Jump to content

krapplejaxx

Members
  • Posts

    7
  • Joined

  • Last visited

Everything posted by krapplejaxx

  1. Thank you very much, Maurice. This has been resolved. Unquarantimed from the network and still remains unquarantined so it's all good. Thanks again!
  2. Oh sorry, i forgot to say that I uninstalled McAfee, and I am only running MSE. Ill run Stinger+security check and get back to you when it finishes, thanks again
  3. Thank you very much for your help. RKill did not find anything malicious running, mbam updated and ran a quick scan. Nothing was found there either. Is there anything else that we can scan for? I ran TDSSKiller and nothing there either.
  4. Search.txt Farbar Recovery Scan Tool Version: 29-08-2012 02 Ran by SYSTEM at 2012-08-29 17:00:30 Running from G:\ ================== Search: "services.exe" =================== C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\System32\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB ====== End Of Search ======
  5. FRST.txt: Scan result of Farbar Recovery Scan Tool Version: 29-08-2012 02 Ran by SYSTEM at 29-08-2012 16:58:32 Running from G:\ Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation) HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-12-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2011-01-28] (CyberLink) HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [228448 2011-01-28] (CyberLink Corp.) HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-04-10] (Lenovo) HKLM-x32\...\Run: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [296096 2012-08-03] (RealNetworks, Inc.) HKLM-x32\...\Run: [RaidCall] C:\Program Files (x86)\RaidCall\raidcall.exe [3076096 2012-07-18] (RAIDCALL.COM) HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462920 2012-07-03] (Malwarebytes Corporation) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated) HKU\Jerry\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-04-10] (Google Inc.) HKU\Jerry\...\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1353080 2012-08-24] (Valve Corporation) Tcpip\Parameters: [DhcpNameServer] 10.2.1.174 Startup: C:\Users\All Users\Start Menu\Programs\Startup\SafeConnect.lnk ShortcutTarget: SafeConnect.lnk -> C:\Program Files (x86)\SafeConnect\scClient.exe (Impulse Point, LLC) ==================== Services (Whitelisted) ====== 2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [655944 2012-07-03] (Malwarebytes Corporation) 2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation) 3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation) 2 PnkBstrA; C:\windows\SysWow64\PnkBstrA.exe [76888 2012-08-25] () 2 PnkBstrB; C:\windows\SysWow64\PnkBstrB.exe [189248 2012-08-25] () 2 RaMediaServer; C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe [454656 2010-05-19] () ==================== Drivers (Whitelisted) =================== 3 MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [24904 2012-07-03] (Malwarebytes Corporation) 3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd) 3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3293272 2010-12-23] (Windows ® Win 7 DDK provider) 3 vproiah; C:\Windows\System32\Drivers\vproiah.sys [27848 2011-08-03] (RSJ Software GmbH) 3 BcmSqlStartupSvc; [x] 2 CLKMSVC10_3A60B698; [x] 2 CLKMSVC10_C3B3B687; [x] 2 DriverService; [x] 3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [x] 2 IAStorDataMgrSvc; [x] 2 iATAgentService; [x] 2 idealife Update Service; [x] 3 IGRS; [x] 2 IviRegMgr; [x] 2 nvUpdatusService; [x] 2 Oasis2Service; [x] 2 PCCarerService; [x] 2 ReadyComm.DirectRouter; [x] 2 RichVideo; [x] 2 RtLedService; [x] 2 SeaPort; [x] 2 SoftwareService; [x] 3 SQLWriter; [x] 3 X6va009; \??\C:\windows\SysWOW64\Drivers\X6va009 [x] ==================== NetSvcs (Whitelisted) ================= ==================== One Month Created Files and Folders ====================== 2012-08-29 12:19 - 2012-08-29 12:23 - 00001269 ____A C:\Users\Jerry\Desktop\RKreport[5].txt 2012-08-29 11:58 - 2012-08-29 11:58 - 00001324 ____A C:\Users\Jerry\Desktop\RKreport[4].txt 2012-08-28 15:26 - 2010-11-12 06:13 - 00171344 ____A (Kaspersky Lab ZAO) C:\Users\Jerry\Desktop\SalityKiller.exe 2012-08-28 14:55 - 2012-08-28 14:55 - 00072026 ____A C:\Users\Jerry\Desktop\Extras.Txt 2012-08-28 14:54 - 2012-08-28 14:54 - 00121766 ____A C:\Users\Jerry\Desktop\OTL.Txt 2012-08-28 14:43 - 2012-08-28 14:24 - 00598528 ____A (OldTimer Tools) C:\Users\Jerry\Desktop\OTL.exe 2012-08-28 14:19 - 2012-08-28 14:19 - 00001188 ____A C:\Users\Jerry\Desktop\RKreport[3].txt 2012-08-28 14:18 - 2012-08-28 14:18 - 00002205 ____A C:\Users\Jerry\Desktop\RKreport[2].txt 2012-08-28 14:17 - 2012-08-29 12:16 - 00002169 ____A C:\Users\Jerry\Desktop\RKreport[1].txt 2012-08-28 14:15 - 2012-08-28 14:02 - 01367552 ____A C:\Users\Jerry\Desktop\RogueKiller.exe 2012-08-28 14:14 - 2012-08-28 14:17 - 00000000 ____D C:\Users\Jerry\Desktop\RK_Quarantine 2012-08-28 14:10 - 2012-08-28 14:10 - 00014101 ____A C:\Users\Jerry\Desktop\hijackthis.log 2012-08-28 13:47 - 2012-08-28 13:47 - 00002975 ____A C:\Users\Jerry\Desktop\HiJackThis.lnk 2012-08-28 13:47 - 2012-08-28 13:47 - 00000000 ____D C:\Program Files (x86)\Trend Micro 2012-08-28 13:36 - 2012-08-28 13:36 - 00027911 ____A C:\Users\Jerry\Desktop\DDS.txt 2012-08-28 13:36 - 2012-08-28 13:36 - 00021531 ____A C:\Users\Jerry\Desktop\Attach.txt 2012-08-28 13:28 - 2012-08-28 13:28 - 00607260 ____R (Swearware) C:\Users\Jerry\Desktop\dds.scr 2012-08-28 13:28 - 2012-08-28 13:27 - 01402880 ____A C:\Users\Jerry\Desktop\HiJackThis.msi 2012-08-27 13:00 - 2012-08-27 13:00 - 00001945 ____A C:\Windows\epplauncher.mif 2012-08-27 13:00 - 2012-08-27 13:00 - 00000000 ____D C:\Program Files\Microsoft Security Client 2012-08-27 13:00 - 2012-08-27 13:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2012-08-27 12:16 - 2012-08-27 12:14 - 17142744 ____A (Microsoft Corporation) C:\Users\Jerry\Desktop\Windows-KB890830-x64-V4.11.exe 2012-08-27 12:09 - 2012-08-03 00:46 - 59884088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe 2012-08-27 04:29 - 2012-08-27 04:29 - 00000000 ____D C:\Users\Jerry\AppData\Local\Macromedia 2012-08-26 16:43 - 2012-08-26 16:43 - 03301528 ____A (Impulse Point, LLC) C:\Users\Jerry\Downloads\ServiceInstaller.exe 2012-08-26 07:38 - 2012-08-26 07:38 - 00000000 ____D C:\Users\Jerry\AppData\Local\Chromium 2012-08-26 07:37 - 2012-08-26 07:37 - 00000000 ____D C:\Program Files\Common Files\INCA Shared 2012-08-26 07:37 - 