Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#96 analyze this log inside not sure what any of it means i think i may have an infection

v1.0_(example)
closed
None
6
2013-08-19
2013-08-05
AoiAoi
No

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:58:56 PM, on 8/4/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)

FIREFOX: 22.0 (en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\windows\syswow64\wwahost.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\wilkerson PC\AppData\Local\Temp\HouseCall32\housecall.bin
C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\wilkerson PC\Downloads\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe"
O4 - HKLM..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.aeriagames.com
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll, C:\Program Files (x86)\NVIDIA Corporation\NVSTRE~1\rxinput.dll,C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: ExpressCache - Condusiv Technologies - C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Trend Micro RUBotted Service (RUBotSrv) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12455 bytes

1 Attachments

Discussion

    • status: open --> pending
     
  • Hi,

    I don't see anything suspicious based on the log attached. Please can you explain what makes you think you are infected?

     
  • AoiAoi
    AoiAoi
    2013-08-05

    ComboFix 13-07-27.01 - wilkerson PC 07/29/2013 21:41:54.1.8 - x64
    Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.7894.5523 [GMT -5:00]
    Running from: c:\users\wilkerson PC\Downloads\ComboFix.exe
    AV: Kaspersky Internet Security Disabled/Updated {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
    AV: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky Internet Security Disabled {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
    SP: Kaspersky Internet Security Disabled/Updated {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
    SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\Roaming
    c:\users\wilkerson PC\AppData\Local\assembly\tmp
    c:\users\wilkerson PC\AppData\Roaming\inst.exe
    c:\users\wilkerson PC\AppData\Roaming\poclbm
    c:\users\wilkerson PC\AppData\Roaming\poclbm\poclbm.ini
    c:\users\wilkerson PC\AppData\Roaming\vso_ts_preview.xml
    D:\Autorun.inf
    .
    .
    ((((((((((((((((((((((((( Files Created from 2013-06-28 to 2013-07-30 )))))))))))))))))))))))))))))))
    .
    .
    2013-07-30 02:26 . 2013-07-30 02:26 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
    2013-07-30 02:18 . 2013-07-30 02:18 -------- d-----w- c:\windows\ERUNT
    2013-07-30 01:49 . 2013-07-30 01:49 -------- d-----w- C:\FRST
    2013-07-30 01:16 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-07-29 18:37 . 2013-07-29 18:37 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-07-29 18:37 . 2013-07-29 18:37 -------- d-----w- c:\program files (x86)\Java
    2013-07-24 21:48 . 2013-07-24 21:48 -------- d-----w- c:\windows\SysWow64\NV
    2013-07-24 21:48 . 2013-07-24 21:48 -------- d-----w- c:\windows\system32\NV
    2013-07-24 21:48 . 2013-07-13 19:49 6598432 ----a-w- c:\windows\system32\nvcpl.dll
    2013-07-24 21:48 . 2013-07-13 19:49 3447072 ----a-w- c:\windows\system32\nvsvc64.dll
    2013-07-24 21:48 . 2013-07-13 19:48 911136 ----a-w- c:\windows\system32\nvvsvc.exe
    2013-07-24 21:48 . 2013-07-13 19:48 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
    2013-07-24 21:48 . 2013-07-13 19:48 63776 ----a-w- c:\windows\system32\nvshext.dll
    2013-07-24 21:48 . 2013-07-13 19:48 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
    2013-07-24 21:48 . 2013-07-13 19:48 219424 ----a-w- c:\windows\system32\nvmctray.dll
    2013-07-24 21:48 . 2013-07-13 19:48 1042208 ----a-w- c:\windows\system32\nv3dappshext.dll
    2013-07-24 21:48 . 2013-07-13 19:48 3274475 ----a-w- c:\windows\system32\nvcoproc.bin
    2013-07-24 20:38 . 2013-07-24 20:38 -------- d-----w- c:\programdata\Nexon
    2013-07-18 04:59 . 2013-07-18 04:59 -------- d-----w- c:\program files\WinRAR
    2013-07-13 01:47 . 2013-07-13 01:47 -------- d-----w- c:\windows\SysWow64\Adobe
