Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows Defender Freezes and Or Shuts down while doing a Full Scan

21 Feb 2015   #11
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Let's see what's actually causing the problem:

Download DDS from one of these links:
DDS.com
DDS.pif
  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next post.
The scan will instruct you to post Attach.txt as an attachment.


My System SpecsSystem Spec
.
22 Feb 2015   #12
TonyMen

Windows 7 Ultimate x64
 
 

Attached is the rar file containing dds.txt and attach.txt


Attached Files
File Type: rar Desktop.rar (12.4 KB, 0 views)
My System SpecsSystem Spec
22 Feb 2015   #13
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Can you just copy and paste the two .txt results please?
My System SpecsSystem Spec
.

23 Feb 2015   #14
TonyMen

Windows 7 Ultimate x64
 
 

I received this message when sending the file.
The text that you have entered is too long (47033 characters). Please shorten it to 20000 characters long.
I am sending the ATTACH.TXT FILE FIRST. THE OTHER WILL BE IN TWO PARTS.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 17/09/2014 06:39:51
System Uptime: 22/02/2015 14:39:06 (3 hours ago)
.
Motherboard: Intel Corporation | | Oneonta Falls
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz | CPU 1 | 2401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 686 GiB total, 609.761 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 932 GiB total, 782.494 GiB free.
F: is FIXED (NTFS) - 932 GiB total, 236.582 GiB free.
H: is CDROM ()
I: is FIXED (NTFS) - 932 GiB total, 274.556 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e967-e325-11ce-bfc1-08002be10318}
Description: Disk drive
Device ID: USBSTOR\DISK&VEN_SAMSUNG&PROD_S2_PORTABLE\00000011E09310500684&0
Manufacturer: (Standard disk drives)
Name: Samsung S2 Portable
PNP Device ID: USBSTOR\DISK&VEN_SAMSUNG&PROD_S2_PORTABLE\00000011E09310500684&0
Service: disk
.
==== System Restore Points ===================
.
RP127: 13/02/2015 19:02:08 - Removed Microsoft Visual C++ 2005 Redistributable
RP128: 14/02/2015 10:42:30 - Windows Update
RP129: 14/02/2015 18:11:30 - Windows Update
RP130: 15/02/2015 09:45:29 - Removed Microsoft Office FrontPage 2003
RP131: 15/02/2015 09:51:18 - Installed Microsoft Office FrontPage 2003
RP132: 15/02/2015 09:57:21 - Configured Microsoft Office Enterprise 2007
RP133: 15/02/2015 10:03:05 - Configured Microsoft Office Enterprise 2007
RP134: 15/02/2015 18:18:16 - Windows Update
RP135: 16/02/2015 10:23:31 - Windows Update
RP136: 16/02/2015 20:51:18 - Windows Update
RP137: 20/02/2015 07:00:05 - Windows Update
.
==== Installed Programs ======================
.
7-Zip 4.65
ABBYY FineReader 9.0 Sprint
Active@ File Recovery 12
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.10)
Adobe Refresh Manager
Animation Plugin 3D Effects 1
Animation Workshop 5
Apple Application Support
Apple Software Update
Ares 2.2.4
Artisteer 4
Atheros Bluetooth Filter Driver Package
Atheros Driver Installation Program
µTorrent
BestCrypt 8.0
BitMotion Cascadia
Bluetooth Stack for Windows by Toshiba
BrowserTraySwitch 2.05.01
CactusVPN
CCleaner
Color Schemer Studio
Combined Community Codec Pack 2014-07-13
ConvertXtoDVD 4.0.9.322
Corel Paint Shop Pro Photo X2
DC-Bass Source 1.3.0
DirectVobSub 2.40.4209
DivX Setup
DS Clock
EPSON Attach To Email
EPSON Easy Photo Print
Epson Easy Photo Print 2
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson Event Manager
EPSON File Manager
EPSON Print CD
EPSON Printer Software
EPSON Scan
EPSON Scan Assistant
EPSON SX235 Series Printer Uninstall
EPSON Web-To-Page
EpsonNet Print
ESPR230 User's Guide
EZRound
ffdshow v1.1.4399 [2012-03-22]
GIF Construction Set Professional 5
GIF Construction Set Tutorial
Google Chrome
Google Update Helper
