2012-05-21 14:44 . 2012-05-21 14:44438272----a-w-c:\windows\system32\igfxrhun.lrc
2012-05-21 14:44 . 2012-05-21 14:44435712----a-w-c:\windows\system32\igfxrheb.lrc
2012-05-21 14:44 . 2012-05-21 14:44439808----a-w-c:\windows\system32\igfxrfra.lrc
2012-05-21 14:44 . 2012-05-21 14:44438784----a-w-c:\windows\system32\igfxrnld.lrc
2012-05-21 14:44 . 2012-05-21 14:44438272----a-w-c:\windows\system32\igfxrfin.lrc
2012-05-21 14:44 . 2012-05-21 14:44438272----a-w-c:\windows\system32\igfxrcsy.lrc
2012-05-21 14:44 . 2012-05-21 14:44437248----a-w-c:\windows\system32\igfxrdan.lrc
2012-05-21 14:44 . 2012-05-21 14:44435712----a-w-c:\windows\system32\igfxrara.lrc
2012-05-21 14:44 . 2012-05-21 14:44429056----a-w-c:\windows\system32\igfxrcht.lrc
2012-05-21 14:44 . 2012-05-21 14:44428544----a-w-c:\windows\system32\igfxrchs.lrc
2012-05-21 14:44 . 2012-05-21 14:44126976----a-w-c:\windows\system32\igfxcpl.cpl
2012-05-21 14:44 . 2012-05-21 14:44410624----a-w-c:\windows\system32\igfxTMM.dll
2012-05-21 14:43 . 2012-03-19 19:18388608----a-w-c:\windows\system32\igfxpph.dll
2012-05-21 14:43 . 2012-05-21 14:4328672----a-w-c:\windows\system32\igfxexps.dll
2012-05-21 14:43 . 2011-07-21 17:3362976----a-w-c:\windows\system32\igfxsrvc.dll
2012-05-21 14:43 . 2011-07-21 17:33110592----a-w-c:\windows\system32\hccutils.dll
2012-05-21 14:42 . 2012-05-21 14:42172032----a-w-c:\windows\system32\gfxSrvc.dll
2012-05-21 14:42 . 2012-05-21 14:429216----a-w-c:\windows\system32\IGFXDEVLib.dll
2012-05-21 14:42 . 2012-05-21 14:42436224----a-w-c:\windows\system32\igfxdev.dll
2012-05-21 14:42 . 2012-05-21 14:42286208----a-w-c:\windows\system32\igfxrenu.lrc
2012-05-21 14:42 . 2012-05-21 14:42142336----a-w-c:\windows\system32\igfxdo.dll
2012-05-21 14:42 . 2011-07-21 17:339007616----a-w-c:\windows\system32\igfxress.dll
2012-05-21 14:40 . 2012-05-21 14:4025088----a-w-c:\windows\SysWow64\igfxexps32.dll
2012-05-21 14:39 . 2012-05-21 14:39325632----a-w-c:\windows\SysWow64\igfxdv32.dll
2012-05-21 12:39 . 2012-05-21 12:3980896----a-w-c:\windows\system32\drivers\btmaud.sys
2012-05-21 12:39 . 2012-05-21 12:39111104----a-w-c:\windows\system32\drivers\btmaux.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-07-24 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"S-Bar"="c:\program files (x86)\S-Bar\S-Bar.exe" [2011-06-07 5521408]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-01 1374720]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-05-22 502328]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2012-07-01 314280]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\users\Slurpee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-10-8 198656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security PackagesREG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120804.001\BHDrvx64.sys [2012-08-04 1161376]
R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys [2011-11-04 167048]
R1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120810.001\IDSvia64.sys [2012-08-10 509088]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS [2011-11-17 190072]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0602010.005\SYMNETS.SYS [2011-11-17 405624]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-01 659976]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-06-18 1095616]
R2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2012-06-18 1333184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2012-06-18 1124288]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-03-08 135952]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-28 1253376]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-24 136176]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\S-Bar\MSIService.exe [2011-06-07 160768]
R2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [2010-07-16 12800]
R2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [2012-05-22 142904]
R2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\6.2.1.5\ccSvcHst.exe [2012-03-27 138232]
R2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [x]
R2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service [x]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-06-29 1258856]
R2 SCManager;SafeConnect Manager;c:\program files (x86)\SafeConnect\scManager.sys servicestart [x]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-04 2656536]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-04-17 2671376]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-01 195584]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-03-01 195584]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [2012-05-21 80896]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2012-05-21 111104]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2012-06-09 849408]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-05-21 276288]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-12 138912]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-24 136176]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-07-09 60928]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-06-21 34200]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-11-10 115272]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-04-17 273168]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [2010-11-30 307304]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-19 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-06-29 30056]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS [2011-08-16 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS [2011-11-24 1092728]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-19 283200]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-12-31 138024]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-06-21 25496]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\Netwsw00.sys [2012-03-12 11471872]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-12-10 181248]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
S3 rzdaendpt;%rzdaendpt.SvcDesc%;c:\windows\system32\DRIVERS\rzdaendpt.sys [2012-07-16 26112]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys [2012-07-16 101376]
S3 rzvkeyboard;Razer Virtual Keyboard Driver;c:\windows\system32\DRIVERS\rzvkeyboard.sys [2012-07-16 22528]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2075413165-2350788026-619881878-1001Core.job
- c:\users\Slurpee\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-07 03:34]
.
2012-08-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2075413165-2350788026-619881878-1001UA.job
- c:\users\Slurpee\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-07 03:34]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-24 17:48]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-24 17:48]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2075413165-2350788026-619881878-1001Core.job
- c:\users\Slurpee\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-25 17:53]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2075413165-2350788026-619881878-1001UA.job
- c:\users\Slurpee\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-25 17:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-05-08 12481128]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-05-21 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-05-21 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-05-21 440128]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-06-01 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-06-18 11586944]
"IntelMyWiFiDashboard"="c:\program files\Intel\CCDashboard\bin\CCDashServer.exe" [2012-04-16 4962816]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2012-04-17 4756240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://msi.msn.com
mStart Page = hxxp://msi.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Send to Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
FF - ProfilePath - c:\users\Slurpee\AppData\Roaming\Mozilla\Firefox\Profiles\qslnwzd3.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-{6D87CAD9-9B94-4421-A439-B25F8DE14575} - c:\program files (x86)\InstallShield Installation Information\{6D87CAD9-9B94-4421-A439-B25F8DE14575}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\6.2.1.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\6.2.1.5\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:58,5a,57,a5,d7,78,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,c5,ed,db,77,34,10,45,96,55,11,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,c5,ed,db,77,34,10,45,96,55,11,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,c5,ed,db,77,34,10,45,96,55,11,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-08-13 13:58:04
ComboFix-quarantined-files.txt 2012-08-13 17:58
.
Pre-Run: 157,910,794,240 bytes free
Post-Run: 158,133,055,488 bytes free
.
- - End Of File - - A5EB3F9E88B11CD1A0EB327A1016C5AE

 

[Broni]

Nothing malicious there.

In this forum, we make sure, your computer is free of malware and your computer is clean
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.

 

[GermanDk]

Thank you for everthing. So you don't think its a virus or malware worm happening in it?

 

[Broni]

Nope.

 

[GermanDk]

I wonder what could it be because it is acting normal in safe mode but when I turn it to normal mode, it acts up. Do you think a master reset will help or should I just keep working with what I have?

 

[Broni]

Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.