    2013-07-12 00:11 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-07-12 00:11 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2013-07-10 07:35 . 2013-07-10 07:35 -------- d-----w- c:\program files\Microsoft Silverlight
    2013-07-10 07:35 . 2013-07-10 07:35 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
    2013-07-10 04:39 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
    2013-07-10 04:39 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
    2013-07-10 04:39 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
    2013-07-10 04:39 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
    2013-07-10 04:39 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
    2013-07-10 04:39 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
    2013-07-10 04:39 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
    2013-07-10 04:39 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
    2013-07-10 04:39 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
    2013-07-09 21:18 . 2013-07-09 21:18 -------- d-----w- c:\users\wilkerson PC\AppData\Roaming\Rogue Legacy
    2013-07-09 21:17 . 2013-07-09 21:17 -------- d-----w- c:\program files (x86)\Microsoft XNA
    2013-07-08 00:43 . 2013-07-09 04:11 -------- d-----w- c:\users\wilkerson PC\AppData\Roaming\Ventrilo
    2013-07-08 00:38 . 2013-07-08 00:38 -------- d-----w- c:\program files\Ventrilo
    2013-07-08 00:35 . 2013-07-08 00:35 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
    2013-07-04 21:24 . 2013-07-04 21:24 -------- d-----w- c:\users\wilkerson PC\AppData\Local\Funcom
    2013-07-04 21:23 . 2013-07-04 21:23 -------- d-----w- c:\programdata\media center programs
    2013-07-04 21:23 . 2013-07-04 21:23 -------- d-----w- c:\program files (x86)\Funcom
    2013-07-04 18:10 . 2013-07-04 18:10 -------- d-----w- c:\programdata\vsosdk
    2013-07-04 17:51 . 2013-07-04 17:51 82816 ----a-w- c:\windows\system32\drivers\pcouffin.sys
    2013-07-04 17:51 . 2013-07-04 17:51 82816 ----a-w- c:\users\wilkerson PC\AppData\Roaming\pcouffin.sys
    2013-07-04 17:51 . 2013-07-04 18:46 -------- d-----w- c:\users\wilkerson PC\AppData\Roaming\Vso
    2013-07-04 17:51 . 2007-03-19 01:37 65602 ----a-w- c:\windows\SysWow64\cook3260.dll
    2013-07-04 17:51 . 2006-09-29 17:26 176165 ----a-w- c:\windows\SysWow64\drv23260.dll
    2013-07-04 17:51 . 2006-09-29 17:25 208935 ----a-w- c:\windows\SysWow64\drv33260.dll
    2013-07-04 17:51 . 2006-09-29 17:24 217127 ----a-w- c:\windows\SysWow64\drv43260.dll
    2013-07-04 17:51 . 2006-05-20 21:16 1184984 ----a-w- c:\windows\SysWow64\wvc1dmod.dll
    2013-07-04 17:51 . 2006-05-12 00:21 626688 ----a-w- c:\windows\SysWow64\vp7vfw.dll
    2013-07-04 17:51 . 2004-05-04 16:53 1645320 ----a-w- c:\windows\gdiplus.dll
    2013-07-04 17:51 . 2013-07-04 17:51 -------- d-----w- c:\program files (x86)\VSO
    2013-07-02 19:12 . 2013-07-02 19:12 -------- d-----w- c:\users\wilkerson PC\AppData\Local\NVIDIA
    2013-07-02 12:28 . 2013-07-02 12:28 -------- d-----w- c:\users\UpdatusUser
    2013-07-02 12:27 . 2013-07-02 12:27 -------- d-----w- c:\program files (x86)\AGEIA Technologies
    2013-07-02 12:27 . 2013-07-24 21:48 -------- d-----w- c:\programdata\NVIDIA
    2013-07-02 12:26 . 2013-07-24 21:47 -------- d-----w- c:\programdata\NVIDIA Corporation
    2013-06-30 20:17 . 2013-06-30 20:17 -------- d-----w- c:\users\wilkerson PC\AppData\Roaming\SUPERAntiSpyware.com
    2013-06-30 20:17 . 2013-06-30 20:50 -------- d-----w- c:\program files\SUPERAntiSpyware
    2013-06-30 20:17 . 2013-06-30 20:17 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-07-29 18:37 . 2013-05-03 19:13 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
    2013-07-29 18:37 . 2013-05-03 19:13 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2013-07-10 07:38 . 2013-02-10 16:10 78185248 ----a-w- c:\windows\system32\MRT.exe
    2013-05-30 23:24 . 2013-06-15 04:33 1257472 ----a-w- c:\windows\system32\kernel32.dll
    2013-05-23 23:01 . 2013-06-15 04:33 1300992 ----a-w- c:\windows\system32\gdi32.dll
    2013-05-23 22:27 . 2013-06-15 04:33 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll
    2013-05-15 22:37 . 2013-06-12 03:37 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
    2013-05-15 22:35 . 2013-06-12 03:37 53760 ----a-w- c:\windows\system32\UXInit.dll