Intel(R) Driver Update Utility 2.0
Intel® Driver Update Utility
Java 8 Update 31 (64-bit)
Java Auto Updater
Java SE Development Kit 7 Update 71
Kaspersky Total Security
LAME v3.99.3 (for Windows)
Malwarebytes Anti-Malware version 2.0.4.1028
Microsoft .NET Framework 4.5.2
Microsoft ASP.NET MVC 4 Runtime
Microsoft Expression Design 4
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Expression Web 4
Microsoft Expression Web 4 Service Pack 2
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office FrontPage 2003
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Mozilla Firefox 34.0.5 (x86 en-GB)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyDefrag v4.3.1
MyEpson Portal
NetObjects Fusion 12.0
NetObjects Fusion 8
Network Guide EPSON SX235 Series
NVIDIA Control Panel 347.52
NVIDIA GeForce Experience 2.1.5
NVIDIA GeForce Experience Service
NVIDIA Graphics Driver 347.52
NVIDIA HD Audio Driver 1.3.33.0
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.14.0702
NVIDIA ShadowPlay 16.18.9
NVIDIA Update 16.18.9
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.27
OpenSource Flash Video Splitter 1.0.0.5
Opera Stable 27.0.1689.66
PIF DESIGNER
QuickTime 7
Realtek USB 2.0 Card Reader
Renesas Electronics USB 3.0 Host Controller Driver
Samsung Drive Manager
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Expression Design 4 (KB2667730)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956097) 32-Bit Edition
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956098) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2920788) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2956099) 32-Bit Edition
SHIELD Streaming
SHIELD Wireless Controller Driver
Skype Click to Call
Skype™ 7.1
Snagit 11
Speccy
TeamViewer 10
TextPad 5
TomTom HOME
TomTom HOME Visual Studio Merge Modules
TOSHIBA Web Camera Application
TunnelBear
UltraISO Premium V9.61
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2956096) 32-Bit Edition
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User's Guide EPSON SX235 Series
VC80CRTRedist - 8.0.50727.6195
Visual Color Picker 2.6
VSO Media Player 1.4.10.498
WampServer 2.5
WinRAR 5.11 (64-bit)
Xvid Video Codec
Your Uninstaller! 2010
YTD Video Downloader 4.8.9
.
==== Event Viewer Messages From Past Week ========
.
22/02/2015 14:41:45, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer service.
22/02/2015 14:41:43, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
22/02/2015 14:41:43, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
22/02/2015 14:41:43, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
22/02/2015 14:41:43, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
22/02/2015 14:40:24, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
22/02/2015 11:02:26, Error: KLIF [0] -
22/02/2015 10:40:52, Error: Service Control Manager [7034] - The Kaspersky Anti-Virus Service 15.0.1 service terminated unexpectedly. It has done this 3 time(s).
22/02/2015 10:40:52, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
22/02/2015 10:40:42, Error: Service Control Manager [7031] - The Kaspersky Anti-Virus Service 15.0.1 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
22/02/2015 10:38:31, Error: Service Control Manager [7031] - The Kaspersky Anti-Virus Service 15.0.1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
21/02/2015 15:59:29, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
21/02/2015 15:39:41, Error: Service Control Manager [7000] - The MBAMSwissArmy service failed to start due to the following error: The media is write protected.
21/02/2015 09:10:50, Error: Schannel [36870] - A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
.
==== End Of File ===========================
My System SpecsSystem Spec
23 Feb 2015   #15
TonyMen

Windows 7 Ultimate x64
 
 