2012-03-05 04:19 - 03953632 ____A (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des 2012-08-26 07:37 - 2012-02-01 11:50 - 00005265 ____A C:\Windows\SysWOW64\nppt9x.vxd 2012-08-26 07:37 - 2012-02-01 11:50 - 00004774 ____A (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys 2012-08-26 06:08 - 2012-08-26 06:08 - 00000000 ____D C:\Users\Jerry\Desktop\Uke Tabs 2012-08-26 05:12 - 2012-08-26 15:44 - 00002199 ____A C:\Users\Jerry\Desktop\Granado Espada.lnk 2012-08-26 05:12 - 2012-08-26 05:12 - 00002219 ____A C:\Users\Public\Desktop\IAHGames Player.lnk 2012-08-26 05:12 - 2012-08-26 05:12 - 00000000 ____D C:\Users\All Users\IAHGames 2012-08-26 05:12 - 2012-08-26 05:12 - 00000000 ____D C:\Program Files (x86)\IAHgames 2012-08-26 05:12 - 2011-08-03 11:20 - 00027848 ____A (RSJ Software GmbH) C:\Windows\System32\Drivers\vproiah.sys 2012-08-25 22:35 - 2012-08-25 22:35 - 00592296 ____A (IAHGames ) C:\Users\Jerry\Downloads\iahgames-setup-1.2.2.exe 2012-08-25 22:13 - 2012-08-27 13:00 - 00796420 ____A C:\Windows\SysWOW64\PerfStringBackup.INI 2012-08-25 22:09 - 2012-08-25 22:09 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.exe 2012-08-25 22:09 - 2012-08-25 22:09 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.ex0 2012-08-25 22:09 - 2012-08-25 22:09 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe 2012-08-25 22:09 - 2012-08-25 20:51 - 03130440 ____A C:\Windows\SysWOW64\pbsvc_blr.exe 2012-08-25 22:08 - 2012-08-25 22:08 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2012-08-25 21:28 - 2012-08-25 21:29 - 00000000 ____D C:\Users\Jerry\AppData\Roaming\ijjigame 2012-08-25 20:36 - 2012-08-25 20:37 - 00000000 ____D C:\Users\Jerry\Desktop\Games 2012-08-25 19:59 - 2012-08-29 12:30 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-08-25 19:59 - 2012-08-25 19:59 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-08-25 19:59 - 2012-08-25 19:59 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-08-25 19:59 - 2012-08-25 19:59 - 00000000 ____D C:\Windows\System32\Macromed 2012-08-24 19:19 - 2012-08-29 12:19 - 00000000 ____D C:\Program Files (x86)\Steam 2012-08-24 19:19 - 2012-08-24 19:19 - 00000917 ____A C:\Users\Public\Desktop\Steam.lnk 2012-08-24 19:18 - 2012-08-24 19:18 - 01606656 ____A C:\Users\Jerry\Downloads\SteamInstall.msi 2012-08-24 15:50 - 2012-08-29 12:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2012-08-24 15:50 - 2012-08-24 15:50 - 00001130 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk 2012-08-24 15:50 - 2012-08-24 15:50 - 00000000 ____D C:\Users\Jerry\AppData\Roaming\Mozilla 2012-08-24 15:50 - 2012-08-24 15:50 - 00000000 ____D C:\Users\Jerry\AppData\Local\Mozilla 2012-08-24 15:50 - 2012-08-24 15:50 - 00000000 ____D C:\Users\All Users\Mozilla 2012-08-24 15:50 - 2012-08-24 15:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2012-08-24 15:49 - 2012-08-24 15:49 - 16814136 ____A (Mozilla) C:\Users\Jerry\Downloads\Firefox Setup 14.0.1.exe 2012-08-24 07:56 - 2012-08-24 07:56 - 505443442 ____A C:\Windows\MEMORY.DMP 2012-08-24 07:56 - 2012-08-24 07:56 - 00275440 ____A C:\Windows\Minidump\082412-27643-01.dmp 2012-08-24 07:56 - 2012-08-24 07:56 - 00000000 ____D C:\Windows\Minidump 2012-08-24 07:13 - 2012-08-24 07:13 - 00000000 ____A C:\Users\Jerry\Desktop\New Text Document.txt 2012-08-22 14:09 - 2012-08-22 14:09 - 00001519 ____A C:\Users\Jerry\Downloads\lectures.xml 2012-08-22 04:42 - 2012-08-22 04:42 - 00002019 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk 2012-08-22 04:42 - 2012-08-22 04:42 - 00000000 ____D C:\Program Files (x86)\Adobe 2012-08-20 13:50 - 2012-08-20 13:50 - 00000000 ____D C:\Users\Jerry\AppData\Roaming\Malwarebytes 2012-08-20 13:49 - 2012-08-20 13:49 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-08-20 13:49 - 2012-08-20 13:49 - 00000000 ____D C:\Users\All Users\Malwarebytes 2012-08-20 13:49 - 2012-08-20 13:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-08-20 13:49 - 2012-07-03 09:46 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2012-08-20 13:48 - 2012-08-20 13:48 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\Jerry\Downloads\mbam-setup-1.62.0.1300.exe 2012-08-20 07:29 - 2012-08-20 07:29 - 00000000 ____D C:\Users\Jerry\AppData\Local\Adobe 2012-08-20 07:00 - 2012-08-25 19:59 - 00000000 ____D C:\Users\All Users\Adobe 2012-08-20 05:59 - 2012-08-22 04:51 - 00000000 ____D C:\Users\Jerry\Desktop\School Work 2012-08-15 23:07 - 2012-07-06 12:07 - 00552960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys 2012-08-15 23:06 - 2012-08-15 23:06 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2012-08-15 23:06 - 2012-08-15 23:06 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2012-08-15 23:04 - 2012-06-28 20:55 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-08-15 23:04 - 2012-06-28 20:09 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-08-15 23:04 - 2012-06-28 19:56 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-08-15 23:04 - 2012-06-28 19:49 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-08-15 23:04 - 2012-06-28 19:49 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-08-15 23:04 - 2012-06-28 19:48 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-08-15 23:04 - 2012-06-28 19:47 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-08-15 23:04 - 2012-06-28 19:45 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-08-15 23:04 - 2012-06-28 19:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-08-15 23:04 - 2012-06-28 19:43 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-08-15 23:04 - 2012-06-28 19:42 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-08-15 23:04 - 2012-06-28 19:40 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-08-15 23:04 - 2012-06-28 19:39 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-08-15 23:04 - 2012-06-28 19:35 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-08-15 23:04 - 2012-06-28 16:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-08-15 23:04 - 2012-06-28 16:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-08-15 23:04 - 2012-06-28 16:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-08-15 23:04 - 2012-06-28 16:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-08-15 23:04 - 2012-06-28 16:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-08-15 23:04 - 2012-06-28 16:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-08-15 23:04 - 2012-06-28 16:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-08-15 23:04 - 2012-06-28 16:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-08-15 23:04 - 2012-06-28 16:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-08-15 23:04 - 2012-06-28 16:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-08-15 23:04 - 2012-06-28 16:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-08-15 23:04 - 2012-06-28 16:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-08-15 23:04 - 2012-06-28 16:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-08-15 23:04 - 2012-06-28 15:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-08-15 17:59 - 2012-07-18 10:15 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-08-15 17:59 - 2012-07-04 14:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll 2012-08-15 17:59 - 2012-07-04 14:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll 2012-08-15 17:59 - 2012-07-04 14:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll 2012-08-15 17:59 - 2012-07-04 13:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll 2012-08-15 17:59 - 2012-07-04 13:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll 2012-08-15 17:59 - 2012-05-13 21:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll 2012-08-15 17:59 - 2012-05-05 00:36 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll 2012-08-15 17:59 - 2012-05-04 23:46 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2012-08-15 17:59 - 2012-02-10 22:43 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2012-08-15 17:59 - 2012-02-10 22:36 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe 2012-08-15 17:59 - 2012-02-10 22:36 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe 2012-08-15 17:59 - 2012-02-10 21:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2012-08-14 15:07 - 2012-08-29 12:18 - 00000000 ____A C:\Windows\SysWOW64\filetrace.log 2012-08-14 04:37 - 2012-08-22 17:13 - 00000000 ____D C:\Users\Jerry\AppData\Roaming\RPPrivate 2012-08-13 10:14 - 2012-08-13 10:14 - 00000000 ___RD C:\Users\Jerry\Podcasts 2012-08-13 10:07 - 2012-08-13 10:07 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf 2012-08-13 10:07 - 2012-08-13 10:07 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_winusb_01009.Wdf 2012-08-11 14:10 - 2012-08-11 14:11 - 00000000 ____D C:\Program Files (x86)\RaidCall 2012-08-11 14:10 - 2012-08-11 14:10 - 05137277 ____A C:\Users\Jerry\Downloads\raidcall_v7.0.2.exe 2012-08-11 14:10 - 2012-08-11 14:10 - 00001007 ____A C:\Users\Jerry\Desktop\RaidCall.lnk 2012-08-11 14:10 - 2012-08-11 14:10 - 00000000 ____D C:\Users\Jerry\AppData\Roaming\raidcall 2012-08-10 02:06 - 2012-08-10 02:06 - 00770323 ____A C:\Users\Jerry\Desktop\Jerry Elie LM Presentation.pptx 2012-08-03 04:00 - 2012-08-03 04:00 - 00198864 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll 2012-08-03 04:00 - 2012-08-03 04:00 - 00001264 ____A C:\Users\Public\Desktop\RealPlayer.lnk 2012-08-03 03:59 - 2012-08-22 17:14 - 00000000 ____D C:\Users\Jerry\AppData\Roaming\Real 2012-08-03 03:59 - 2012-08-03 04:00 - 00000000 ____D C:\Program Files (x86)\Real 2012-08-03 03:59 - 2012-08-03 03:59 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll 2012-08-03 03:59 - 2012-08-03 03:59 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll 2012-08-03 03:59 - 2012-08-03 03:59 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll 2012-08-03 03:57 - 2012-08-03 03:57 - 00760128 ____A (RealNetworks, Inc.) C:\Users\Jerry\Downloads\RealPlayer (1).exe 2012-08-03 03:56 - 2012-08-03 04:01 - 00000000 ____D C:\Users\All Users\Real 2012-08-03 03:56 - 2012-08-03 03:56 - 00760128 ____A (RealNetworks, Inc.) C:\Users\Jerry\Downloads\RealPlayer.exe ==================== 3 Months Modified Files ================================ 2012-08-29 12:52 - 2012-04-10 01:26 - 00343933 ____A C:\FaceProv.log 2012-08-29 12:52 - 2012-04-10 00:52 - 01917055 ____A C:\Windows\WindowsUpdate.log 2012-08-29 12:52 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-08-29 12:52 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-08-29 12:38 - 2009-07-13 21:13 - 00782270 ____A C:\Windows\System32\PerfStringBackup.INI 2012-08-29 12:30 - 2012-08-25 19:59 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-08-29 12:23 - 2012-08-29 12:19 - 00001269 ____A C:\Users\Jerry\Desktop\RKreport[5].txt 2012-08-29 12:18 - 2012-08-14 15:07 - 00000000 ____A C:\Windows\SysWOW64\filetrace.log 2012-08-29 12:18 - 2012-04-10 01:40 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-08-29 12:18 - 2012-04-10 01:28 - 00287699 ____A C:\Windows\System32\fastboot.set 2012-08-29 12:18 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-08-29 12:18 - 2009-07-13 20:51 - 00057957 ____A C:\Windows\setupact.log 2012-08-29 12:17 - 2010-11-20 19:47 - 00348856 ____A C:\Windows\PFRO.log 2012-08-29 12:16 - 2012-08-28 14:17 - 00002169 ____A C:\Users\Jerry\Desktop\RKreport[1].txt 2012-08-29 11:58 - 2012-08-29 11:58 - 00001324 ____A C:\Users\Jerry\Desktop\RKreport[4].txt 2012-08-29 11:56 - 2012-04-10 01:40 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-08-28 15:26 - 2009-07-13 18:34 - 00000219 ____A C:\Windows\system.ini 2012-08-28 14:55 - 2012-08-28 14:55 - 00072026 ____A C:\Users\Jerry\Desktop\Extras.Txt 2012-08-28 14:54 - 2012-08-28 14:54 - 00121766 ____A C:\Users\Jerry\Desktop\OTL.Txt 2012-08-28 14:24 - 2012-08-28 14:43 - 00598528 ____A (OldTimer Tools) C:\Users\Jerry\Desktop\OTL.exe 2012-08-28 14:19 - 2012-08-28 14:19 - 00001188 ____A C:\Users\Jerry\Desktop\RKreport[3].txt 2012-08-28 14:18 - 2012-08-28 14:18 - 00002205 ____A C:\Users\Jerry\Desktop\RKreport[2].txt 2012-08-28 14:10 - 2012-08-28 14:10 - 00014101 ____A C:\Users\Jerry\Desktop\hijackthis.log 2012-08-28 14:02 - 2012-08-28 14:15 - 01367552 ____A C:\Users\Jerry\Desktop\RogueKiller.exe 2012-08-28 13:47 - 2012-08-28 13:47 - 00002975 ____A C:\Users\Jerry\Desktop\HiJackThis.lnk 2012-08-28 13:36 - 2012-08-28 13:36 - 00027911 ____A C:\Users\Jerry\Desktop\DDS.txt 2012-08-28 13:36 - 2012-08-28 13:36 - 00021531 ____A C:\Users\Jerry\Desktop\Attach.txt 2012-08-28 13:28 - 2012-08-28 13:28 - 00607260 ____R (Swearware) C:\Users\Jerry\Desktop\dds.scr 2012-08-28 13:27 - 2012-08-28 13:28 - 01402880 ____A C:\Users\Jerry\Desktop\HiJackThis.msi 2012-08-27 13:00 - 2012-08-27 13:00 - 00001945 ____A C:\Windows\epplauncher.mif 2012-08-27 13:00 - 2012-08-25 22:13 - 00796420 ____A C:\Windows\SysWOW64\PerfStringBackup.INI 2012-08-27 12:14 - 2012-08-27 12:16 - 17142744 ____A (Microsoft Corporation) C:\Users\Jerry\Desktop\Windows-KB890830-x64-V4.11.exe 2012-08-26 