Sign in to follow this  
chuckiechan

aaw7boot.log

Recommended Posts

This showed up on my C drive after a new mother board. It seems to update every few seconds of minutes. It just keeps going. I've never seen it before.

 

I don't have a Lavasoft product on my computer at this time.

 

Can someone tell me how to delete or disable it? It's apparetly been running since Feb of 2013!

 

Thanks in advance.

 

 

Boot Cleaner
================================================================================
[~] Cleaning started at 2013-02-05 14:59


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2013-02-05 15:39


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2013-02-05 15:56

 

*********** SNIP *****************

 


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2014-01-18 16:40


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2014-01-18 16:47

"

 

 

It's like the Everready bunny!

 

 

Share this post


Link to post
Share on other sites

Hi chuckichan,

 

Let us see which programs and services that are started automatically when you turn on the computer and if any of them belong to an old version of Ad-Aware.

Save DDS to your desktop: http://download.bleepingcomputer.com/sUBs/dds.scr

Double-click on the DDS tool to run it.

When finished, DDS will open two (2) logs:
1. DDS.txt
2. Attach.txt

Save them to your desktop and paste their content into your answer.

Share this post


Link to post
Share on other sites

DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.51.2
Run by Chuck and Jen at 8:12:14 on 2014-01-19
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8148.6520 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files (x86)\Softland\FBackup 5\bService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
D:\Program Files (x86)\Softland\FBackup 5\bTray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.


uURLSearchHooks: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - <orphaned>
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [FBackup Scheduler] <no file>
mRun: [DMXLauncher] "C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\KILLER~1.LNK - C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - D:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}







TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{8C4A3DCF-E0DB-49F2-BFAA-3C0FA8A14D83} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{C69C0F6C-9BF3-4232-9CE4-856F549B3FE1} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{CDCD0B50-6B56-4DA5-A360-3FE55E44997E} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [VIAxHCUtl] C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2011-9-20 69376]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-3-13 52664]
R1 AsrAppCharger;AsrAppCharger;C:\Windows\System32\drivers\AsrAppCharger.sys [2013-12-16 17192]
R1 BfLwf;Qualcomm Atheros Bandwidth Control;C:\Windows\System32\drivers\bflwfx64.sys [2013-2-13 67888]
R1 BIOS;BIOS;C:\Windows\System32\drivers\BIOS64.sys [2009-6-10 14136]
R2 FBackup5Srv;FBackup 5 Service;D:\Program Files (x86)\Softland\FBackup 5\bService.exe [2014-1-15 2699856]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 134944]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-3 1494304]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2013-8-8 343040]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-23 414496]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2014-1-17 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-8-25 94208]
R3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;C:\Windows\System32\drivers\e22W7x64.sys [2013-3-20 154320]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 NMgamingmsFltr;USB Optical Mouse;C:\Windows\System32\drivers\NMgamingms.sys [2012-9-26 11264]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-12-23 39200]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;C:\Windows\System32\drivers\ViaHub3.sys [2014-1-18 223744]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;C:\Windows\System32\drivers\xhcdrv.sys [2014-1-18 295424]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-6-21 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2013-10-30 458960]
S3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-12-16 32344]
S3 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-7-31 15129376]
S3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2013-11-29 47632]
S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-1-3 19152]
S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-1-3 12504]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-5 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
S3 SaiK0D25;SaiK0D25;C:\Windows\System32\drivers\SaiK0D25.sys [2013-1-19 181024]
S3 SIUSBXP;SIUSBXP;C:\Windows\System32\drivers\SiUSBXp.sys [2009-11-3 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-5 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-11 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-01-19 00:24:42 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C8838230-CB2E-4E02-9765-8747A6A27747}\mpengine.dll
2014-01-18 16:44:58 -------- d-----w- C:\Program Files\VIA XHCI UASP Utility
2014-01-18 16:44:24 223744 ----a-w- C:\Windows\System32\drivers\ViaHub3.sys
2014-01-18 16:44:23 86064 ----a-w- C:\Windows\System32\drivers\vusbstor.sys
2014-01-18 16:43:44 -------- d-----w- C:\Program Files (x86)\VIA
2014-01-18 16:43:14 295424 ----a-w- C:\Windows\System32\drivers\xhcdrv.sys
2014-01-18 04:42:25 877480 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2014-01-18 04:42:25 800168 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2014-01-18 04:40:13 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-18 00:00:05 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-18 00:00:05 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-18 00:00:05 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-18 00:00:05 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-18 00:00:05 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-18 00:00:05 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-18 00:00:05 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-18 00:00:04 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-01-18 00:00:04 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-17 23:55:35 10315576 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-17 23:51:16 -------- d-----w- C:\ProgramData\Qualcomm
2014-01-17 23:50:51 -------- d-----w- C:\Program Files\Qualcomm Atheros
2014-01-17 23:50:37 -------- d-----w- C:\ProgramData\Downloaded Installations
2014-01-17 23:47:16 65408 ----a-w- C:\Windows\System32\drivers\EtronHub3.sys
2013-12-30 16:18:05 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-12-30 16:18:05 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-12-30 16:18:04 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-12-30 16:18:04 6674208 ----a-w- C:\Windows\System32\nvcpl.dll
2013-12-30 16:18:04 3498475 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-12-30 16:18:04 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-12-30 16:17:49 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2013-12-30 16:17:49 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-12-27 14:32:30 -------- d-----w- C:\Users\Chuck and Jen\AppData\Roaming\Malwarebytes
2013-12-27 14:32:17 -------- d-----w- C:\ProgramData\Malwarebytes
2013-12-27 14:32:16 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-12-27 14:32:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-24 01:45:15 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-12-24 01:45:15 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
.
==================== Find3M ====================
.
2014-01-18 21:31:21 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-01-18 21:22:11 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-12-11 18:39:13 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 18:39:13 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-10 02:13:11 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2013-12-10 02:13:01 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll
2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-23 20:18:38 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-10-30 20:55:10 458960 ----a-w- C:\Windows\System32\drivers\k57nd60a.sys
2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-29 16:49:13 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-10-29 03:09:07 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-10-23 10:30:23 1884448 ----a-w- C:\Windows\System32\nvdispco6433165.dll
2013-10-23 10:30:23 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433165.dll
.
============= FINISH: 8:12:47.18 ===============