THIS IS THE FIRST PART OF FILE DDS.TXT

S (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17631
Run by User at 17:05:04 on 2015-02-22
Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.4077.1788 [GMT 0:00]
.
AV: Kaspersky Total Security *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
SP: Kaspersky Total Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\DS Clock\dsetime.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\splwow64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\EPSON\MyEpson Portal\mep.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\DS Clock\dsclock.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Windows\splwow64.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\tv_w32.exe
C:\Program Files (x86)\TeamViewer\tv_x64.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = Google
uDefault_Page_URL = Google
mStart Page = Google
mWinlogon: Userinit = userinit.exe,
BHO: Virtual Keyboard Plugin: {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Content Blocker Plugin: {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
BHO: Safe Money Plugin: {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: EpsonToolBandKicker Class: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
TB: EPSON Web-To-Page: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
EB: F12 Developer Tools: {28BCCB9A-E66B-463C-82A4-09F320DE94D7} - C:\Program Files (x86)\Internet Explorer\F12Tools.dll
uRun: [uTorrent] "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [DS Clock] "C:\Program Files (x86)\DS Clock\DSClock.exe"
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
uPolicies-Explorer: NoThumbNailCache = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{68BF3D7F-EC1D-42D9-8055-2C594E491CC4} : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{68BF3D7F-EC1D-42D9-8055-2C594E491CC4}\244584F6D65684572623D205233405 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{68BF3D7F-EC1D-42D9-8055-2C594E491CC4}\4514C4B44514C4B4D2632444335343 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{95A7B048-25D9-4685-9014-9859C87ECF70} : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{CFF22607-6E39-47AC-8E25-A89C7FE20AF1} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{CFF22607-6E39-47AC-8E25-A89C7FE20AF1}\35B4954443340314 : DHCPNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: WSWSVCUchrome - <Clsid value has no data>
AppInit_DLLs= hplun.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = Google
x64-mDefault_Page_URL = Google
x64-BHO: Virtual Keyboard Plugin: {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
x64-BHO: Content Blocker Plugin: {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll
x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-BHO: Safe Money Plugin: {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-IE: {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: WSWSVCUchrome - <Clsid value has no data>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\hxobu0gl.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.safesearch.net/search?p=s&q={searchTerms}&m=ff&c=wi&s=wi
FF - prefs.js: browser.search.selectedEngine - Search
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
.
---- FIREFOX POLICIES ----
.
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: extensions.astrmndasr.hmpg - true
FF - user.js: extensions.astrmndasr.hmpgUrl - hxxp://astromenda.com/?f=1&a=ast_ggfc_14_44_ch&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyEyC0AtB0CtCzy0EtA0AtAtN0D0Tzu0StCtDtAyEtN1L2X zutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBzztD0AtBzyzzyDtGtBtAzyyBtGyD0A0B0AtG zztCyE0DtGtDtBtDtDyC0CyBtAyB0F0Czy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyDyB0B0A0BzzyBtG0EyB0EzztGyE0E0CyDtG0A 0Czz0FtGyBzzyEtCtAzztBtAyB0F0Czy2Q&cr=695685010&ir=
FF - user.js: extensions.astrmndasr.dfltSrch - true
FF - user.js: extensions.astrmndasr.srchPrvdr - Astromenda
FF - user.js: extensions.astrmndasr.dnsErr - true
FF - user.js: extensions.astrmndasr_i.newTab - true
FF - user.js: extensions.astrmndasr.newTabUrl - hxxp://astromenda.com/?f=2&a=ast_ggfc_14_44_ch&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyEyC0AtB0CtCzy0EtA0AtAtN0D0Tzu0StCtDtAyEtN1L2X zutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBzztD0AtBzyzzyDtGtBtAzyyBtGyD0A0B0AtG zztCyE0DtGtDtBtDtDyC0CyBtAyB0F0Czy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyDyB0B0A0BzzyBtG0EyB0EzztGyE0E0CyDtG0A 0Czz0FtGyBzzyEtCtAzztBtAyB0F0Czy2Q&cr=695685010&ir=
FF - user.js: extensions.astrmndasr.tlbrSrchUrl - hxxp://astromenda.com/?f=3&a=ast_ggfc_14_44_ch&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyEyC0AtB0CtCzy0EtA0AtAtN0D0Tzu0StCtDtAyEtN1L2X zutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBzztD0AtBzyzzyDtGtBtAzyyBtGyD0A0B0AtG zztCyE0DtGtDtBtDtDyC0CyBtAyB0F0Czy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyDyB0B0A0BzzyBtG0EyB0EzztGyE0E0CyDtG0A 0Czz0FtGyBzzyEtCtAzztBtAyB0F0Czy2Q&cr=695685010&ir=&q=