16:43 - 2012-08-26 16:43 - 03301528 ____A (Impulse Point, LLC) C:\Users\Jerry\Downloads\ServiceInstaller.exe 2012-08-26 15:44 - 2012-08-26 05:12 - 00002199 ____A C:\Users\Jerry\Desktop\Granado Espada.lnk 2012-08-26 05:12 - 2012-08-26 05:12 - 00002219 ____A C:\Users\Public\Desktop\IAHGames Player.lnk 2012-08-25 22:35 - 2012-08-25 22:35 - 00592296 ____A (IAHGames ) C:\Users\Jerry\Downloads\iahgames-setup-1.2.2.exe 2012-08-25 22:09 - 2012-08-25 22:09 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.exe 2012-08-25 22:09 - 2012-08-25 22:09 - 00189248 ____A C:\Windows\SysWOW64\PnkBstrB.ex0 2012-08-25 22:09 - 2012-08-25 22:09 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe 2012-08-25 20:51 - 2012-08-25 22:09 - 03130440 ____A C:\Windows\SysWOW64\pbsvc_blr.exe 2012-08-25 19:59 - 2012-08-25 19:59 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-08-25 19:59 - 2012-08-25 19:59 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-08-24 19:19 - 2012-08-24 19:19 - 00000917 ____A C:\Users\Public\Desktop\Steam.lnk 2012-08-24 19:18 - 2012-08-24 19:18 - 01606656 ____A C:\Users\Jerry\Downloads\SteamInstall.msi 2012-08-24 15:50 - 2012-08-24 15:50 - 00001130 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk 2012-08-24 15:49 - 2012-08-24 15:49 - 16814136 ____A (Mozilla) C:\Users\Jerry\Downloads\Firefox Setup 14.0.1.exe 2012-08-24 07:56 - 2012-08-24 07:56 - 505443442 ____A C:\Windows\MEMORY.DMP 2012-08-24 07:56 - 2012-08-24 07:56 - 00275440 ____A C:\Windows\Minidump\082412-27643-01.dmp 2012-08-24 07:13 - 2012-08-24 07:13 - 00000000 ____A C:\Users\Jerry\Desktop\New Text Document.txt 2012-08-22 14:09 - 2012-08-22 14:09 - 00001519 ____A C:\Users\Jerry\Downloads\lectures.xml 2012-08-22 04:42 - 2012-08-22 04:42 - 00002019 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk 2012-08-21 17:58 - 2012-04-10 01:41 - 00002336 ____A C:\Users\Public\Desktop\Google Chrome.lnk 2012-08-20 13:49 - 2012-08-20 13:49 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-08-20 13:48 - 2012-08-20 13:48 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\Jerry\Downloads\mbam-setup-1.62.0.1300.exe 2012-08-16 04:12 - 2009-07-13 20:45 - 00362632 ____A C:\Windows\System32\FNTCACHE.DAT 2012-08-15 23:44 - 2012-07-19 19:33 - 00002130 ____A C:\Users\Jerry\Desktop\OneKey Recovery.lnk 2012-08-13 10:07 - 2012-08-13 10:07 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf 2012-08-13 10:07 - 2012-08-13 10:07 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_winusb_01009.Wdf 2012-08-11 14:10 - 2012-08-11 14:10 - 05137277 ____A C:\Users\Jerry\Downloads\raidcall_v7.0.2.exe 2012-08-11 14:10 - 2012-08-11 14:10 - 00001007 ____A C:\Users\Jerry\Desktop\RaidCall.lnk 2012-08-10 02:06 - 2012-08-10 02:06 - 00770323 ____A C:\Users\Jerry\Desktop\Jerry Elie LM Presentation.pptx 2012-08-03 04:00 - 2012-08-03 04:00 - 00198864 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll 2012-08-03 04:00 - 2012-08-03 04:00 - 00001264 ____A C:\Users\Public\Desktop\RealPlayer.lnk 2012-08-03 03:59 - 2012-08-03 03:59 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll 2012-08-03 03:59 - 2012-08-03 03:59 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll 2012-08-03 03:59 - 2012-08-03 03:59 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll 2012-08-03 03:57 - 2012-08-03 03:57 - 00760128 ____A (RealNetworks, Inc.) C:\Users\Jerry\Downloads\RealPlayer (1).exe 2012-08-03 03:56 - 2012-08-03 03:56 - 00760128 ____A (RealNetworks, Inc.) C:\Users\Jerry\Downloads\RealPlayer.exe 2012-08-03 00:46 - 2012-08-27 12:09 - 59884088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe 2012-08-03 00:27 - 2012-07-21 03:02 - 62134624 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2012-07-28 18:48 - 2012-07-28 18:48 - 00001603 ____A C:\Users\Public\Desktop\Combat Arms.lnk 2012-07-28 18:43 - 2012-07-28 17:24 - 1700455576 ____A (Nexon) C:\Users\Jerry\Downloads\Combatarms_VER_US_2.1207.07.exe 2012-07-26 02:30 - 2012-07-26 02:31 - 00069594 ____A C:\Users\Jerry\Desktop\FAI Process Flow.pptx 2012-07-25 18:49 - 2012-07-25 18:49 - 00893936 ____A (Oracle Corporation) C:\Users\Jerry\Desktop\chromeinstall-7u5.exe 2012-07-25 18:32 - 2012-07-25 18:32 - 00469200 ____A (Cloudpath Networks, Inc.) C:\Users\Jerry\Desktop\NetworkWizardLoader.exe 2012-07-20 14:14 - 2012-07-19 19:36 - 00088512 ____A C:\Users\Jerry\AppData\Local\GDIPFONTCACHEV1.DAT 2012-07-19 19:37 - 2012-07-19 19:33 - 00001118 ____A C:\Users\Jerry\Desktop\Cyberlink Power2Go.lnk 2012-07-19 19:33 - 2012-07-19 19:33 - 00000020 ___SH C:\Users\Jerry\ntuser.ini 2012-07-18 10:15 - 2012-08-15 17:59 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-07-06 12:07 - 2012-08-15 23:07 - 00552960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys 2012-07-05 18:06 - 2012-07-25 18:51 - 00772544 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2012-07-05 18:06 - 2012-07-25 18:51 - 00687544 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2012-07-04 14:16 - 2012-08-15 17:59 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll 2012-07-04 14:13 - 2012-08-15 17:59 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll 2012-07-04 14:13 - 2012-08-15 17:59 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll 2012-07-04 13:16 - 2012-08-15 17:59 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll 2012-07-04 13:14 - 2012-08-15 17:59 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll 2012-07-03 09:46 - 2012-08-20 13:49 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2012-06-28 20:55 - 2012-08-15 23:04 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-06-28 20:09 - 2012-08-15 23:04 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-06-28 19:56 - 2012-08-15 23:04 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-06-28 19:49 - 2012-08-15 23:04 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-06-28 19:49 - 2012-08-15 23:04 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-06-28 19:48 - 2012-08-15 23:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-06-28 19:47 - 2012-08-15 23:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-06-28 19:45 - 2012-08-15 23:04 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-06-28 19:44 - 2012-08-15 23:04 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-06-28 19:43 - 2012-08-15 23:04 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-06-28 19:42 - 2012-08-15 23:04 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-06-28 19:40 - 2012-08-15 23:04 