 

ATTACH.txt

 


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 3/9/2011 5:55:38 PM
System Uptime: 1/19/2014 7:55:09 AM (1 hours ago)
.
Motherboard: ASRock | | 990FX Killer
Processor: AMD FX-8350 Eight-Core Processor | CPUSocket | 4000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 129 GiB total, 17.876 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 8.253 GiB free.
E: is CDROM ()
G: is FIXED (NTFS) - 1397 GiB total, 1001.36 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP432: 1/17/2014 3:47:03 PM - Configured Etron USB3.0 Host Controller
RP433: 1/17/2014 3:54:55 PM - Windows Update
RP434: 1/17/2014 4:02:18 PM - Windows Update
RP435: 1/17/2014 8:39:40 PM - Installed Java 7 Update 51
RP436: 1/18/2014 8:19:31 AM - FBackup 5.0
RP437: 1/18/2014 8:21:29 AM - FBackup 5.0
RP438: 1/18/2014 8:43:29 AM - Installed Platform
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
ACDSee 15
ACDSee Photo Editor 2008
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.9)
Adobe Shockwave Player 12.0
AnyDVD
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASRock App Charger v1.0.5
AutoUpdate
Avery Template - U_0332_01_L
Battlefield 4™
Battlelog Web Plugins
BF4 Settings Editor
Bonjour
Broadcom Gigabit NetLink Controller
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon MP Navigator EX 4.1
Canon MX410 series MP Drivers
Canon MX410 series User Registration
Canon My Printer
Canon Solution Menu EX
Canon Speed Dial Utility
CCleaner
CloneDVD2
Compatibility Pack for the 2007 Office system
CPUID CPU-Z 1.62.0
D3DX10
DivX
ESN Sonar
Etron USB3.0 Host Controller
Facebook Video Calling 2.0.0.447
FBackup 5
FBackup 5.0
FotoSlate 4
Game Fire
GeForce Experience NvStream Client Components
Google SketchUp 8
iCloud
iTunes
Java 7 Update 51
Java Auto Updater
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office Access database engine 2007 (English)
Microsoft Office File Validation Add-In
Microsoft Office Outlook Connector
Microsoft Office Professional Edition 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Streets & Trips 2009
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
MiniTool Partition Wizard Home Edition 8.1.1
MobileMe Control Panel
MozBackup 1.5.1
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Musicnotes Player V1.32.2 and Viewer V1.19.0
Musicnotes Software Suite 1.7.2
NVIDIA 3D Vision Controller Driver 331.93
NVIDIA 3D Vision Driver 331.93
NVIDIA Control Panel 331.93
NVIDIA GeForce Experience 1.8.1
NVIDIA Graphics Driver 331.93
NVIDIA HD Audio Driver 1.3.26.4
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA Optimus Update 10.11.15
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.11.15
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 10.11.15
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.19
Origin
Platform
PunkBuster Services
PVSonyDll
Qualcomm Atheros Bandwidth Control Filter Driver
Qualcomm Atheros Killer E220x Drivers
Qualcomm Atheros Killer Network Manager Suite
Qualcomm Atheros Network Manager
QuickTime
Realtek High Definition Audio Driver
Revo Uninstaller 1.95
Roxio Easy Media Creator 9 Suite
SeaMonkey 2.23 (x86 en-US)
SHIELD Streaming
Smart Technology Programming Software 7.0.27.13
SmartScore X Midi Edition
swMSM
System Requirements Lab
Tetris
TuneUp Companion 3.0.5.0
VD64Inst
VIA Platform Device Manager
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WinDirStat 1.1.2
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Xingtone Ringtone Maker
Xtreme Technologies Gateway (Driver Removal)
XWizard
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
1/19/2014 7:55:59 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RxFilter
1/17/2014 4:25:59 PM, Error: Schannel [36888] - The following fatal alert was generated: 43. The internal error state is 252.
1/17/2014 3:41:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 109.61.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.10003.0&sig=109.61.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 2.1.10003.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/17/2014 3:41:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.1229.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
1/17/2014 3:41:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.1229.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.10201.0&avdelta=1.165.1229.0&asdelta=1.165.1229.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/17/2014 3:41:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.1229.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.10201.0&avdelta=1.165.1229.0&asdelta=1.165.1229.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/17/2014 3:31:46 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 109.61.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.10003.0&sig=109.61.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 2.1.10003.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/17/2014 3:31:46 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.1229.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
1/17/2014 3:31:46 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.1229.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.10201.0&avdelta=1.165.1229.0&asdelta=1.165.1229.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/17/2014 3:31:46 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.1229.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.10201.0&avdelta=1.165.1229.0&asdelta=1.165.1229.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
.
==== End Of File ===========================

Edited by CeciliaB
Moved the log from a quote box

Share this post


Link to post
Share on other sites

1. Yes, there is one entry that is a part of an old version of Ad-Aware:

R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2011-9-20 69376]

 

To remove it:

 

Start menu - All programs - Accessories

Right click Command Prompt and select Run as Administrator.

Enter these two commands (end each one with the Enter key):

 

sc stop Lbd

sc delete Lbd

 

If you get an error message after the first command, don't enter the second.

Please, write any error messages in your answer here.

 

2. I can see old Flash-versions in the log, and they make it easy to infect the computer from a web page. There might be other vulnerable programs, please use Secunias Software Inspector to check the computer. http://www.bleepingcomputer.com/tutorials/detect-vulnerable-programs-with-secunia-psi/ describes how to install and use the program.

Share this post


Link to post
Share on other sites

It's still there.

 

I deleted the System 32 file, and I did the CMD stop and deletion, and deleted the file itself.

 

When I did CMD sc stop LBD it said something to the effect of no file found. Same with sc delete.

 

Ideas?