FF - user.js: extensions.astrmndasr.id - E0CA946A2C19E3A3
FF - user.js: extensions.astrmndasr.instlDay - 16373
FF - user.js: extensions.astrmndasr.vrsn -
FF - user.js: extensions.astrmndasr.vrsni -
FF - user.js: extensions.astrmndasr_i.vrsnTs - 15:50:59
FF - user.js: extensions.astrmndasr.prtnrId - WSE_Astromenda
FF - user.js: extensions.astrmndasr.prdct - astrmndasr
FF - user.js: extensions.astrmndasr.aflt - ast_ggfc_14_44_ch
FF - user.js: extensions.astrmndasr_i.smplGrp - none
FF - user.js: extensions.astrmndasr.tlbrId -
FF - user.js: extensions.astrmndasr.instlRef - 142905_b
FF - user.js: extensions.astrmndasr.dfltLng -
FF - user.js: extensions.astrmndasr.appId - {9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
FF - user.js: extensions.astrmndasr.excTlbr - false
FF - user.js: extensions.astrmndasr.cr - 695685010
FF - user.js: extensions.astrmndasr.cd - 2XzuyEtN2Y1L1Qzu0EtD0C0AzyyEyC0AtB0CtCzy0EtA0AtAtN0D0Tzu0StCtDtAyEtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyE tBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBzztD0AtBzyzzyDtGtBtAzyyBtGyD0A0B0AtGzztCyE0DtGtDtBtDtDyC0CyBtAyB 0F0Czy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyDyB0B0A0BzzyBtG0EyB0EzztGyE0E0CyDtG0A0Czz0FtGyBzzyEtCtAzztBtAyB0F 0Czy2Q
FF - user.js: extensions.astrmndasr.AL - 4
.
FF - user.js: plugin.state.nponlinebanking - 2
.
FF - user.js: plugin.state.npvkplugin - 2
.
============= SERVICES / DRIVERS ===============
.
R0 bcfnt;bcfnt;C:\Windows\System32\drivers\bcfnt.sys [2013-7-2 179392]
R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);C:\Windows\System32\drivers\cm_km_w.sys [2013-1-14 238288]
R0 fsh;fsh;C:\Windows\System32\drivers\fsh.sys [2013-7-2 68800]
R1 BC_3DES;BC_3DES;C:\Windows\System32\drivers\bc_3des.sys [2013-7-2 34408]
R1 BC_BF128;BC_BF128;C:\Windows\System32\drivers\bc_bf128.sys [2013-7-2 30824]
R1 BC_BF448;BC_BF448;C:\Windows\System32\drivers\bc_bf448.sys [2013-7-2 30824]
R1 BC_BFish;BC_BFish;C:\Windows\System32\drivers\bc_bfish.sys [2013-7-2 30824]
R1 BC_CAST;BC_CAST;C:\Windows\System32\drivers\bc_cast.sys [2013-7-2 37480]
R1 BC_DES;BC_DES;C:\Windows\System32\drivers\bc_des.sys [2013-7-2 33896]
R1 BC_Gost;BC_Gost;C:\Windows\System32\drivers\bc_gost.sys [2013-7-2 25704]
R1 BC_IDEA;BC_IDEA;C:\Windows\System32\drivers\bc_idea.sys [2013-7-2 27752]
R1 BC_RC6;BC_RC6;C:\Windows\System32\drivers\bc_rc6.sys [2013-7-2 30312]
R1 BC_RIJN;BC_RIJN;C:\Windows\System32\drivers\bc_rijn.sys [2013-7-2 51304]
R1 BC_SERP;BC_SERP;C:\Windows\System32\drivers\bc_serp.sys [2013-7-2 36968]
R1 BC_TFISH;BC_TFISH;C:\Windows\System32\drivers\bc_tfish.sys [2013-7-2 34408]
R1 bcbus;BestCrypt bus driver;C:\Windows\System32\drivers\bcbus.sys [2013-7-2 78440]
R1 klhk;klhk;C:\Windows\System32\drivers\klhk.sys [2015-2-22 245960]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2014-10-10 30920]
R1 klpd;klpd;C:\Windows\System32\drivers\klpd.sys [2013-4-12 15456]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2014-10-9 57032]
R1 Klwtp;Klwtp;C:\Windows\System32\drivers\klwtp.sys [2014-11-22 77000]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2014-11-10 181960]
R1 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2015-2-19 93400]
R2 AVP15.0.2;Kaspersky Anti-Virus Service 15.0.2;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe [2014-12-23 193400]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
R2 DSClockSyncTime;DS Clock Synchronization Service www.dualitysoft.com;C:\Program Files (x86)\DS Clock\dsetime.exe [2014-9-19 62264]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-9-20 1148560]
R2 kldisk;kldisk;C:\Windows\System32\drivers\kldisk.sys [2014-8-19 47112]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-2-19 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-2-19 969016]
R2 MyEpson Portal Service;MyEpson Portal Service;C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [2011-9-16 703584]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-9-20 1701520]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-9-20 19823248]
R2 TeamViewer;TeamViewer 10;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-12-17 5427472]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-12-19 93040]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\Windows\System32\drivers\btfilter.sys [2010-10-18 42096]
R3 klflt;Kaspersky Lab Kernel DLL;C:\Windows\System32\drivers\klflt.sys [2015-2-22 151240]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2014-10-30 30920]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-8-8 29280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-2-19 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-2-19 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-2-19 63704]
TEXT CUT OF DDS.TXT HERE TO REDUCE SIZE OF FILE. 1
My System SpecsSystem Spec
23 Feb 2015   #16
TonyMen

