Windows Defender Freezes and Or Shuts down while doing a Full Scan

Page 2 of 3 FirstFirst 123 LastLast

  1. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #11

    Let's see what's actually causing the problem:

    Download DDS from one of these links:
    DDS.com
    DDS.pif
    • Disable any script blocking protection
    • Double click the dds icon to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt <--- will be minimized in the task tray
    • Save both reports to your desktop.

    Include the contents of both logs in your next post.
    The scan will instruct you to post Attach.txt as an attachment.
      My Computer


  2. Posts : 22
    Windows 7 Ultimate x64
    Thread Starter
       #12

    Attached is the rar file containing dds.txt and attach.txt
    Windows Defender Freezes and Or Shuts down while doing a Full Scan Attached Files
      My Computer


  3. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #13

    Can you just copy and paste the two .txt results please? :)
      My Computer


  4. Posts : 22
    Windows 7 Ultimate x64
    Thread Starter
       #14

    I received this message when sending the file.
    The text that you have entered is too long (47033 characters). Please shorten it to 20000 characters long.
    I am sending the ATTACH.TXT FILE FIRST. THE OTHER WILL BE IN TWO PARTS.

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 17/09/2014 06:39:51
    System Uptime: 22/02/2015 14:39:06 (3 hours ago)
    .
    Motherboard: Intel Corporation | | Oneonta Falls
    Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz | CPU 1 | 2401/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 686 GiB total, 609.761 GiB free.
    D: is CDROM ()
    E: is FIXED (NTFS) - 932 GiB total, 782.494 GiB free.
    F: is FIXED (NTFS) - 932 GiB total, 236.582 GiB free.
    H: is CDROM ()
    I: is FIXED (NTFS) - 932 GiB total, 274.556 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e967-e325-11ce-bfc1-08002be10318}
    Description: Disk drive
    Device ID: USBSTOR\DISK&VEN_SAMSUNG&PROD_S2_PORTABLE\00000011E09310500684&0
    Manufacturer: (Standard disk drives)
    Name: Samsung S2 Portable
    PNP Device ID: USBSTOR\DISK&VEN_SAMSUNG&PROD_S2_PORTABLE\00000011E09310500684&0
    Service: disk
    .
    ==== System Restore Points ===================
    .
    RP127: 13/02/2015 19:02:08 - Removed Microsoft Visual C++ 2005 Redistributable
    RP128: 14/02/2015 10:42:30 - Windows Update
    RP129: 14/02/2015 18:11:30 - Windows Update
    RP130: 15/02/2015 09:45:29 - Removed Microsoft Office FrontPage 2003
    RP131: 15/02/2015 09:51:18 - Installed Microsoft Office FrontPage 2003
    RP132: 15/02/2015 09:57:21 - Configured Microsoft Office Enterprise 2007
    RP133: 15/02/2015 10:03:05 - Configured Microsoft Office Enterprise 2007
    RP134: 15/02/2015 18:18:16 - Windows Update
    RP135: 16/02/2015 10:23:31 - Windows Update
    RP136: 16/02/2015 20:51:18 - Windows Update
    RP137: 20/02/2015 07:00:05 - Windows Update
    .
    ==== Installed Programs ======================
    .
    7-Zip 4.65
    ABBYY FineReader 9.0 Sprint
    Active@ File Recovery 12
    Adobe Flash Player 15 ActiveX
    Adobe Flash Player 15 Plugin
    Adobe Reader XI (11.0.10)
    Adobe Refresh Manager
    Animation Plugin 3D Effects 1
    Animation Workshop 5
    Apple Application Support
    Apple Software Update
    Ares 2.2.4
    Artisteer 4
    Atheros Bluetooth Filter Driver Package
    Atheros Driver Installation Program
    µTorrent
    BestCrypt 8.0
    BitMotion Cascadia
    Bluetooth Stack for Windows by Toshiba
    BrowserTraySwitch 2.05.01
    CactusVPN
    CCleaner
    Color Schemer Studio
    Combined Community Codec Pack 2014-07-13
    ConvertXtoDVD 4.0.9.322
    Corel Paint Shop Pro Photo X2
    DC-Bass Source 1.3.0
    DirectVobSub 2.40.4209
    DivX Setup
    DS Clock
    EPSON Attach To Email
    EPSON Easy Photo Print
    Epson Easy Photo Print 2
    Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
    Epson Event Manager
    EPSON File Manager
    EPSON Print CD
    EPSON Printer Software
    EPSON Scan
    EPSON Scan Assistant
    EPSON SX235 Series Printer Uninstall
    EPSON Web-To-Page
    EpsonNet Print
    ESPR230 User's Guide
    EZRound
    ffdshow v1.1.4399 [2012-03-22]
    GIF Construction Set Professional 5
    GIF Construction Set Tutorial
    Google Chrome
    Google Update Helper
    Intel(R) Driver Update Utility 2.0