Share this post


Link to post
Share on other sites

Attach.txt:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 3/9/2011 5:55:38 PM
System Uptime: 1/24/2014 11:13:54 AM (6 hours ago)
.
Motherboard: ASRock | | 990FX Killer
Processor: AMD FX-8350 Eight-Core Processor | CPUSocket | 4000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 129 GiB total, 17.095 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 9.053 GiB free.
E: is CDROM ()
G: is FIXED (NTFS) - 1397 GiB total, 978.258 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP460: 1/23/2014 9:10:39 PM - Revo Uninstaller's restore point - XWizard
RP461: 1/23/2014 9:12:49 PM - Revo Uninstaller's restore point - Xtreme Technologies Gateway (Driver Removal)
RP462: 1/24/2014 1:36:31 PM - Thing are better Jan 24 2013
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
ACDSee 15
ACDSee Photo Editor 2008
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06)
AnyDVD
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AutoUpdate
Avery Template - U_0332_01_L
Battlefield 4™
Battlelog Web Plugins
Bonjour
Broadcom Gigabit NetLink Controller
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon MP Navigator EX 4.1
Canon MX410 series MP Drivers
Canon MX410 series User Registration
Canon My Printer
Canon Solution Menu EX
Canon Speed Dial Utility
CCleaner
CloneDVD2
Compatibility Pack for the 2007 Office system
CPUID CPU-Z 1.62.0
CPUID HWMonitor 1.24
D3DX10
DivX
EaseUS Partition Master 9.3.0
ESN Sonar
Etron USB3.0 Host Controller
Facebook Video Calling 2.0.0.447
FBackup 5
FBackup 5.0
File Association Helper
FotoSlate 4
Game Fire
GeForce Experience NvStream Client Components
iCloud
Java 7 Update 51
Java Auto Updater
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office Access database engine 2007 (English)
Microsoft Office File Validation Add-In
Microsoft Office Outlook Connector
Microsoft Office Professional Edition 2003
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Streets & Trips 2009
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
MobileMe Control Panel
MozBackup 1.5.1
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Musicnotes Player V1.32.2 and Viewer V1.19.0
Musicnotes Software Suite 1.7.2
NVIDIA Control Panel 332.21
NVIDIA GeForce Experience 1.8.1
NVIDIA Graphics Driver 332.21
NVIDIA HD Audio Driver 1.3.30.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA Optimus Update 10.11.15
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.11.15
NVIDIA Update 10.11.15
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.19
Origin
Platform
PunkBuster Services
PVSonyDll
Python 3.3.3 (64-bit)
Qualcomm Atheros Bandwidth Control Filter Driver
Qualcomm Atheros Killer E220x Drivers
Qualcomm Atheros Killer Network Manager Suite
Qualcomm Atheros Network Manager
QuickTime
Realtek High Definition Audio Driver
Revo Uninstaller 1.95
Roxio Easy Media Creator 9 Suite
SeaMonkey 2.23 (x86 en-US)
SHIELD Streaming
Smart Technology Programming Software 7.0.27.13
SmartScore X Midi Edition
swMSM
System Requirements Lab
Tetris
The weDownload Manager
TuneUp Companion 3.0.5.0
VD64Inst
VIA Platform Device Manager
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Xingtone Ringtone Maker
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
1/24/2014 11:14:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RxFilter
1/24/2014 11:14:23 AM, Error: Service Control Manager [7009] - A timeout was reached (120000 milliseconds) while waiting for the Apple Mobile Device service to connect.
1/24/2014 11:14:23 AM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/24/2014 11:10:35 AM, Error: Service Control Manager [7034] - The Qualcomm Atheros Killer Service V2 service terminated unexpectedly. It has done this 1 time(s).
1/23/2014 8:40:51 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
1/23/2014 8:40:51 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
1/23/2014 8:40:51 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
1/23/2014 8:36:16 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
1/23/2014 8:36:16 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/23/2014 8:36:16 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