Windows 7 Ultimate x64
 
 

SECOND PART OF TEXT CONTINUED HERE OF DDC.TXT TO REDUCE SIZE OF FILE.

R3 mhk;mhk;C:\Windows\System32\drivers\mhk.sys [2013-7-2 17472]

R3 moh;moh;C:\Windows\System32\drivers\moh.sys [2013-7-2 13376]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-9-20 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-1-17 38032]
R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2014-9-17 38096]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 tap-tb-0901;TunnelBear Adapter V9;C:\Windows\System32\drivers\tap-tb-0901.sys [2014-10-14 38656]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-1-2 315488]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-2-14 114688]
S3 mdf16;mdf16;C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [2014-12-27 20400]
S3 mvd23;mvd23;C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [2014-12-27 99248]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-9-17 250984]
S3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTWlanU.sys [2014-4-6 1362576]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 wampapache64;wampapache64;C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [2014-9-26 24576]
S3 wampmysqld64;wampmysqld64;c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64 --> c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64 [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-2-15 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
S4 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
S4 SZDrvSvc;Samsung Drive Manager Service;C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [2014-12-27 18432]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\notepad++.exe - HKCR\Unknown\Shell=C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,OpenAs_RunDLL %1 [UserChoice] [default=openas]
FileExt: .chm: chm.file="C:\Windows\hh.exe" %1 [UserChoice]
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2015-02-22 11:03:17 110176 ----a-w- C:\Windows\System32\klfphc.dll
2015-02-22 11:02:27 -------- d-----w- C:\Windows\ELAMBKUP
2015-02-22 11:02:26 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2015-02-22 11:01:57 245960 ----a-w- C:\Windows\System32\drivers\klhk.sys
2015-02-22 11:01:57 151240 ----a-w- C:\Windows\System32\drivers\klflt.sys
2015-02-20 10:38:51 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{74972EBD-C7B2-43E2-8F53-671193007E77}\offreg.dll
2015-02-20 07:00:58 11910896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{74972EBD-C7B2-43E2-8F53-671193007E77}\mpengine.dll
2015-02-19 08:30:55 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-02-19 08:30:39 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-02-19 08:30:39 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-02-19 08:30:39 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-02-19 08:30:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-16 19:43:00 950272 ----a-w- C:\Windows\System32\perftrack.dll
2015-02-16 19:43:00 91136 ----a-w- C:\Windows\System32\wdi.dll
2015-02-16 19:43:00 76800 ----a-w- C:\Windows\SysWow64\wdi.dll
2015-02-16 19:43:00 29696 ----a-w- C:\Windows\System32\powertracker.dll
2015-02-15 18:20:56 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2015-02-15 11:02:39 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-02-15 11:02:39 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-02-15 11:02:39 6041600 ----a-w- C:\Windows\System32\jscript9.dll
2015-02-15 11:02:39 4300800 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-02-15 07:40:11 406528 ----a-w- C:\Windows\System32\scesrv.dll
2015-02-15 07:40:11 308224 ----a-w- C:\Windows\SysWow64\scesrv.dll
2015-02-15 07:40:01 5554112 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-02-15 07:40:01 503808 ----a-w- C:\Windows\System32\srcore.dll
2015-02-15 07:40:01 3972544 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-02-15 07:40:01 3917760 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-02-15 07:40:01 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-02-15 07:40:00 50176 ----a-w- C:\Windows\System32\srclient.dll
2015-02-15 07:40:00 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2015-02-15 07:19:05 -------- d-----w- C:\Windows\SysWow64\Wat