    Intel® Driver Update Utility
    Java 8 Update 31 (64-bit)
    Java Auto Updater
    Java SE Development Kit 7 Update 71
    Kaspersky Total Security
    LAME v3.99.3 (for Windows)
    Malwarebytes Anti-Malware version 2.0.4.1028
    Microsoft .NET Framework 4.5.2
    Microsoft ASP.NET MVC 4 Runtime
    Microsoft Expression Design 4
    Microsoft Expression Encoder 4
    Microsoft Expression Encoder 4 Screen Capture Codec
    Microsoft Expression Web 4
    Microsoft Expression Web 4 Service Pack 2
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office FrontPage 2003
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared 64-bit MUI (English) 2007
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
    Mozilla Firefox 34.0.5 (x86 en-GB)
    Mozilla Maintenance Service
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MyDefrag v4.3.1
    MyEpson Portal
    NetObjects Fusion 12.0
    NetObjects Fusion 8
    Network Guide EPSON SX235 Series
    NVIDIA Control Panel 347.52
    NVIDIA GeForce Experience 2.1.5
    NVIDIA GeForce Experience Service
    NVIDIA Graphics Driver 347.52
    NVIDIA HD Audio Driver 1.3.33.0
    NVIDIA Install Application
    NVIDIA LED Visualizer 1.0
    NVIDIA Network Service
    NVIDIA PhysX
    NVIDIA PhysX System Software 9.14.0702
    NVIDIA ShadowPlay 16.18.9
    NVIDIA Update 16.18.9
    NVIDIA Update Core
    NVIDIA Virtual Audio 1.2.27
    OpenSource Flash Video Splitter 1.0.0.5
    Opera Stable 27.0.1689.66
    PIF DESIGNER
    QuickTime 7
    Realtek USB 2.0 Card Reader
    Renesas Electronics USB 3.0 Host Controller Driver
    Samsung Drive Manager
    SAMSUNG Mobile Modem Driver Set
    Samsung Mobile phone USB driver Drive Software
    SAMSUNG Mobile USB Modem 1.0 Software
    SAMSUNG Mobile USB Modem Software
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft Expression Design 4 (KB2667730)
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition
    Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956097) 32-Bit Edition
    Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956098) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2920788) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2956099) 32-Bit Edition
    SHIELD Streaming
    SHIELD Wireless Controller Driver
    Skype Click to Call
    Skype™ 7.1
    Snagit 11
    Speccy
    TeamViewer 10
    TextPad 5
    TomTom HOME
    TomTom HOME Visual Studio Merge Modules
    TOSHIBA Web Camera Application
    TunnelBear
    UltraISO Premium V9.61
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2956096) 32-Bit Edition
    Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    User's Guide EPSON SX235 Series
    VC80CRTRedist - 8.0.50727.6195
    Visual Color Picker 2.6
    VSO Media Player 1.4.10.498
    WampServer 2.5
    WinRAR 5.11 (64-bit)
    Xvid Video Codec
    Your Uninstaller! 2010
    YTD Video Downloader 4.8.9
    .
    ==== Event Viewer Messages From Past Week ========
    .
    22/02/2015 14:41:45, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer service.
    22/02/2015 14:41:43, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
    22/02/2015 14:41:43, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
    22/02/2015 14:41:43, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
    22/02/2015 14:41:43, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
    22/02/2015 14:40:24, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
    22/02/2015 11:02:26, Error: KLIF [0] -
    22/02/2015 10:40:52, Error: Service Control Manager [7034] - The Kaspersky Anti-Virus Service 15.0.1 service terminated unexpectedly. It has done this 3 time(s).
    22/02/2015 10:40:52, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
    22/02/2015 10:40:42, Error: Service Control Manager [7031] - The Kaspersky Anti-Virus Service 15.0.1 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
    22/02/2015 10:38:31, Error: Service Control Manager [7031] - The Kaspersky Anti-Virus Service 15.0.1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
    21/02/2015 15:59:29, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
    21/02/2015 15:39:41, Error: Service Control Manager [7000] - The MBAMSwissArmy service failed to start due to the following error: The media is write protected.
    21/02/2015 09:10:50, Error: Schannel [36870] - A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
    .
    ==== End Of File ===========================
      My Computer