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-06-28 19:39 - 2012-08-15 23:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-06-28 19:35 - 2012-08-15 23:04 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-06-28 16:52 - 2012-08-15 23:04 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-06-28 16:27 - 2012-08-15 23:04 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-06-28 16:16 - 2012-08-15 23:04 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-06-28 16:09 - 2012-08-15 23:04 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-06-28 16:09 - 2012-08-15 23:04 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-06-28 16:08 - 2012-08-15 23:04 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-06-28 16:07 - 2012-08-15 23:04 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-06-28 16:06 - 2012-08-15 23:04 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-06-28 16:04 - 2012-08-15 23:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-06-28 16:04 - 2012-08-15 23:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-06-28 16:01 - 2012-08-15 23:04 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-06-28 16:01 - 2012-08-15 23:04 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-06-28 16:00 - 2012-08-15 23:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-06-28 15:57 - 2012-08-15 23:04 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-06-08 21:43 - 2012-07-20 15:27 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-06-08 20:41 - 2012-07-20 15:27 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2012-06-06 04:49 - 2012-06-06 04:49 - 01070152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX 2012-06-05 22:06 - 2012-07-20 15:28 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2012-06-05 22:06 - 2012-07-20 15:28 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2012-06-05 22:02 - 2012-07-20 15:21 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll 2012-06-05 21:05 - 2012-07-20 15:28 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2012-06-05 21:05 - 2012-07-20 15:28 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2012-06-05 21:03 - 2012-07-20 15:21 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2012-06-02 14:19 - 2012-07-19 19:34 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2012-06-02 14:19 - 2012-07-19 19:34 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2012-06-02 14:19 - 2012-07-19 19:34 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2012-06-02 14:19 - 2012-07-19 19:34 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll 2012-06-02 14:19 - 2012-07-19 19:34 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll 2012-06-02 14:15 - 2012-07-19 19:34 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2012-06-02 14:15 - 2012-07-19 19:34 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2012-06-02 11:19 - 2012-07-19 19:33 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2012-06-02 11:15 - 2012-07-19 19:33 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2012-06-01 21:50 - 2012-07-20 15:27 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys 2012-06-01 21:48 - 2012-07-20 15:27 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2012-06-01 21:48 - 2012-07-20 15:27 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys 2012-06-01 21:45 - 2012-07-20 15:27 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2012-06-01 21:44 - 2012-07-20 15:27 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2012-06-01 20:40 - 2012-07-20 15:27 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2012-06-01 20:40 - 2012-07-20 15:27 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2012-06-01 20:39 - 2012-07-20 15:27 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2012-06-01 20:34 - 2012-07-20 15:27 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2012-08-26 23:00:39 Restore point made on: 2012-08-28 13:47:22 Restore point made on: 2012-08-28 14:50:04 Restore point made on: 2012-08-28 15:19:40 Restore point made on: 2012-08-28 15:20:29 Restore point made on: 2012-08-29 12:49:09 ==================== Memory info =========================== Percentage of memory in use: 12% Total physical RAM: 5606.11 MB Available physical RAM: 4932.66 MB Total Pagefile: 5604.31 MB Available Pagefile: 4918.64 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Partitions ============================ 1 Drive c: () (Fixed) (Total:421.81 GB) (Free:358.6 GB) NTFS 2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.88 GB) NTFS 4 Drive g: (MURPHREE) (Removable) (Total:3.76 GB) (Free:3.03 GB) FAT32 5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 6 Drive y: () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 465 GB 1024 KB Disk 1 Online 3853 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 200 MB 1024 KB Partition 2 Primary 421 GB 201 MB Partition 0 Extended 28 GB 422 GB Partition 4 Logical 28 GB 422 GB Partition 3 OEM 14 GB 451 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y NTFS Partition 200 MB Healthy ================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 421 GB Healthy ================================================================================== Disk: 0 Partition 4 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 D LENOVO NTFS Partition 28 GB Healthy ================================================================================== Disk: 0 Partition 3 Type : 12 Hidden: Yes Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 LENOVO_PART NTFS Partition 14 GB Healthy Hidden ================================================================================== Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- * Partition 1 Primary 3853 MB 0 B ================================================================================== Disk: 1 There is no partition selected. There is no partition selected. Please select a partition and try again. ================================================================================== Last Boot: 2012-08-26 21:24 ==================== End Of Log =============================
  6. Here are the results: RogueKiller V8.0.0 [08/26/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Jerry [Admin rights] Mode : Scan -- Date : 08/29/2012 16:19:47 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD50 00BPVT-24HXZT3 SATA Disk Device +++++ --- User --- [MBR] 0542e57b83efe97983d92a4e588577b3 [bSP] b082ab3ba0f45907e8a84c0e1f9c344d : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 431938 Mo 2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 885020672 | Size: 29692 Mo 3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945829888 | Size: 15109 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