    2013-05-15 22:35 . 2013-06-18 20:25 144384 ----a-w- c:\windows\system32\tssdisai.dll
    2013-05-15 02:25 . 2013-06-15 04:32 888320 ----a-w- c:\windows\system32\autochk.exe
    2013-05-15 02:25 . 2013-06-15 04:32 542208 ----a-w- c:\windows\system32\untfs.dll
    2013-05-15 02:24 . 2013-06-15 04:32 793088 ----a-w- c:\windows\SysWow64\autochk.exe
    2013-05-15 02:24 . 2013-06-15 04:32 482816 ----a-w- c:\windows\SysWow64\untfs.dll
    2013-05-14 13:14 . 2013-06-12 03:37 2706432 ----a-w- c:\windows\system32\mshtml.tlb
    2013-05-14 09:23 . 2013-06-12 03:37 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2013-05-09 15:56 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2013-05-04 07:58 . 2013-06-14 20:22 120736 ----a-w- c:\windows\system32\AuthHost.exe
    2013-05-04 07:34 . 2013-06-14 20:22 446720 ----a-w- c:\windows\system32\drivers\USBHUB3.SYS
    2013-05-04 07:34 . 2013-06-14 20:22 284416 ----a-w- c:\windows\system32\drivers\spaceport.sys
    2013-05-04 07:30 . 2013-06-14 20:22 58312 ----a-w- c:\windows\system32\wuauclt.exe
    2013-05-04 06:59 . 2013-06-14 20:21 39424 ----a-w- c:\windows\system32\wuapp.exe
    2013-05-04 06:59 . 2013-06-14 20:22 1483776 ----a-w- c:\windows\system32\VSSVC.exe
    2013-05-04 06:59 . 2013-06-14 20:22 812544 ----a-w- c:\windows\system32\Magnify.exe
    2013-05-04 06:59 . 2013-06-14 20:21 251904 ----a-w- c:\windows\system32\WUSettingsProvider.dll
    2013-05-04 06:59 . 2013-06-14 20:21 141824 ----a-w- c:\windows\system32\wuwebv.dll
    2013-05-04 06:59 . 2013-06-14 20:21 98304 ----a-w- c:\windows\system32\wudriver.dll
    2013-05-04 06:59 . 2013-06-14 20:22 3241472 ----a-w- c:\windows\system32\wuaueng.dll
    2013-05-04 06:59 . 2013-06-14 20:22 760320 ----a-w- c:\windows\system32\wuapi.dll
    2013-05-04 06:59 . 2013-06-14 20:22 1619968 ----a-w- c:\windows\system32\wucltux.dll
    2013-05-04 06:59 . 2013-06-14 20:22 13644288 ----a-w- c:\windows\system32\Windows.UI.Xaml.dll
    2013-05-04 06:58 . 2013-06-14 20:22 10116096 ----a-w- c:\windows\system32\twinui.dll
    2013-05-04 06:58 . 2013-06-14 20:22 328192 ----a-w- c:\windows\system32\ubpm.dll
    2013-05-04 06:58 . 2013-06-14 20:22 1332736 ----a-w- c:\windows\system32\sysmain.dll
    2013-05-04 06:58 . 2013-06-14 20:21 173568 ----a-w- c:\windows\system32\storewuauth.dll
    2013-05-04 06:58 . 2013-06-14 20:22 330240 ----a-w- c:\windows\system32\stobject.dll
    2013-05-04 06:58 . 2013-06-14 20:22 93696 ----a-w- c:\windows\system32\psmsrv.dll
    2013-05-04 06:58 . 2013-06-14 20:22 470528 ----a-w- c:\windows\system32\netprofmsvc.dll
    2013-05-04 06:58 . 2013-06-14 20:22 151552 ----a-w- c:\windows\system32\netprofm.dll
    2013-05-04 06:58 . 2013-06-14 20:22 169984 ----a-w- c:\windows\system32\netplwiz.dll
    2013-05-04 06:57 . 2013-06-14 20:21 17408 ----a-w- c:\windows\system32\muifontsetup.dll
    2013-05-04 06:57 . 2013-06-14 20:22 560640 ----a-w- c:\windows\system32\mfmp4srcsnk.dll
    2013-05-04 06:57 . 2013-06-14 20:22 501760 ----a-w- c:\windows\system32\DevicePairing.dll
    2013-05-04 06:57 . 2013-06-14 20:21 179712 ----a-w- c:\windows\system32\bisrv.dll
    2013-05-04 06:57 . 2013-06-14 20:21 122368 ----a-w- c:\windows\system32\biwinrt.dll
    2013-05-04 06:57 . 2013-06-14 20:22 2305024 ----a-w- c:\windows\system32\authui.dll
    2013-05-04 06:57 . 2013-06-14 20:22 389120 ----a-w- c:\windows\system32\BCP47Langs.dll
    2013-05-04 06:57 . 2013-06-14 20:22 1131520 ----a-w- c:\windows\system32\AppXDeploymentServer.dll
    2013-05-04 06:57 . 2013-06-14 20:22 708096 ----a-w- c:\windows\system32\AppXDeploymentExtensions.dll
    2013-05-04 06:56 . 2013-06-14 20:22 419840 ----a-w- c:\windows\system32\intl.cpl
    2013-05-04 04:58 . 2013-06-14 20:21 34304 ----a-w- c:\windows\SysWow64\wuapp.exe
    2013-05-04 04:58 . 2013-06-14 20:22 758784 ----a-w- c:\windows\SysWow64\Magnify.exe
    2013-05-04 04:58 . 2013-06-14 20:21 125952 ----a-w- c:\windows\SysWow64\wuwebv.dll
    2013-05-04 04:58 . 2013-06-14 20:21 83968 ----a-w- c:\windows\SysWow64\wudriver.dll
    2013-05-04 04:58 . 2013-06-14 20:22 621056 ----a-w- c:\windows\SysWow64\wuapi.dll
    2013-05-04 04:57 . 2013-06-14 20:22 10788864 ----a-w- c:\windows\SysWow64\Windows.UI.Xaml.dll