  5. Posts : 22
    Windows 7 Ultimate x64
    Thread Starter
       #15

    THIS IS THE FIRST PART OF FILE DDS.TXT

    S (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17631
    Run by User at 17:05:04 on 2015-02-22
    Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.4077.1788 [GMT 0:00]
    .
    AV: Kaspersky Total Security *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
    SP: Kaspersky Total Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky Total Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe
    C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    C:\Program Files (x86)\DS Clock\dsetime.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Windows\splwow64.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Program Files (x86)\EPSON\MyEpson Portal\mep.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
    C:\Program Files (x86)\DS Clock\dsclock.exe
    C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Windows\splwow64.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\CCleaner\CCleaner64.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    C:\Program Files (x86)\TeamViewer\tv_w32.exe
    C:\Program Files (x86)\TeamViewer\tv_x64.exe
    C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = Google
    uDefault_Page_URL = Google
    mStart Page = Google
    mWinlogon: Userinit = userinit.exe,
    BHO: Virtual Keyboard Plugin: {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Content Blocker Plugin: {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
    BHO: Safe Money Plugin: {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
    BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    BHO: EpsonToolBandKicker Class: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    TB: EPSON Web-To-Page: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    EB: F12 Developer Tools: {28BCCB9A-E66B-463C-82A4-09F320DE94D7} - C:\Program Files (x86)\Internet Explorer\F12Tools.dll
    uRun: [uTorrent] "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
    uRun: [DS Clock] "C:\Program Files (x86)\DS Clock\DSClock.exe"
    uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
    uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    mRun: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
    uPolicies-Explorer: NoThumbNailCache = dword:1
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    TCP: NameServer = 192.168.1.1 192.168.1.1
    TCP: Interfaces\{68BF3D7F-EC1D-42D9-8055-2C594E491CC4} : DHCPNameServer = 192.168.1.1 192.168.1.1
    TCP: Interfaces\{68BF3D7F-EC1D-42D9-8055-2C594E491CC4}\244584F6D65684572623D205233405 : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{68BF3D7F-EC1D-42D9-8055-2C594E491CC4}\4514C4B44514C4B4D2632444335343 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{95A7B048-25D9-4685-9014-9859C87ECF70} : DHCPNameServer = 8.8.8.8 8.8.4.4
    TCP: Interfaces\{CFF22607-6E39-47AC-8E25-A89C7FE20AF1} : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{CFF22607-6E39-47AC-8E25-A89C7FE20AF1}\35B4954443340314 : DHCPNameServer = 192.168.0.1
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    Handler: WSWSVCUchrome - <Clsid value has no data>
    AppInit_DLLs= hplun.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-mStart Page = Google
    x64-mDefault_Page_URL = Google
    x64-BHO: Virtual Keyboard Plugin: {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
    x64-BHO: Content Blocker Plugin: {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll
    x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
    x64-BHO: Safe Money Plugin: {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll
    x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
    x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
    x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
    x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    x64-IE: {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
    x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: WSWSVCUchrome - <Clsid value has no data>
    x64-SSODL: WebCheck - <orphaned>
    x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\hxobu0gl.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.safesearch.net/search?p=s&q={searchTerms}&m=ff&c=wi&s=wi
    FF - prefs.js: browser.search.selectedEngine - Search
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
    FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
    FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
    .
    ---- FIREFOX POLICIES ----
    .
    FF - user.js: plugin.state.npcontentblocker - 2
    FF - user.js: extensions.astrmndasr.hmpg - true
    FF - user.js: extensions.astrmndasr.hmpgUrl - hxxp://astromenda.com/?f=1&a=ast_ggfc_14_44_ch&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyEyC0AtB0CtCzy0EtA0AtAtN0D0Tzu0StCtDtAyEtN1L2X zutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBzztD0AtBzyzzyDtGtBtAzyyBtGyD0A0B0AtG zztCyE0DtGtDtBtDtDyC0CyBtAyB0F0Czy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyDyB0B0A0BzzyBtG0EyB0EzztGyE0E0CyDtG0A 0Czz0FtGyBzzyEtCtAzztBtAyB0F0Czy2Q&cr=695685010&ir=
    FF - user.js: extensions.astrmndasr.dfltSrch - true
    FF - user.js: extensions.astrmndasr.srchPrvdr - Astromenda
    FF - user.js: extensions.astrmndasr.dnsErr - true
    FF - user.js: extensions.astrmndasr_i.newTab - true
    FF - user.js: extensions.astrmndasr.newTabUrl - hxxp://astromenda.com/?f=2&a=ast_ggfc_14_44_ch&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyEyC0AtB0CtCzy0EtA0AtAtN0D0Tzu0StCtDtAyEtN1L2X zutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBzztD0AtBzyzzyDtGtBtAzyyBtGyD0A0B0AtG zztCyE0DtGtDtBtDtDyC0CyBtAyB0F0Czy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyDyB0B0A0BzzyBtG0EyB0EzztGyE0E0CyDtG0A 0Czz0FtGyBzzyEtCtAzztBtAyB0F0Czy2Q&cr=695685010&ir=