  7. Hey MBAM forums, I work tech support for housing at a university. We have a secure network where if a resident has an infection on their computer, our system quarantines them until it can be removed. Usually we can remove viruses no problem using MalwareBytes Anti-Malware, but recently we have been getting a hit labeled as a Mariposa infection and we currently cannot detect with any tools we have used. I know that Mariposa is an old botnet infection, but it has since been shut down. There are also quite a few antivirus and anti malware programs that scan for Mariposa specifically, but nothing is found on the machines I have scanned. Here is the DDS report: DDS.txt . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by Jerry at 17:35:14 on 2012-08-28 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5606.3656 [GMT -4:00] . AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\system32\atiesrxx.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\atieclxx.exe C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\windows\system32\mfevtps.exe C:\windows\SysWOW64\PnkBstrA.exe C:\windows\SysWOW64\PnkBstrB.exe C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe C:\windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\Explorer.EXE C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Steam\Steam.exe C:\windows\WebCam\S6000\S6000Mnt.exe C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\windows\system32\SearchIndexer.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\windows\system32\rundll32.exe C:\windows\system32\rundll32.exe C:\windows\SysWOW64\rundll32.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe C:\windows\system32\taskhost.exe C:\Program Files (x86)\SafeConnect\scManager.sys C:\Program Files (x86)\SafeConnect\SCClient.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\mcafee\VirusScan\mcods.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe C:\Windows\system32\WUDFHost.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\DllHost.exe C:\windows\system32\DllHost.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe C:\windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://google.com/ uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN mStart Page = hxxp://lenovo.msn.com uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120825152302.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [s6000Mnt] C:\windows\SysWOW64\Rundll32.exe S6000Rmv.dll,WinMainRmv /StartStillMnt mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe mRun: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" mRun: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot mRun: [RaidCall] C:\Program Files (x86)\RaidCall\raidcall.exe mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAFECO~1.LNK - C:\Program Files (x86)\SafeConnect\scClient.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: DhcpNameServer = 10.2.1.174 TCP: Interfaces\{12CA5FA7-C721-45FE-9ABB-683AC1A36A31} : DhcpNameServer = 128.227.47.6 128.227.47.7 TCP: Interfaces\{3165BEE5-5B35-410F-B568-A721EA0D3DDB} : DhcpNameServer = 10.2.1.174 TCP: Interfaces\{3165BEE5-5B35-410F-B568-A721EA0D3DDB}\576696E666F6 : DhcpNameServer = 128.227.47.70 TCP: Interfaces\{3165BEE5-5B35-410F-B568-A721EA0D3DDB}\93458474144554 : DhcpNameServer = 93.188.161.105 93.188.166.105 TCP: Interfaces\{3165BEE5-5B35-410F-B568-A721EA0D3DDB}\D69745F65736860243740284F6473707F647 : DhcpNameServer = 192.168.1.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll BHO-X64: AMD SteadyVideo BHO - No File BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120825152302.dll BHO-X64: scriptproxy - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [s6000Mnt] C:\windows\SysWOW64\Rundll32.exe S6000Rmv.dll,WinMainRmv /StartStillMnt mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" mRun-x64: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s mRun-x64: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe mRun-x64: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" mRun-x64: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot mRun-x64: [RaidCall] C:\Program Files (x86)\RaidCall\raidcall.exe mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Jerry\AppData\Roaming\Mozilla\Firefox\Profiles\aliya8fg.default\ FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\IAHgames\Playfast\npiahpd.dll FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\Jerry\AppData\Roaming\raidcall\plugins\nprcplugin.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 fbfmon;fbfmon;C:\windows\system32\drivers\fbfmon.sys --> C:\windows\system32\drivers\fbfmon.sys [?] R0 LHDmgr;LHDmgr;C:\windows\system32\DRIVERS\LhdX64.sys --> C:\windows\system32\DRIVERS\LhdX64.sys [?] R0 mfehidk;McAfee Inc. mfehidk;C:\windows\system32\drivers\mfehidk.sys --> C:\windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\system32\drivers\mfewfpk.sys --> C:\windows\system32\drivers\mfewfpk.sys [?] R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?] R1 BPntDrv;BPntDrv;C:\windows\system32\drivers\BPntDrv.sys --> C:\windows\system32\drivers\BPntDrv.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\windows\system32\DRIVERS\mfenlfk.sys --> C:\windows\system32\DRIVERS\mfenlfk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960] R2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe --> C:\windows\system32\atiesrxx.exe [?] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-15 361984] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936] R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-4-10 199304] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-4-10 210616] R2 mfevtp;McAfee Validation Trust Protection Service;"C:\windows\system32\mfevtps.exe" --> C:\windows\system32\mfevtps.exe [?] R2 RaMediaServer;Ralink UPnP Media Server;C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe [2012-4-10 454656] R2 SCManager;SafeConnect Manager;C:\Program Files (x86)\SafeConnect\scManager.sys servicestart --> C:\Program Files (x86)\SafeConnect\scManager.sys servicestart [?] R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?] R3 amdiox64;AMD IO Driver;C:\windows\system32\DRIVERS\amdiox64.sys --> C:\windows\system32\DRIVERS\amdiox64.sys [?] R3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atikmdag.sys --> C:\windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys --> C:\windows\system32\DRIVERS\atikmpag.sys [?] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\windows\system32\drivers\AtihdW76.sys --> C:\windows\system32\drivers\AtihdW76.sys [?] R3 cfwids;McAfee Inc. cfwids;C:\windows\system32\drivers\cfwids.sys --> C:\windows\system32\drivers\cfwids.sys [?] R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys --> C:\windows\system32\DRIVERS\clwvd.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\system32\drivers\mfeavfk.sys --> C:\windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\windows\system32\drivers\mfefirek.sys --> C:\windows\system32\drivers\mfefirek.sys [?] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\windows\system32\DRIVERS\netr28x.sys --> C:\windows\system32\DRIVERS\netr28x.sys [?] R3 NMgamingmsFltr;USB Optical Mouse;C:\windows\system32\drivers\NMgamingms.sys --> C:\windows\system32\drivers\NMgamingms.sys [?] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUVStor.sys --> C:\windows\system32\Drivers\RtsUVStor.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] R3 S6000KNT;S6000KNT_WebCam Driver;C:\windows\system32\Drivers\S6000KNT.sys --> C:\windows\system32\Drivers\S6000KNT.sys [?] R3 usbfilter;AMD USB Filter Driver;C:\windows\system32\DRIVERS\usbfilter.sys --> C:\windows\system32\DRIVERS\usbfilter.sys [?] R3 vproiah;vproiah;C:\windows\system32\DRIVERS\vproiah.sys --> C:\windows\system32\DRIVERS\vproiah.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-4-10 136176] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-20 655944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-25 250568] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-4-10 136176] S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-4-10 225216] S3 mferkdet;McAfee Inc. mferkdet;C:\windows\system32\drivers\mferkdet.sys --> C:\windows\system32\drivers\mferkdet.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-24 113120] S3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 npggsvc;nProtect GameGuard Service;C:\windows\system32\GameMon.des -service --> C:\windows\system32\GameMon.des -service [?] S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?] S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?] S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-08-27 22:23:41 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{76FE79C8-E5C6-41EB-B56C-9B430F8667AD}\offreg.dll 2012-08-27 21:02:47 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D85E3FCB-1497-431E-855E-DDFE03AE1D41}\gapaengine.dll 2012-08-27 21:02:42 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{76FE79C8-E5C6-41EB-B56C-9B430F8667AD}\mpengine.dll 2012-08-27 21:00:23 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2012-08-27 21:00:19 -------- d-----w- C:\Program Files\Microsoft Security Client 2012-08-27 21:00:01 -------- d-----w- C:\803c1486597b38adaf 2012-08-27 12:29:01 -------- d-----w- C:\Users\Jerry\AppData\Local\Macromedia 2012-08-26 15:38:37 -------- d-----w- C:\Users\Jerry\AppData\Local\Chromium 2012-08-26 15:37:25 3953632 ----a-w- C:\windows\SysWow64\GameMon.des 2012-08-26 15:37:11 5265 ----a-w- C:\windows\SysWow64\nppt9x.vxd 2012-08-26 15:37:11 4774 ----a-w- C:\windows\SysWow64\npptNT2.sys 2012-08-26 15:37:06 -------- d-----w- C:\Program Files\Common Files\INCA Shared 2012-08-26 13:12:11 27848 ----a-w- C:\windows\System32\drivers\vproiah.sys 2012-08-26 13:12:11 -------- d-----w- C:\ProgramData\IAHGames 2012-08-26 13:12:11 -------- d-----w- C:\Program Files (x86)\IAHgames 2012-08-26 06:09:14 189248 ----a-w- C:\windows\SysWow64\PnkBstrB.exe 2012-08-26 06:09:14 189248 ----a-w- C:\windows\SysWow64\PnkBstrB.ex0 2012-08-26 06:09:09 76888 ----a-w- C:\windows\SysWow64\PnkBstrA.exe 2012-08-26 06:09:08 3130440 ----a-w- C:\windows\SysWow64\pbsvc_blr.exe 2012-08-26 06:08:52 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation 2012-08-26 06:07:54 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2012-08-26 03:59:36 73416 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-26 03:59:36 696520 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2012-08-25 19:23:02 29312 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ScriptFF.dll 2012-08-25 03:19:17 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2012-08-25 03:19:15 -------- d-----w- C:\Program Files (x86)\Steam 2012-08-20 21:50:07 -------- d-----w- C:\Users\Jerry\AppData\Roaming\Malwarebytes 2012-08-20 21:49:16 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-20 21:49:14 24904 ----a-w- C:\windows\System32\drivers\mbam.sys 2012-08-20 21:49:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-08-20 15:29:59 -------- d-----w- C:\Users\Jerry\AppData\Local\Adobe 2012-08-16 07:07:01 552960 ----a-w- C:\windows\System32\drivers\bthport.sys 2012-08-16 01:59:47 503808 ----a-w- C:\windows\System32\srcore.dll 2012-08-16 01:59:47 43008 ----a-w- C:\windows\SysWow64\srclient.dll 2012-08-16 01:59:41 751104 ----a-w- C:\windows\System32\win32spl.dll 2012-08-16 01:59:41 559104 ----a-w- C:\windows\System32\spoolsv.exe 2012-08-16 01:59:41 492032 ----a-w- C:\windows\SysWow64\win32spl.dll 2012-08-16 01:59:40 67072 ----a-w- C:\windows\splwow64.exe 2012-08-16 01:59:09 59392 ----a-w- C:\windows\System32\browcli.dll 2012-08-16 01:59:09 136704 ----a-w- C:\windows\System32\browser.dll 2012-08-16 01:59:08 41984 ----a-w- C:\windows\SysWow64\browcli.dll 2012-08-16 01:59:05 3148800 ----a-w- C:\windows\System32\win32k.sys 2012-08-16 01:59:02 956928 ----a-w- C:\windows\System32\localspl.dll 2012-08-14 22:58:13 -------- d-----w- C:\Users\Jerry\AppData\Local\Diagnostics 2012-08-14 12:37:02 -------- d--h--w- C:\Users\Jerry\AppData\Roaming\RPPrivate 2012-08-13 18:14:36 -------- d-----r- C:\Users\Jerry\Podcasts 2012-08-11 22:10:38 -------- d-----w- C:\Users\Jerry\AppData\Roaming\raidcall 2012-08-11 22:10:28 -------- d-----w- C:\Program Files (x86)\RaidCall 2012-08-03 12:00:18 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared . ==================== Find3M ==================== . 