2015-02-15 07:19:05 -------- d-----w- C:\Windows\System32\Wat
2015-02-14 15:27:59 10949120 ----a-w- C:\Program Files\Internet Explorer\F12Resources.dll
2015-02-14 13:53:00 3201536 ----a-w- C:\Windows\System32\win32k.sys
2015-02-13 22:01:21 -------- d-----w- C:\Program Files (x86)\SearchProtect
2015-02-13 16:08:25 -------- d-----w- C:\!!k
2015-02-13 09:30:45 -------- d-----w- C:\Kaspersky Kavremover
2015-02-08 19:16:09 -------- d-----w- C:\Program Files (x86)\Microsoft Expression
2015-02-08 13:32:57 -------- d-----w- C:\Program Files (x86)\Visual Color Picker 2
2015-02-07 16:54:58 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2015-02-07 15:29:10 -------- d-----w- C:\Expression Web4
2015-02-07 10:22:20 -------- d-----w- C:\!!Airpets
2015-01-29 21:37:41 -------- d-----w- C:\Program Files\Unlocker
2015-01-29 16:37:41 -------- d-----w- C:\Windows\pss
2015-01-26 19:36:32 -------- d-----w- C:\Users\User\AppData\Local\Clarus
2015-01-26 11:51:35 129752 ----a-w- C:\Windows\System32\drivers\172F23E3.sys
.
==================== Find3M ====================
.
2015-02-05 19:07:04 6861128 ----a-w- C:\Windows\System32\nvcpl.dll
2015-02-05 19:07:03 3517584 ----a-w- C:\Windows\System32\nvsvc64.dll
2015-02-05 19:07:00 935056 ----a-w- C:\Windows\System32\nvvsvc.exe
2015-02-05 19:07:00 62792 ----a-w- C:\Windows\System32\nvshext.dll
2015-02-05 19:07:00 2558792 ----a-w- C:\Windows\System32\nvsvcr.dll
2015-02-05 19:06:59 385168 ----a-w- C:\Windows\System32\nvmctray.dll
2015-02-05 12:50:11 4236870 ----a-w- C:\Windows\System32\nvcoproc.bin
2015-01-30 14:38:46 2828 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys
2015-01-23 11:27:24 129752 ----a-w- C:\Windows\System32\drivers\1F8B2670.sys
2015-01-22 15:39:31 129752 ----a-w- C:\Windows\System32\drivers\029619CF.sys
2015-01-21 23:03:42 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2015-01-15 08:14:17 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-01-15 08:14:16 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-01-15 08:09:58 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2015-01-15 08:09:58 136192 ----a-w- C:\Windows\System32\sspicli.dll
2015-01-15 08:09:57 28160 ----a-w- C:\Windows\System32\secur32.dll
2015-01-15 08:09:51 1461760 ----a-w- C:\Windows\System32\lsasrv.dll
2015-01-15 08:09:15 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-01-15 08:08:59 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-01-15 08:06:22 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-01-15 08:06:11 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-01-15 08:04:23 686080 ----a-w- C:\Windows\System32\adtschema.dll
2015-01-15 07:42:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-01-15 07:42:05 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-01-15 07:41:53 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-01-15 07:39:53 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-01-15 07:39:36 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-01-15 07:37:55 686080 ----a-w- C:\Windows\SysWow64\adtschema.dll
2015-01-15 04:22:18 458824 ----a-w- C:\Windows\System32\drivers\cng.sys
2015-01-13 04:15:56 1540240 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2015-01-13 03:10:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2015-01-13 02:49:19 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2015-01-12 03:05:32 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-01-12 03:05:19 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-01-12 02:49:42 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-01-12 02:48:57 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-01-12 02:48:52 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-01-12 02:47:25 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-01-12 02:34:42 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-01-12 02:34:30 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-01-12 02:25:28 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-01-12 02:21:19 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-01-12 02:13:27 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-01-12 02:08:09 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-01-12 02:07:51 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-01-12 02:07:06 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-01-12 02:05:36 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-01-12 01:55:47 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-01-12 01:46:29 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-01-12 01:46:00 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-01-12 01:40:43 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-01-12 01:27:32 2358272 ----a-w- C:\Windows\System32\wininet.dll