    FF - user.js: extensions.astrmndasr.tlbrSrchUrl - hxxp://astromenda.com/?f=3&a=ast_ggfc_14_44_ch&cd=2XzuyEtN2Y1L1Qzu0EtD0C0AzyyEyC0AtB0CtCzy0EtA0AtAtN0D0Tzu0StCtDtAyEtN1L2X zutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBzztD0AtBzyzzyDtGtBtAzyyBtGyD0A0B0AtG zztCyE0DtGtDtBtDtDyC0CyBtAyB0F0Czy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyDyB0B0A0BzzyBtG0EyB0EzztGyE0E0CyDtG0A 0Czz0FtGyBzzyEtCtAzztBtAyB0F0Czy2Q&cr=695685010&ir=&q=
    FF - user.js: extensions.astrmndasr.id - E0CA946A2C19E3A3
    FF - user.js: extensions.astrmndasr.instlDay - 16373
    FF - user.js: extensions.astrmndasr.vrsn -
    FF - user.js: extensions.astrmndasr.vrsni -
    FF - user.js: extensions.astrmndasr_i.vrsnTs - 15:50:59
    FF - user.js: extensions.astrmndasr.prtnrId - WSE_Astromenda
    FF - user.js: extensions.astrmndasr.prdct - astrmndasr
    FF - user.js: extensions.astrmndasr.aflt - ast_ggfc_14_44_ch
    FF - user.js: extensions.astrmndasr_i.smplGrp - none
    FF - user.js: extensions.astrmndasr.tlbrId -
    FF - user.js: extensions.astrmndasr.instlRef - 142905_b
    FF - user.js: extensions.astrmndasr.dfltLng -
    FF - user.js: extensions.astrmndasr.appId - {9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
    FF - user.js: extensions.astrmndasr.excTlbr - false
    FF - user.js: extensions.astrmndasr.cr - 695685010
    FF - user.js: extensions.astrmndasr.cd - 2XzuyEtN2Y1L1Qzu0EtD0C0AzyyEyC0AtB0CtCzy0EtA0AtAtN0D0Tzu0StCtDtAyEtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyE tBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBzztD0AtBzyzzyDtGtBtAzyyBtGyD0A0B0AtGzztCyE0DtGtDtBtDtDyC0CyBtAyB 0F0Czy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyDyB0B0A0BzzyBtG0EyB0EzztGyE0E0CyDtG0A0Czz0FtGyBzzyEtCtAzztBtAyB0F 0Czy2Q
    FF - user.js: extensions.astrmndasr.AL - 4
    .
    FF - user.js: plugin.state.nponlinebanking - 2
    .
    FF - user.js: plugin.state.npvkplugin - 2
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 bcfnt;bcfnt;C:\Windows\System32\drivers\bcfnt.sys [2013-7-2 179392]
    R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);C:\Windows\System32\drivers\cm_km_w.sys [2013-1-14 238288]
    R0 fsh;fsh;C:\Windows\System32\drivers\fsh.sys [2013-7-2 68800]
    R1 BC_3DES;BC_3DES;C:\Windows\System32\drivers\bc_3des.sys [2013-7-2 34408]
    R1 BC_BF128;BC_BF128;C:\Windows\System32\drivers\bc_bf128.sys [2013-7-2 30824]
    R1 BC_BF448;BC_BF448;C:\Windows\System32\drivers\bc_bf448.sys [2013-7-2 30824]
    R1 BC_BFish;BC_BFish;C:\Windows\System32\drivers\bc_bfish.sys [2013-7-2 30824]
    R1 BC_CAST;BC_CAST;C:\Windows\System32\drivers\bc_cast.sys [2013-7-2 37480]
    R1 BC_DES;BC_DES;C:\Windows\System32\drivers\bc_des.sys [2013-7-2 33896]
    R1 BC_Gost;BC_Gost;C:\Windows\System32\drivers\bc_gost.sys [2013-7-2 25704]
    R1 BC_IDEA;BC_IDEA;C:\Windows\System32\drivers\bc_idea.sys [2013-7-2 27752]
    R1 BC_RC6;BC_RC6;C:\Windows\System32\drivers\bc_rc6.sys [2013-7-2 30312]
    R1 BC_RIJN;BC_RIJN;C:\Windows\System32\drivers\bc_rijn.sys [2013-7-2 51304]
    R1 BC_SERP;BC_SERP;C:\Windows\System32\drivers\bc_serp.sys [2013-7-2 36968]
    R1 BC_TFISH;BC_TFISH;C:\Windows\System32\drivers\bc_tfish.sys [2013-7-2 34408]
    R1 bcbus;BestCrypt bus driver;C:\Windows\System32\drivers\bcbus.sys [2013-7-2 78440]
    R1 klhk;klhk;C:\Windows\System32\drivers\klhk.sys [2015-2-22 245960]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2014-10-10 30920]
    R1 klpd;klpd;C:\Windows\System32\drivers\klpd.sys [2013-4-12 15456]
    R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2014-10-9 57032]
    R1 Klwtp;Klwtp;C:\Windows\System32\drivers\klwtp.sys [2014-11-22 77000]
    R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2014-11-10 181960]
    R1 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2015-2-19 93400]
    R2 AVP15.0.2;Kaspersky Anti-Virus Service 15.0.2;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe [2014-12-23 193400]
    R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
    R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
    R2 DSClockSyncTime;DS Clock Synchronization Service www.dualitysoft.com;C:\Program Files (x86)\DS Clock\dsetime.exe [2014-9-19 62264]
    R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-9-20 1148560]
    R2 kldisk;kldisk;C:\Windows\System32\drivers\kldisk.sys [2014-8-19 47112]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-2-19 1871160]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-2-19 969016]
    R2 MyEpson Portal Service;MyEpson Portal Service;C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [2011-9-16 703584]
    R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-9-20 1701520]
    R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-9-20 19823248]
    R2 TeamViewer;TeamViewer 10;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-12-17 5427472]
    R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-12-19 93040]
    R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\Windows\System32\drivers\btfilter.sys [2010-10-18 42096]
    R3 klflt;Kaspersky Lab Kernel DLL;C:\Windows\System32\drivers\klflt.sys [2015-2-22 151240]
    R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2014-10-30 30920]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-8-8 29280]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-2-19 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-2-19 129752]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-2-19 63704]
    TEXT CUT OF DDS.TXT HERE TO REDUCE SIZE OF FILE. 1
      My Computer