1/23/2014 8:36:16 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
1/23/2014 8:36:15 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/23/2014 8:36:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
1/23/2014 8:36:05 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BfLwf BIOS DfsC discache ElbyCDIO MpFilter NetBIOS NetBT nsiproxy Psched rdbss RxFilter spldr tdx Wanarpv6 WfpLwf
1/23/2014 8:36:05 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
1/23/2014 8:36:05 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
1/23/2014 8:36:05 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
1/23/2014 8:36:05 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
1/23/2014 8:36:05 AM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/23/2014 8:36:05 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
1/23/2014 8:36:01 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
1/23/2014 8:36:01 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
1/23/2014 8:36:01 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
1/23/2014 8:36:01 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/23/2014 8:36:01 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
1/23/2014 10:36:52 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024809
1/22/2014 4:49:53 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
1/22/2014 4:04:44 PM, Error: Service Control Manager [7034] - The FBackup 5 Service service terminated unexpectedly. It has done this 1 time(s).
1/22/2014 4:04:43 PM, Error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).
1/22/2014 4:04:43 PM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
1/22/2014 4:04:42 PM, Error: Service Control Manager [7034] - The RoxMediaDB9 service terminated unexpectedly. It has done this 1 time(s).
1/22/2014 4:04:42 PM, Error: Service Control Manager [7034] - The Roxio Hard Drive Watcher 9 service terminated unexpectedly. It has done this 1 time(s).
1/22/2014 4:04:42 PM, Error: Service Control Manager [7023] - The System Event Notification Service service terminated with the following error: Overlapped I/O operation is in progress.
1/20/2014 2:18:12 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR4.
1/20/2014 1:44:59 PM, Error: Schannel [36888] - The following fatal alert was generated: 43. The internal error state is 252.
1/17/2014 3:41:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 109.61.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.10003.0&sig=109.61.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 2.1.10003.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/17/2014 3:41:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.1229.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
1/17/2014 3:41:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.1229.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.10201.0&avdelta=1.165.1229.0&asdelta=1.165.1229.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/17/2014 3:41:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.1229.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.10201.0&avdelta=1.165.1229.0&asdelta=1.165.1229.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/17/2014 3:31:46 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 109.61.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.10003.0&sig=109.61.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 2.1.10003.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/17/2014 3:31:46 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.1229.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
1/17/2014 3:31:46 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.1229.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.10201.0&avdelta=1.165.1229.0&asdelta=1.165.1229.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
1/17/2014 3:31:46 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.1229.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.10201.0&avdelta=1.165.1229.0&asdelta=1.165.1229.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
.
==== End Of File ===========================