2015-01-12 01:23:09 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-01-12 01:22:17 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-01-12 01:00:17 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-01-10 08:07:47 1895240 ----a-w- C:\Windows\System32\nvdispco6434725.dll
2015-01-10 08:07:47 1556808 ----a-w- C:\Windows\System32\nvdispgenco6434725.dll
2015-01-10 06:48:22 210944 ----a-w- C:\Windows\System32\wdigest.dll
2015-01-10 06:48:19 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2015-01-10 06:48:17 341504 ----a-w- C:\Windows\System32\schannel.dll
2015-01-10 06:48:13 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2015-01-10 06:48:12 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2015-01-10 06:48:10 728064 ----a-w- C:\Windows\System32\kerberos.dll
2015-01-10 06:48:05 22016 ----a-w- C:\Windows\System32\credssp.dll
2015-01-10 06:27:54 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2015-01-10 06:27:51 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2015-01-10 06:27:47 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-01-10 06:27:44 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-01-10 06:27:43 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2015-01-10 06:27:39 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2015-01-10 06:27:32 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2015-01-07 14:34:34 129752 ----a-w- C:\Windows\System32\drivers\6FF4541B.sys
2015-01-05 16:58:21 129752 ----a-w- C:\Windows\System32\drivers\3CA2317C.sys
2015-01-04 14:30:22 129752 ----a-w- C:\Windows\System32\drivers\5206667E.sys
2014-12-28 11:57:35 129752 ----a-w- C:\Windows\System32\drivers\11A31DED.sys
2014-12-27 15:11:32 99384 ----a-w- C:\Users\User\AppData\Roaming\inst.exe
2014-12-27 15:11:32 82816 ----a-w- C:\Windows\System32\drivers\pcouffin.sys
2014-12-27 15:11:32 82816 ----a-w- C:\Users\User\AppData\Roaming\pcouffin.sys
2014-12-27 14:35:53 129752 ----a-w- C:\Windows\System32\drivers\6CC22709.sys
2014-12-24 12:43:08 129752 ----a-w- C:\Windows\System32\drivers\35A138F4.sys
2014-12-23 00:41:02 298120 ------w- C:\Windows\System32\MpSigStub.exe
2014-12-20 10:34:17 129752 ----a-w- C:\Windows\System32\drivers\37881DCE.sys
2014-12-19 03:06:55 210432 ----a-w- C:\Windows\System32\profsvc.dll
2014-12-19 01:46:45 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2014-12-13 10:08:08 1895056 ----a-w- C:\Windows\System32\nvdispco6434709.dll
2014-12-13 10:08:08 1556624 ----a-w- C:\Windows\System32\nvdispgenco6434709.dll
2014-12-13 09:39:24 129752 ----a-w- C:\Windows\System32\drivers\4DAA50DE.sys
2014-12-13 00:12:24 2210040 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-12-13 00:12:24 1291464 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-12-13 00:12:12 2824504 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-12-13 00:12:12 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-12-12 05:31:39 1480192 ----a-w- C:\Windows\System32\crypt32.dll
2014-12-12 05:07:26 1174528 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-12-11 17:47:12 52736 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2014-12-06 04:17:27 303616 ----a-w- C:\Windows\System32\nlasvc.dll
2014-12-06 03:50:19 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2014-12-06 03:50:18 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2014-11-26 03:53:59 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-11-26 03:32:05 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
.
============= FINISH: 17:06:31.86 ===============
My System SpecsSystem Spec
23 Feb 2015   #17
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Download Combofix from any of the links below, and save it to your desktop.<--Important
Link 1
Link 2
Link 3