  6. Posts : 22
    Windows 7 Ultimate x64
    Thread Starter
       #16

    SECOND PART OF TEXT CONTINUED HERE OF DDC.TXT TO REDUCE SIZE OF FILE.

    R3 mhk;mhk;C:\Windows\System32\drivers\mhk.sys [2013-7-2 17472]

    R3 moh;moh;C:\Windows\System32\drivers\moh.sys [2013-7-2 13376]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
    R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-9-20 19600]
    R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-1-17 38032]
    R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2014-9-17 38096]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
    R3 tap-tb-0901;TunnelBear Adapter V9;C:\Windows\System32\drivers\tap-tb-0901.sys [2014-10-14 38656]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-1-2 315488]
    S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-2-14 114688]
    S3 mdf16;mdf16;C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [2014-12-27 20400]
    S3 mvd23;mvd23;C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [2014-12-27 99248]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-9-17 250984]
    S3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTWlanU.sys [2014-4-6 1362576]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
    S3 wampapache64;wampapache64;C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [2014-9-26 24576]
    S3 wampmysqld64;wampmysqld64;c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64 --> c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64 [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-2-15 1255736]
    S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
    S4 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
    S4 SZDrvSvc;Samsung Drive Manager Service;C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [2014-12-27 18432]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: Applications\notepad++.exe - HKCR\Unknown\Shell=C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,OpenAs_RunDLL %1 [UserChoice] [default=openas]
    FileExt: .chm: chm.file="C:\Windows\hh.exe" %1 [UserChoice]
    ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
    .
    =============== Created Last 30 ================
    .
    2015-02-22 11:03:17 110176 ----a-w- C:\Windows\System32\klfphc.dll
    2015-02-22 11:02:27 -------- d-----w- C:\Windows\ELAMBKUP
    2015-02-22 11:02:26 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
    2015-02-22 11:01:57 245960 ----a-w- C:\Windows\System32\drivers\klhk.sys
    2015-02-22 11:01:57 151240 ----a-w- C:\Windows\System32\drivers\klflt.sys
    2015-02-20 10:38:51 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{74972EBD-C7B2-43E2-8F53-671193007E77}\offreg.dll
    2015-02-20 07:00:58 11910896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{74972EBD-C7B2-43E2-8F53-671193007E77}\mpengine.dll
    2015-02-19 08:30:55 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2015-02-19 08:30:39 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2015-02-19 08:30:39 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2015-02-19 08:30:39 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2015-02-19 08:30:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-02-16 19:43:00 950272 ----a-w- C:\Windows\System32\perftrack.dll
    2015-02-16 19:43:00 91136 ----a-w- C:\Windows\System32\wdi.dll
    2015-02-16 19:43:00 76800 ----a-w- C:\Windows\SysWow64\wdi.dll
    2015-02-16 19:43:00 29696 ----a-w- C:\Windows\System32\powertracker.dll
    2015-02-15 18:20:56 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
    2015-02-15 11:02:39 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
    2015-02-15 11:02:39 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2015-02-15 11:02:39 6041600 ----a-w- C:\Windows\System32\jscript9.dll
    2015-02-15 11:02:39 4300800 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2015-02-15 07:40:11 406528 ----a-w- C:\Windows\System32\scesrv.dll
    2015-02-15 07:40:11 308224 ----a-w- C:\Windows\SysWow64\scesrv.dll
    2015-02-15 07:40:01 5554112 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2015-02-15 07:40:01 503808 ----a-w- C:\Windows\System32\srcore.dll
    2015-02-15 07:40:01 3972544 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2015-02-15 07:40:01 3917760 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2015-02-15 07:40:01 296960 ----a-w- C:\Windows\System32\rstrui.exe
    2015-02-15 07:40:00 50176 ----a-w- C:\Windows\System32\srclient.dll
