Good day
I've been having my PC checked by the people in the BSOD, App Crashes And Hangs section and they suggested to ask here since I might have some malware problem.
The issue is that my PC shows a BSOD and it keeps reseting my pc for a while then a few days later whenever I open and then close a specific program (It's a Online Game) my PC BSOD, afterwards it does it again except it occurs when I try to play it.
Here are the Logs as they were requested on the Read before posting Topic but I've had issues with 1 of the Steps which caused my PC to complete freeze all the time I tried doing it (So I did the second way)
Anyway here is the DDS Log
DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2
Run by Chris at 23:40:47 on 2012-11-12
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2047.1043 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\IObit\Game Booster\GameBox.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\vssvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Akamai NetSession Interface] "c:\users\chris\appdata\local\akamai\netsession_win.exe"
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [USB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3125890D-1263-44BF-9C39-9391D66EBC19} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9E100A23-83BB-4761-9D04-01D5FFCB3C4F} : DHCPNameServer = 8.8.8.8
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2012-11-1 35592]
R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2012-11-2 527216]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2012-11-1 389488]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-8-30 382312]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\drivers\l260x86.sys [2009-6-10 29184]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2012-11-1 35592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2012-10-7 35392]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-10-8 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-10-8 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-10-8 1343400]
.
=============== Created Last 30 ================
.
2012-11-12 19:31:03 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e329f39e-588a-4578-9e7f-8cdc3c5a1321}\mpengine.dll
2012-11-12 19:26:57 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-11-12 19:26:57 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-11-12 19:26:49 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-11-12 19:26:49 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-11-12 19:26:49 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-12 19:26:48 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-11-11 22:48:41 -------- d-----w- c:\users\chris\appdata\roaming\Malwarebytes
2012-11-11 22:48:35 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-11 22:48:35 -------- d-----w- c:\programdata\Malwarebytes
2012-11-11 22:48:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-11 22:41:24 -------- d-----w- c:\users\chris\appdata\local\PMB Files
2012-11-11 22:41:23 -------- d-----w- c:\programdata\PMB Files
2012-11-11 22:39:51 -------- d-----w- c:\program files\Pando Networks
2012-11-11 21:26:16 7626088 ----a-w- c:\windows\system32\nvcuda.dll
2012-11-11 21:26:16 6109032 ----a-w- c:\windows\system32\nvopencl.dll
2012-11-11 21:26:16 2573672 ----a-w- c:\windows\system32\nvcuvid.dll
2012-11-11 21:26:16 19828584 ----a-w- c:\windows\system32\nvoglv32.dll
2012-11-11 21:26:16 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-11-11 21:26:16 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-11-11 21:26:16 10790760 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-11-11 01:10:24 -------- d-----w- c:\programdata\Hotspot Shield
2012-11-11 01:10:03 -------- d-----w- c:\program files\Hotspot Shield
2012-11-11 00:27:16 79256 ----a-w- c:\windows\system32\npOGPPlugin.dll
2012-11-11 00:27:15 271768 ----a-w- c:\windows\system32\OGPIEPlugin.ocx
2012-11-11 00:19:48 -------- d-----w- c:\program files\OGPlanet
2012-11-10 21:33:46 -------- d-----w- c:\program files\softhouse-seal
2012-11-10 12:13:57 6504 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2012-11-10 00:40:01 -------- d-----w- c:\users\chris\appdata\local\Adobe
2012-11-09 21:51:24 -------- d-----w- C:\Downloads
2012-11-09 04:08:44 -------- d-----w- c:\users\chris\appdata\roaming\FLV Extract
2012-11-09 03:41:43 -------- d-----w- c:\program files\GOG.com
2012-11-06 15:48:12 -------- d-----w- c:\program files\Noel Danjou
2012-11-05 18:44:24 -------- d-----w- c:\windows\system32\SPReview
2012-11-05 18:44:15 -------- d-----w- c:\windows\system32\EventProviders
2012-11-05 18:42:54 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-05 12:24:31 -------- d-----w- c:\users\chris\appdata\local\ElevatedDiagnostics
2012-11-01 18:29:22 35592 ----a-w- c:\windows\system32\drivers\taphss6.sys
2012-11-01 18:21:56 35592 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2012-10-24 18:48:50 -------- d-----w- c:\program files\Pinnacle
2012-10-24 18:42:47 -------- d-----w- c:\windows\system32\appmgmt
2012-10-24 18:41:40 -------- d-----w- c:\users\chris\appdata\local\Akamai
2012-10-22 10:57:55 -------- d-----w- c:\users\chris\appdata\roaming\Mael
2012-10-21 21:27:20 -------- d-----w- c:\program files\CPUID
2012-10-18 21:03:31 -------- d-----w- c:\users\chris\appdata\local\Sony
2012-10-18 19:57:10 -------- d-----w- c:\program files\Sony
2012-10-17 21:38:56 -------- d-----w- c:\program files\Lame For Audacity
2012-10-17 21:15:33 -------- d-----w- c:\program files\JDownloader
2012-10-17 21:10:49 -------- d-----w- c:\users\chris\appdata\roaming\DMCache
2012-10-17 20:52:47 -------- d-----w- c:\program files\Audacity
2012-10-16 20:40:42 5659096 -c--a-w- c:\program files\common files\windows live\.cache\77d808291cdabde03\skydrivesetup.exe
2012-10-16 20:40:42 -------- d-----w- c:\program files\Microsoft SkyDrive
2012-10-16 20:40:42 -------- d-----r- c:\users\chris\SkyDrive
2012-10-16 20:40:26 -------- d-----w- c:\programdata\Microsoft SkyDrive
2012-10-16 13:37:43 -------- d-----w- c:\program files\ASCII
2012-10-16 13:37:41 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2012-10-16 13:37:41 237568 ----a-w- c:\program files\common files\installshield\iscript\IScript.dll
2012-10-16 13:37:41 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2012-10-16 13:37:41 208896 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2012-10-16 13:37:41 151552 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2012-10-14 03:27:37 -------- d-----w- c:\program files\xy-VSFilter
2012-10-14 02:52:23 -------- d-----w- c:\users\chris\appdata\roaming\uTorrent
.