 

 

DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.51.2
Run by Chuck and Jen at 17:25:50 on 2014-01-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8148.5991 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\taskhost.exe
D:\Program Files (x86)\Softland\FBackup 5\bService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
D:\Program Files (x86)\Softland\FBackup 5\bTray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
C:\Program Files\File Association Helper\FAHWindow.exe
C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Smart PC Utilities\Game Fire\GameFire.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\SeaMonkey\seamonkey.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.


uURLSearchHooks: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - <orphaned>
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: The weDownload Manager: {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [FBackup Scheduler] <no file>
mRun: [DMXLauncher] "C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\KILLER~1.LNK - C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - D:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}








TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{8C4A3DCF-E0DB-49F2-BFAA-3C0FA8A14D83} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{C69C0F6C-9BF3-4232-9CE4-856F549B3FE1} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{CDCD0B50-6B56-4DA5-A360-3FE55E44997E} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: The weDownload Manager: {11111111-1111-1111-1111-110411901174} - C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [VIAxHCUtl] C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [FAHConsole] C:\Program Files\File Association Helper\FAHConsole.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-3-13 52664]
R1 BfLwf;Qualcomm Atheros Bandwidth Control;C:\Windows\System32\drivers\bflwfx64.sys [2013-2-13 67888]
R1 BIOS;BIOS;C:\Windows\System32\drivers\BIOS64.sys [2009-6-10 14136]
R2 FBackup5Srv;FBackup 5 Service;D:\Program Files (x86)\Softland\FBackup 5\bService.exe [2014-1-15 2699856]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 134944]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-3 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-19 15129376]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2013-8-8 343040]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2014-1-17 65408]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-8-25 94208]
R3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;C:\Windows\System32\drivers\e22W7x64.sys [2013-3-20 154320]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 NMgamingmsFltr;USB Optical Mouse;C:\Windows\System32\drivers\NMgamingms.sys [2012-9-26 11264]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-19 39200]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;C:\Windows\System32\drivers\ViaHub3.sys [2014-1-18 223744]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;C:\Windows\System32\drivers\xhcdrv.sys [2014-1-18 295424]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2014-1-23 17480]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2014-1-23 9800]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-6-21 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2013-10-30 458960]
S3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-12-16 32344]
S3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2013-11-29 47632]
S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-1-3 19152]
S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-1-3 12504]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-5 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
S3 SaiK0D25;SaiK0D25;C:\Windows\System32\drivers\SaiK0D25.sys [2013-1-19 181024]
S3 SIUSBXP;SIUSBXP;C:\Windows\System32\drivers\SiUSBXp.sys [2009-11-3 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-5 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-11 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-01-25 00:32:49 -------- d-----w- C:\Program Files (x86)\The weDownload Manager
2014-01-24 19:12:19 -------- d-----w- C:\Windows\pss
2014-01-24 05:19:59 3381832 ----a-w- C:\Windows\System32\BootMan.exe
2014-01-24 05:19:59 2499656 ----a-w- C:\Windows\SysWow64\BootMan.exe
2014-01-24 05:19:59 19840 ----a-w- C:\Windows\SysWow64\EuEpmGdi.dll
2014-01-24 05:19:59 16256 ----a-w- C:\Windows\System32\EuEpmGdi.dll
2014-01-24 05:19:58 9800 ----a-w- C:\Windows\System32\EuGdiDrv.sys
2014-01-24 05:19:58 9160 ----a-w- C:\Windows\SysWow64\EuGdiDrv.sys
2014-01-24 05:19:58 87112 ----a-w- C:\Windows\SysWow64\setupempdrv03.exe
2014-01-24 05:19:58 17480 ----a-w- C:\Windows\System32\epmntdrv.sys
2014-01-24 05:19:58 13896 ----a-w- C:\Windows\SysWow64\epmntdrv.sys
2014-01-24 05:19:58 100936 ----a-w- C:\Windows\System32\setupempdrvx64.exe
2014-01-24 05:19:48 -------- d-----w- C:\Program Files (x86)\EaseUS
2014-01-24 04:55:28 -------- d-----w- C:\AdwCleaner
2014-01-23 20:28:44 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-23 20:28:44 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-23 20:04:46 965000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{77C7AAFA-5839-4D7A-83E5-4FD60A5A4073}\gapaengine.dll