2012-07-06 02:06:30 772544 ----a-w- C:\windows\SysWow64\npDeployJava1.dll 2012-07-06 02:06:20 687544 ----a-w- C:\windows\SysWow64\deployJava1.dll 2012-06-29 03:56:34 2312704 ----a-w- C:\windows\System32\jscript9.dll 2012-06-29 03:49:11 1392128 ----a-w- C:\windows\System32\wininet.dll 2012-06-29 03:48:07 1494528 ----a-w- C:\windows\System32\inetcpl.cpl 2012-06-29 03:43:49 173056 ----a-w- C:\windows\System32\ieUnatt.exe 2012-06-29 03:39:48 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2012-06-29 00:16:58 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll 2012-06-29 00:09:01 1129472 ----a-w- C:\windows\SysWow64\wininet.dll 2012-06-29 00:08:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2012-06-29 00:04:43 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2012-06-29 00:00:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2012-06-06 12:49:52 1070152 ----a-w- C:\windows\SysWow64\MSCOMCTL.OCX 2012-06-06 06:06:16 2004480 ----a-w- C:\windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\windows\SysWow64\cdosys.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\windows\System32\wudriver.dll 2012-06-02 19:19:42 186752 ----a-w- C:\windows\System32\wuwebv.dll 2012-06-02 19:15:12 36864 ----a-w- C:\windows\System32\wuapp.exe 2012-06-02 05:50:10 458704 ----a-w- C:\windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\windows\SysWow64\sspicli.dll . ============= FINISH: 17:35:50.94 =============== and here is Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 7/19/2012 11:32:49 PM System Uptime: 8/26/2012 11:37:00 PM (42 hours ago) . Motherboard: LENOVO | | Torpedo Processor: AMD A6-3420M APU with Radeon™ HD Graphics | Socket FS1 | 1500/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 422 GiB total, 351.85 GiB free. D: is FIXED (NTFS) - 29 GiB total, 26.882 GiB free. E: is Removable F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP19: 8/26/2012 2:08:02 AM - Installed NVIDIA PhysX RP20: 8/26/2012 2:10:34 AM - Windows Update RP21: 8/26/2012 3:00:12 AM - Windows Update RP22: 8/27/2012 3:00:12 AM - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) Aleks 3.18 Alliance of Valiant Arms AMD VISION Engine Control Center Blacklight: Retribution Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Control Center Profiles Mobile CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Combat Arms D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Energy Management Google Chrome Google Toolbar for Internet Explorer Google Update Helper Java Auto Updater Java™ 7 Update 5 JavaFX 2.1.1 Junk Mail filter update Lenovo EasyCamera Lenovo Games Console Lenovo OneKey Recovery Lenovo YouCam Malwarebytes Anti-Malware version 1.62.0.1300 McAfee AntiVirus Plus Mesh Runtime Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox 14.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 Nexon Game Manager NVIDIA PhysX Onekey Theater ooVoo Power2Go PowerXpressHybrid PunkBuster Services RaidCall Ralink RT2860 Wireless LAN Card RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Realtek USB 2.0 Reader Driver RealUpgrade 1.1 SafeConnect Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Steam Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition UserGuide VeriFace Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 8/28/2012 5:35:18 PM, Error: Service Control Manager [7016] - The Ralink UPnP Media Server service has reported an invalid current state 0. 8/28/2012 5:33:27 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.133.458.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8703.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 8/27/2012 5:02:05 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:02:00 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:02:00 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:02:00 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:02:00 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:02:00 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:01:55 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 8/27/2012 5:01:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: Jerry-PC\Jerry Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:01:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: Jerry-PC\Jerry Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:01:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: Jerry-PC\Jerry Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:01:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: Jerry-PC\Jerry Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:01:08 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: Jerry-PC\Jerry Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:01:08 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: Jerry-PC\Jerry Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:01:08 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: Jerry-PC\Jerry Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:01:08 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: Jerry-PC\Jerry Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/27/2012 5:01:06 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 8/27/2012 4:59:19 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR43. 8/27/2012 4:16:23 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR42. 8/27/2012 4:05:56 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR41. 8/27/2012 11:54:34 PM, Error: Disk [11] - The driver detected a controller error on \...\DR65. 8/26/2012 6:45:03 PM, Error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s). 8/26/2012 6:45:03 PM, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/26/2012 6:45:03 PM, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/26/2012 6:45:03 PM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/26/2012 6:45:03 PM, Error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/26/2012 6:45:03 PM, Error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 8/26/2012 11:37:25 AM, Error: Service Control Manager [7030] - The nProtect GameGuard Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 8/25/2012 3:16:51 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control. 8/24/2012 11:56:49 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000024 (0x00000000001904fb, 0xfffff880033858d8, 0xfffff88003385130, 0xfffff880014b8027). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 082412-27643-01. 8/24/2012 11:21:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 8/24/2012 11:21:14 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/23/2012 7:57:34 PM, Error: cdrom [15] - The device, \Device\CdRom0, is not ready for access yet. 8/23/2012 6:00:41 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR14. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.