==================== Find3M ====================
.
2012-11-05 18:48:06 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-10-09 15:43:22 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 15:43:22 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-07 14:37:49 715038 ----a-w- c:\windows\unins000.exe
2012-10-07 13:25:12 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-07 13:25:12 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-07 13:25:12 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-12 14:07:44 58368 ----a-w- c:\windows\system32\sirenacm.dll
2012-08-31 17:18:09 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 19:13:00 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-08-30 19:13:00 52584 ----a-w- c:\windows\system32\OpenCL.dll
2012-08-30 19:13:00 2422120 ----a-w- c:\windows\system32\nvapi.dll
2012-08-30 19:13:00 15291752 ----a-w- c:\windows\system32\nvd3dum.dll
2012-08-30 19:13:00 12465512 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-08-30 19:13:00 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-08-30 17:12:02 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 15:57:55 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-08-30 15:57:54 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-08-30 15:57:54 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-30 15:57:32 3963240 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-30 15:57:27 2836840 ----a-w- c:\windows\system32\nvsvc.dll
2012-08-30 09:40:14 429416 ----a-w- c:\windows\system32\nvStreaming.exe
2012-08-24 16:57:48 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-20 17:40:31 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 17:40:01 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 17:37:58 271360 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 15:33:28 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 23:41:00.85 ===============
I've been having my PC checked by the people in the BSOD, App Crashes And Hangs section and they suggested to ask here since I might have some malware problem.
The issue is that my PC shows a BSOD and it keeps reseting my pc for a while then a few days later whenever I open and then close a specific program (It's a Online Game) my PC BSOD, afterwards it does it again except it occurs when I try to play it.
Here are the Logs as they were requested on the Read before posting Topic but I've had issues with 1 of the Steps which caused my PC to complete freeze all the time I tried doing it (So I did the second way)
Anyway here is the DDS Log
DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2
Run by Chris at 23:40:47 on 2012-11-12
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2047.1043 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\IObit\Game Booster\GameBox.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\vssvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Akamai NetSession Interface] "c:\users\chris\appdata\local\akamai\netsession_win.exe"
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [USB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3125890D-1263-44BF-9C39-9391D66EBC19} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9E100A23-83BB-4761-9D04-01D5FFCB3C4F} : DHCPNameServer = 8.8.8.8
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2012-11-1 35592]
R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2012-11-2 527216]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2012-11-1 389488]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-8-30 382312]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\drivers\l260x86.sys [2009-6-10 29184]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2012-11-1 35592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2012-10-7 35392]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-10-8 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-10-8 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-10-8 1343400]
.
=============== Created Last 30 ================
.