2014-01-23 20:04:26 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6464B3FB-ACAF-4964-9FE3-74ED7A43B4E0}\mpengine.dll
2014-01-22 23:41:05 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-22 19:20:41 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-22 16:12:51 -------- d-----w- C:\Users\Chuck and Jen\AppData\Roaming\LavasoftStatistics
2014-01-21 23:27:14 -------- d-----w- C:\Program Files (x86)\Smart PC Utilities
2014-01-21 18:14:02 -------- d-----w- C:\Program Files\File Association Helper
2014-01-21 01:01:52 -------- d-----w- C:\Program Files (x86)\SeaMonkey
2014-01-20 15:27:39 -------- d-----w- C:\Python33
2014-01-20 15:09:17 -------- d-----w- C:\Users\Chuck and Jen\AppData\Local\Secunia PSI
2014-01-20 15:09:09 -------- d-----w- C:\Program Files (x86)\Secunia
2014-01-19 18:45:01 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-01-19 18:45:01 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-01-19 18:40:22 -------- d-----w- C:\NVIDIA
2014-01-19 16:14:11 -------- d---a-w- C:\Users\Chuck and Jen\DDS Report for AAW
2014-01-18 16:44:58 -------- d-----w- C:\Program Files\VIA XHCI UASP Utility
2014-01-18 16:44:24 223744 ----a-w- C:\Windows\System32\drivers\ViaHub3.sys
2014-01-18 16:44:23 86064 ----a-w- C:\Windows\System32\drivers\vusbstor.sys
2014-01-18 16:43:44 -------- d-----w- C:\Program Files (x86)\VIA
2014-01-18 16:43:14 295424 ----a-w- C:\Windows\System32\drivers\xhcdrv.sys
2014-01-18 04:42:25 877480 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2014-01-18 04:42:25 800168 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2014-01-18 04:40:13 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-18 00:00:05 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-18 00:00:05 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-18 00:00:05 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-18 00:00:05 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-18 00:00:05 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-18 00:00:05 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-18 00:00:05 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-18 00:00:04 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-01-18 00:00:04 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-17 23:51:16 -------- d-----w- C:\ProgramData\Qualcomm
2014-01-17 23:50:51 -------- d-----w- C:\Program Files\Qualcomm Atheros
2014-01-17 23:50:37 -------- d-----w- C:\ProgramData\Downloaded Installations
2014-01-17 23:47:16 65408 ----a-w- C:\Windows\System32\drivers\EtronHub3.sys
2013-12-30 16:18:05 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-12-30 16:18:05 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-12-30 16:18:04 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-12-30 16:18:04 6671648 ----a-w- C:\Windows\System32\nvcpl.dll
2013-12-30 16:18:04 386336 ----a-w- C:\Windows\System32\nvmctray.dll
2013-12-30 16:18:04 3539040 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-12-30 16:17:49 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2013-12-30 16:17:49 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-12-30 16:16:04 1510176 ----a-w- C:\Windows\System32\nvhdagenco64.dll
2013-12-30 16:16:03 3071656 ----a-w- C:\Windows\System32\nvapi64.dll
2013-12-30 16:16:03 2698272 ----a-w- C:\Windows\SysWow64\nvapi.dll
2013-12-30 16:16:03 1436528 ----a-w- C:\Windows\System32\nvumdshimx.dll
2013-12-27 14:32:30 -------- d-----w- C:\Users\Chuck and Jen\AppData\Roaming\Malwarebytes
2013-12-27 14:32:17 -------- d-----w- C:\ProgramData\Malwarebytes
2013-12-27 14:32:16 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-12-27 14:32:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
.
==================== Find3M ====================
.
2014-01-24 22:40:07 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-01-24 22:40:00 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-05 08:42:30 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-12-05 08:42:26 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-11-28 13:38:22 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2013-11-28 13:38:18 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-23 19:26:48 1884448 ----a-w- C:\Windows\System32\nvdispco6433193.dll
2013-11-23 19:26:48 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433193.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-22 08:36:08 1515296 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2013-11-19 05:19:36 3923456 ----a-w- C:\Windows\System32\python33.dll
2013-11-19 05:18:20 94208 ----a-w- C:\Windows\pyw.exe
2013-11-19 05:18:20 93696 ----a-w- C:\Windows\py.exe
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-10-30 20:55:10 458960 ----a-w- C:\Windows\System32\drivers\k57nd60a.sys
2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-29 16:49:13 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-10-29 03:09:07 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
.
============= FINISH: 17:26:15.33 ===============