    2015-02-15 07:40:00 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
    2015-02-15 07:19:05 -------- d-----w- C:\Windows\SysWow64\Wat
    2015-02-15 07:19:05 -------- d-----w- C:\Windows\System32\Wat
    2015-02-14 15:27:59 10949120 ----a-w- C:\Program Files\Internet Explorer\F12Resources.dll
    2015-02-14 13:53:00 3201536 ----a-w- C:\Windows\System32\win32k.sys
    2015-02-13 22:01:21 -------- d-----w- C:\Program Files (x86)\SearchProtect
    2015-02-13 16:08:25 -------- d-----w- C:\!!k
    2015-02-13 09:30:45 -------- d-----w- C:\Kaspersky Kavremover
    2015-02-08 19:16:09 -------- d-----w- C:\Program Files (x86)\Microsoft Expression
    2015-02-08 13:32:57 -------- d-----w- C:\Program Files (x86)\Visual Color Picker 2
    2015-02-07 16:54:58 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
    2015-02-07 15:29:10 -------- d-----w- C:\Expression Web4
    2015-02-07 10:22:20 -------- d-----w- C:\!!Airpets
    2015-01-29 21:37:41 -------- d-----w- C:\Program Files\Unlocker
    2015-01-29 16:37:41 -------- d-----w- C:\Windows\pss
    2015-01-26 19:36:32 -------- d-----w- C:\Users\User\AppData\Local\Clarus
    2015-01-26 11:51:35 129752 ----a-w- C:\Windows\System32\drivers\172F23E3.sys
    .
    ==================== Find3M ====================
    .
    2015-02-05 19:07:04 6861128 ----a-w- C:\Windows\System32\nvcpl.dll
    2015-02-05 19:07:03 3517584 ----a-w- C:\Windows\System32\nvsvc64.dll
    2015-02-05 19:07:00 935056 ----a-w- C:\Windows\System32\nvvsvc.exe
    2015-02-05 19:07:00 62792 ----a-w- C:\Windows\System32\nvshext.dll
    2015-02-05 19:07:00 2558792 ----a-w- C:\Windows\System32\nvsvcr.dll
    2015-02-05 19:06:59 385168 ----a-w- C:\Windows\System32\nvmctray.dll
    2015-02-05 12:50:11 4236870 ----a-w- C:\Windows\System32\nvcoproc.bin
    2015-01-30 14:38:46 2828 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys
    2015-01-23 11:27:24 129752 ----a-w- C:\Windows\System32\drivers\1F8B2670.sys
    2015-01-22 15:39:31 129752 ----a-w- C:\Windows\System32\drivers\029619CF.sys
    2015-01-21 23:03:42 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
    2015-01-15 08:14:17 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2015-01-15 08:14:16 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2015-01-15 08:09:58 29184 ----a-w- C:\Windows\System32\sspisrv.dll
    2015-01-15 08:09:58 136192 ----a-w- C:\Windows\System32\sspicli.dll
    2015-01-15 08:09:57 28160 ----a-w- C:\Windows\System32\secur32.dll
    2015-01-15 08:09:51 1461760 ----a-w- C:\Windows\System32\lsasrv.dll
    2015-01-15 08:09:15 31232 ----a-w- C:\Windows\System32\lsass.exe
    2015-01-15 08:08:59 64000 ----a-w- C:\Windows\System32\auditpol.exe
    2015-01-15 08:06:22 60416 ----a-w- C:\Windows\System32\msobjs.dll
    2015-01-15 08:06:11 146432 ----a-w- C:\Windows\System32\msaudite.dll
    2015-01-15 08:04:23 686080 ----a-w- C:\Windows\System32\adtschema.dll
    2015-01-15 07:42:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2015-01-15 07:42:05 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
    2015-01-15 07:41:53 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2015-01-15 07:39:53 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
    2015-01-15 07:39:36 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
    2015-01-15 07:37:55 686080 ----a-w- C:\Windows\SysWow64\adtschema.dll
    2015-01-15 04:22:18 458824 ----a-w- C:\Windows\System32\drivers\cng.sys
    2015-01-13 04:15:56 1540240 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
    2015-01-13 03:10:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
    2015-01-13 02:49:19 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
    2015-01-12 03:05:32 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2015-01-12 03:05:19 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2015-01-12 02:49:42 66560 ----a-w- C:\Windows\System32\iesetup.dll
    2015-01-12 02:48:57 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2015-01-12 02:48:52 584192 ----a-w- C:\Windows\System32\vbscript.dll
    2015-01-12 02:47:25 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
    2015-01-12 02:34:42 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