    2013-05-04 04:57 . 2013-06-14 20:22 8857088 ----a-w- c:\windows\SysWow64\twinui.dll
    2013-05-04 04:57 . 2013-06-14 20:22 247296 ----a-w- c:\windows\SysWow64\ubpm.dll
    2013-05-04 04:57 . 2013-06-14 20:22 303616 ----a-w- c:\windows\SysWow64\stobject.dll
    2013-05-04 04:57 . 2013-06-14 20:21 18432 ----a-w- c:\windows\SysWow64\npmproxy.dll
    2013-05-04 04:57 . 2013-06-14 20:22 151040 ----a-w- c:\windows\SysWow64\netplwiz.dll
    2013-05-04 04:57 . 2013-06-14 20:22 115712 ----a-w- c:\windows\SysWow64\netprofm.dll
    2013-05-04 04:57 . 2013-06-14 20:21 14336 ----a-w- c:\windows\SysWow64\muifontsetup.dll
    2013-05-04 04:56 . 2013-06-14 20:21 411136 ----a-w- c:\windows\SysWow64\mfmp4srcsnk.dll
    2013-05-04 04:56 . 2013-06-14 20:22 449536 ----a-w- c:\windows\SysWow64\DevicePairing.dll
    2013-05-04 04:56 . 2013-06-14 20:21 92160 ----a-w- c:\windows\SysWow64\biwinrt.dll
    2013-05-04 04:56 . 2013-06-14 20:22 2035712 ----a-w- c:\windows\SysWow64\authui.dll
    2013-05-04 04:56 . 2013-06-14 20:21 309760 ----a-w- c:\windows\SysWow64\BCP47Langs.dll
    2013-05-04 04:55 . 2013-06-14 20:21 389632 ----a-w- c:\windows\SysWow64\intl.cpl
    2013-05-04 04:51 . 2013-06-14 20:22 14848 ----a-w- c:\windows\system32\rars.rs
    2013-05-04 04:47 . 2013-06-14 20:22 427520 ----a-w- c:\windows\system32\drivers\rdbss.sys
    2013-05-04 04:10 . 2013-06-14 20:22 14848 ----a-w- c:\windows\SysWow64\rars.rs
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    Note empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-02-09 3093624]
    "uTorrent"="c:\users\wilkerson PC\AppData\Roaming\uTorrent\uTorrent.exe" [2013-07-02 802136]
    "Akamai NetSession Interface"="c:\users\wilkerson PC\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]
    "Spotify"="c:\users\wilkerson PC\AppData\Roaming\Spotify\Spotify.exe" [2013-07-13 4640768]
    "Spotify Web Helper"="c:\users\wilkerson PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-07-13 1104384]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-06-30 5622512]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
    "Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-07-13 155488]
    "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" [2013-02-10 24504]
    "CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-09-27 1279120]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "PromptOnSecureDesktop"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "EnableCursorSuppression"= 1 (0x1)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    R0 klelam;klelam;c:\windows\system32\DRIVERS\klelam.sys;c:\windows\SYSNATIVE\DRIVERS\klelam.sys [x]
    R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
    R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
    R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
    R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
    R3 SBIOSIO;SBIOSIO;c:\windows\Temp\SBIOSIO64.SYS;c:\windows\Temp\SBIOSIO64.SYS [x]
    R3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;c:\windows\System32\drivers\xusb22.sys;c:\windows\SYSNATIVE\drivers\xusb22.sys [x]
    R4 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
    R4 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
    R4 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
    R4 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
    R4 SWUpdateService;SW Update Service;c:\program files (x86)\Samsung\SW Update\SWMAgent.exe;c:\program files (x86)\Samsung\SW Update\SWMAgent.exe [x]
    S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x]
    S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
    S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x]
    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
    S1 klwfp;klwfp;c:\windows\system32\DRIVERS\klwfp.sys;c:\windows\SYSNATIVE\DRIVERS\klwfp.sys [x]
    S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
    S2 Easy Launcher;Easy Launcher;c:\program files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe;c:\program files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [x]
    S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