 

Thanks for keeping on it.

Share this post


Link to post
Share on other sites

The weDownload Manager, see http://www.systemlookup.com/CLSID/80630-weDownload_Manager_bho_dll_weDownload_Manager_bho64_dll.html

 

Have you ever had a program from LANdesk installed?

http://community.landesk.com/support/thread/16925 answer 3.

 

On Monday I'll ask my contact person at Lavasoft if she knows anything about this.

Share this post


Link to post
Share on other sites

I'm sorry, I don't know anything about LANdesk, I only saw that there was another possibility.

Share this post


Link to post
Share on other sites

Maybe the lavasoft statistics file is from your uninstallation of Ad-Aware and wasn't deleted during the uninstallation.

 

Very few persons at Lavasoft knows anything about Ad-Aware 9 and earlier version, it's a long time ago, and the one I have contact with is on vacation this week. Please, be patient .

Share this post


Link to post
Share on other sites

In fairness, I'm planning to get an SSD in a couple of weeks and do a reformat.

So unless you are looking for a challenge, I think it's one of those rare problems that are too hard to solve. I personally think it's a virus that has hijacked the AAW file name.

 

And I thank you very much for your trouble.

 

Share this post


Link to post
Share on other sites

Thank you for the information, then both your and Lavasoft's time can be spent on better things than finding the solution to this issue. ;)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this