2012-11-12 19:31:03 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e329f39e-588a-4578-9e7f-8cdc3c5a1321}\mpengine.dll
2012-11-12 19:26:57 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-11-12 19:26:57 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-11-12 19:26:49 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-11-12 19:26:49 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-11-12 19:26:49 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-12 19:26:48 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-11-11 22:48:41 -------- d-----w- c:\users\chris\appdata\roaming\Malwarebytes
2012-11-11 22:48:35 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-11 22:48:35 -------- d-----w- c:\programdata\Malwarebytes
2012-11-11 22:48:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-11 22:41:24 -------- d-----w- c:\users\chris\appdata\local\PMB Files
2012-11-11 22:41:23 -------- d-----w- c:\programdata\PMB Files
2012-11-11 22:39:51 -------- d-----w- c:\program files\Pando Networks
2012-11-11 21:26:16 7626088 ----a-w- c:\windows\system32\nvcuda.dll
2012-11-11 21:26:16 6109032 ----a-w- c:\windows\system32\nvopencl.dll
2012-11-11 21:26:16 2573672 ----a-w- c:\windows\system32\nvcuvid.dll
2012-11-11 21:26:16 19828584 ----a-w- c:\windows\system32\nvoglv32.dll
2012-11-11 21:26:16 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-11-11 21:26:16 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-11-11 21:26:16 10790760 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-11-11 01:10:24 -------- d-----w- c:\programdata\Hotspot Shield
2012-11-11 01:10:03 -------- d-----w- c:\program files\Hotspot Shield
2012-11-11 00:27:16 79256 ----a-w- c:\windows\system32\npOGPPlugin.dll
2012-11-11 00:27:15 271768 ----a-w- c:\windows\system32\OGPIEPlugin.ocx
2012-11-11 00:19:48 -------- d-----w- c:\program files\OGPlanet
2012-11-10 21:33:46 -------- d-----w- c:\program files\softhouse-seal
2012-11-10 12:13:57 6504 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2012-11-10 00:40:01 -------- d-----w- c:\users\chris\appdata\local\Adobe
2012-11-09 21:51:24 -------- d-----w- C:\Downloads
2012-11-09 04:08:44 -------- d-----w- c:\users\chris\appdata\roaming\FLV Extract
2012-11-09 03:41:43 -------- d-----w- c:\program files\GOG.com
2012-11-06 15:48:12 -------- d-----w- c:\program files\Noel Danjou
2012-11-05 18:44:24 -------- d-----w- c:\windows\system32\SPReview
2012-11-05 18:44:15 -------- d-----w- c:\windows\system32\EventProviders
2012-11-05 18:42:54 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-05 12:24:31 -------- d-----w- c:\users\chris\appdata\local\ElevatedDiagnostics
2012-11-01 18:29:22 35592 ----a-w- c:\windows\system32\drivers\taphss6.sys
2012-11-01 18:21:56 35592 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2012-10-24 18:48:50 -------- d-----w- c:\program files\Pinnacle
2012-10-24 18:42:47 -------- d-----w- c:\windows\system32\appmgmt
2012-10-24 18:41:40 -------- d-----w- c:\users\chris\appdata\local\Akamai
2012-10-22 10:57:55 -------- d-----w- c:\users\chris\appdata\roaming\Mael
2012-10-21 21:27:20 -------- d-----w- c:\program files\CPUID
2012-10-18 21:03:31 -------- d-----w- c:\users\chris\appdata\local\Sony
2012-10-18 19:57:10 -------- d-----w- c:\program files\Sony
2012-10-17 21:38:56 -------- d-----w- c:\program files\Lame For Audacity
2012-10-17 21:15:33 -------- d-----w- c:\program files\JDownloader
2012-10-17 21:10:49 -------- d-----w- c:\users\chris\appdata\roaming\DMCache
2012-10-17 20:52:47 -------- d-----w- c:\program files\Audacity
2012-10-16 20:40:42 5659096 -c--a-w- c:\program files\common files\windows live\.cache\77d808291cdabde03\skydrivesetup.exe
2012-10-16 20:40:42 -------- d-----w- c:\program files\Microsoft SkyDrive
2012-10-16 20:40:42 -------- d-----r- c:\users\chris\SkyDrive
2012-10-16 20:40:26 -------- d-----w- c:\programdata\Microsoft SkyDrive
2012-10-16 13:37:43 -------- d-----w- c:\program files\ASCII
2012-10-16 13:37:41 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2012-10-16 13:37:41 237568 ----a-w- c:\program files\common files\installshield\iscript\IScript.dll
2012-10-16 13:37:41 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2012-10-16 13:37:41 208896 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2012-10-16 13:37:41 151552 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2012-10-14 03:27:37 -------- d-----w- c:\program files\xy-VSFilter
2012-10-14 02:52:23 -------- d-----w- c:\users\chris\appdata\roaming\uTorrent
.
==================== Find3M ====================
.
2012-11-05 18:48:06 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-10-09 15:43:22 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 15:43:22 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-07 14:37:49 715038 ----a-w- c:\windows\unins000.exe
2012-10-07 13:25:12 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-07 13:25:12 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-07 13:25:12 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-12 14:07:44 58368 ----a-w- c:\windows\system32\sirenacm.dll
2012-08-31 17:18:09 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 19:13:00 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-08-30 19:13:00 52584 ----a-w- c:\windows\system32\OpenCL.dll
2012-08-30 19:13:00 2422120 ----a-w- c:\windows\system32\nvapi.dll
2012-08-30 19:13:00 15291752 ----a-w- c:\windows\system32\nvd3dum.dll
2012-08-30 19:13:00 12465512 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-08-30 19:13:00 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-08-30 17:12:02 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 15:57:55 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-08-30 15:57:54 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-08-30 15:57:54 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-30 15:57:32 3963240 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-30 15:57:27 2836840 ----a-w- c:\windows\system32\nvsvc.dll
2012-08-30 09:40:14 429416 ----a-w- c:\windows\system32\nvStreaming.exe
2012-08-24 16:57:48 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-20 17:40:31 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 17:40:01 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 17:37:58 271360 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 15:33:28 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 23:41:00.85 ===============