Click on this link Here to see a list of programs that should be disabled.
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
This includes Antivirus, Firewall, and any Spyware scanners that run in the background.
  • Double click combofix.exe and follow the prompts.
  • When finished, it will produce a log for you. Post that log.
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Please be patient while the scan runs, at times it may appear to stall.
When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
Post this log in your next reply.
My System SpecsSystem Spec
26 Feb 2015   #18
TonyMen

Windows 7 Ultimate x64
 
 

Only had chance to use combofix today. I followed your instructions. A Blue box appeared
and went through the 50 stages then another blue box appeared which said it was creating
a combofix.txt log file nothing happened for 5 to 6 minutes I turned my back to do a few things
and when I looked again the blue box had gone so I looked for the log file on the desk top
it was not there I moved the mouse to see if it was in the download folder..THE MOUSE WAS FROZEN.

I had to reboot. I tried to run the file again but a msg said the date was the 25th It appears the file has either a one time use or a time limit on it ? I downloaded from the link again and got the time expired msg again ?
My System SpecsSystem Spec
26 Feb 2015   #19
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Click on Computer and then look in C:\
See if the .txt log is there.
My System SpecsSystem Spec
27 Feb 2015   #20
TonyMen

Windows 7 Ultimate x64
 
 

No combofix.txt there.

I even did a search for it in the "search programs and files"

Shall I try another download and try again or will I get the same result ?
My System SpecsSystem Spec
Reply

 Windows Defender Freezes and Or Shuts down while doing a Full Scan




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Windows Microsoft security freezes when perform Full scan
Using microsoft security when perform quick scan it scans well but it freezes during full scan at windows/system32/codeintegrity/driver.stl OS:windows 7 professional,32bit i am using dual OS another one is Linux After this problem i am uninstall mawarebytes software I also attach super...
System Security
Fake virus scan (Win7 Defender)
All of a sudden I got a security system alert saying I had problems. It is Win7 Defender and they won't let me do anything with the file extension of .exe. I went to safe mode and can't start any programs at all. I know that Malwarebytes can remove it but I can't download Malwarebytes because it...
System Security
Results of Windows Defender Offline Full Scan
Results of the Windows Defender Offline Full Scan: Trojan:Win32/Dynamer!dtc Severe Active Remove Exploit:Java/CVE-2012-1723.AQT Severe Active Remove Trojan:Win32/Alureon Severe Active Remove Providing the above per gregrocker in the...
System Security
Windows defender offline scan results problem
While using Windows Defender Offline (WDO) scans show that it detects some sort of virus. The problem is at the end of scan it doesn't allow me to review or remove the virus. I need Help.
System Security
Windows Defender is on but does not scan.
I set up a new computer with Windows 7. I set Windows Defender to run a scan every day at 2 AM, but as far as I can tell, it doesn't run the scan. It states that the last scan was run about a week ago. I rechecked the settings and Windows Defender states that it in on. I keep the computer in sleep...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 17:25.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App