    S2 ExpressCache;ExpressCache;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe [x]
    S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
    S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
    S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
    S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
    S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
    S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
    S3 acpials;ALS Sensor Filter;c:\windows\system32\DRIVERS\acpials.sys;c:\windows\SYSNATIVE\DRIVERS\acpials.sys [x]
    S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\System32\drivers\AMPPAL.sys;c:\windows\SYSNATIVE\drivers\AMPPAL.sys [x]
    S3 BthLEEnum;Bluetooth Low Energy Driver;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
    S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
    S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
    S3 ETD;Samsung PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
    S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
    S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
    S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
    S3 NETwNe64;@oem9.inf, %NIC_Service_DispName_WIN8_64%; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
    S3 pcouffin;VSO Software pcouffin;c:\windows\System32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
    S3 RadioHIDMini;Radio HID Mini-driver;c:\windows\System32\drivers\RadioHIDMini.sys;c:\windows\SYSNATIVE\drivers\RadioHIDMini.sys [x]
    S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
    S3 SensorsAlsDriver;UMDF Reflector service for SensorsAlsDriver;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
    S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
    S3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
    S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
    S3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2013-07-13 00:43 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-07-30 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-11 17:59]
    .
    2013-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-12 18:32]
    .
    2013-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-12 18:32]
    .
    2013-02-21 c:\windows\Tasks\Xerox PhotoCafe Communicator.job
    - c:\programdata\Xerox PhotoCafe\MessageCheck.exe [2011-10-26 09:11]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-08-07 13191312]
    "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-08-08 11554688]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-08 170304]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-08 398656]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-08 441152]
    "Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-03 1028896]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = about:blank
    mStart Page = about:blank
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = <local>
    IE: Send to Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
    Trusted Zone: aeriagames.com
    TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
    FF - ProfilePath - c:\users\wilkerson PC\AppData\Roaming\Mozilla\Firefox\Profiles\a41p30pg.default\ FF - prefs.js: browser.startup.homepage - about:home
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Toolbar-Locked - (no file)
    HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe

    here is a combo fix log also.
    my computer is brand new and suddenly it started taking a very long time to load and start any programs, also it suddenly wouldnt display webpages right away either i have to refresh once or twice. i ran TDSSkiller and stopped all unnecessary processes its seems to be better now i may have resolved it soon after i posted that log. if you wouldnt mind taking a look at the combofix log though maybe i missed something you might see
    thank you Loucif

     
  • I haven't found anything suspicious in that log except this:
    Trusted Zone: aeriagames.com

    not sure you're using/playing it online or not.

    Try to keep your software up-to-date (windows, java, adobe, flash, antivirus) to avoid any malware.

     
    • status: pending --> closed
     
  • no updates, case closed.