    2015-01-12 02:34:30 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2015-01-12 02:25:28 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2015-01-12 02:21:19 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2015-01-12 02:13:27 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2015-01-12 02:08:09 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2015-01-12 02:07:51 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2015-01-12 02:07:06 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2015-01-12 02:05:36 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
    2015-01-12 01:55:47 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2015-01-12 01:46:29 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
    2015-01-12 01:46:00 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
    2015-01-12 01:40:43 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2015-01-12 01:27:32 2358272 ----a-w- C:\Windows\System32\wininet.dll
    2015-01-12 01:23:09 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2015-01-12 01:22:17 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
    2015-01-12 01:00:17 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
    2015-01-10 08:07:47 1895240 ----a-w- C:\Windows\System32\nvdispco6434725.dll
    2015-01-10 08:07:47 1556808 ----a-w- C:\Windows\System32\nvdispgenco6434725.dll
    2015-01-10 06:48:22 210944 ----a-w- C:\Windows\System32\wdigest.dll
    2015-01-10 06:48:19 86528 ----a-w- C:\Windows\System32\TSpkg.dll
    2015-01-10 06:48:17 341504 ----a-w- C:\Windows\System32\schannel.dll
    2015-01-10 06:48:13 309760 ----a-w- C:\Windows\System32\ncrypt.dll
    2015-01-10 06:48:12 314880 ----a-w- C:\Windows\System32\msv1_0.dll
    2015-01-10 06:48:10 728064 ----a-w- C:\Windows\System32\kerberos.dll
    2015-01-10 06:48:05 22016 ----a-w- C:\Windows\System32\credssp.dll
    2015-01-10 06:27:54 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
    2015-01-10 06:27:51 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
    2015-01-10 06:27:47 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
    2015-01-10 06:27:44 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2015-01-10 06:27:43 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
    2015-01-10 06:27:39 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
    2015-01-10 06:27:32 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
    2015-01-07 14:34:34 129752 ----a-w- C:\Windows\System32\drivers\6FF4541B.sys
    2015-01-05 16:58:21 129752 ----a-w- C:\Windows\System32\drivers\3CA2317C.sys
    2015-01-04 14:30:22 129752 ----a-w- C:\Windows\System32\drivers\5206667E.sys
    2014-12-28 11:57:35 129752 ----a-w- C:\Windows\System32\drivers\11A31DED.sys
    2014-12-27 15:11:32 99384 ----a-w- C:\Users\User\AppData\Roaming\inst.exe
    2014-12-27 15:11:32 82816 ----a-w- C:\Windows\System32\drivers\pcouffin.sys
    2014-12-27 15:11:32 82816 ----a-w- C:\Users\User\AppData\Roaming\pcouffin.sys
    2014-12-27 14:35:53 129752 ----a-w- C:\Windows\System32\drivers\6CC22709.sys
    2014-12-24 12:43:08 129752 ----a-w- C:\Windows\System32\drivers\35A138F4.sys
    2014-12-23 00:41:02 298120 ------w- C:\Windows\System32\MpSigStub.exe
    2014-12-20 10:34:17 129752 ----a-w- C:\Windows\System32\drivers\37881DCE.sys
    2014-12-19 03:06:55 210432 ----a-w- C:\Windows\System32\profsvc.dll
    2014-12-19 01:46:45 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
    2014-12-13 10:08:08 1895056 ----a-w- C:\Windows\System32\nvdispco6434709.dll
    2014-12-13 10:08:08 1556624 ----a-w- C:\Windows\System32\nvdispgenco6434709.dll
    2014-12-13 09:39:24 129752 ----a-w- C:\Windows\System32\drivers\4DAA50DE.sys
    2014-12-13 00:12:24 2210040 ----a-w- C:\Windows\SysWow64\nvspcap.dll
    2014-12-13 00:12:24 1291464 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
    2014-12-13 00:12:12 2824504 ----a-w- C:\Windows\System32\nvspcap64.dll
    2014-12-13 00:12:12 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
    2014-12-12 05:31:39 1480192 ----a-w- C:\Windows\System32\crypt32.dll
    2014-12-12 05:07:26 1174528 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2014-12-11 17:47:12 52736 ----a-w- C:\Windows\System32\TSWbPrxy.exe
    2014-12-06 04:17:27 303616 ----a-w- C:\Windows\System32\nlasvc.dll
    2014-12-06 03:50:19 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
    2014-12-06 03:50:18 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
    2014-11-26 03:53:59 861696 ----a-w- C:\Windows\System32\oleaut32.dll
    2014-11-26 03:32:05 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
    .
    ============= FINISH: 17:06:31.86 ===============
      My Computer


  7. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #17

    Download Combofix from any of the links below, and save it to your desktop.<--Important
    Link 1
    Link 2
    Link 3

    Click on this link Here to see a list of programs that should be disabled.
    The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
    Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
    Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
    This includes Antivirus, Firewall, and any Spyware scanners that run in the background.
    • Double click combofix.exe and follow the prompts.
    • When finished, it will produce a log for you. Post that log.
    Note: Do not mouseclick combofix's window while its running. That may cause it to stall
    Please be patient while the scan runs, at times it may appear to stall.
    When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
    Post this log in your next reply.
      My Computer


  8. Posts : 22
    Windows 7 Ultimate x64
    Thread Starter
       #18

    Only had chance to use combofix today. I followed your instructions. A Blue box appeared
    and went through the 50 stages then another blue box appeared which said it was creating
    a combofix.txt log file nothing happened for 5 to 6 minutes I turned my back to do a few things
    and when I looked again the blue box had gone so I looked for the log file on the desk top
    it was not there I moved the mouse to see if it was in the download folder..THE MOUSE WAS FROZEN.

    I had to reboot. I tried to run the file again but a msg said the date was the 25th It appears the file has either a one time use or a time limit on it ? I downloaded from the link again and got the time expired msg again ?
      My Computer


  9. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #19

    Click on Computer and then look in C:\
    See if the .txt log is there.
      My Computer


  10. Posts : 22
    Windows 7 Ultimate x64
    Thread Starter
       #20

    No combofix.txt there.

    I even did a search for it in the "search programs and files"

    Shall I try another download and try again or will I get the same result ?
      My Computer


 
Page 2 of 3 FirstFirst 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 08:10.
Find Us