[Malicious website blocked - svchost.exe]

ok, thank you very much for your help  .

[Malicious website blocked - svchost.exe]

When I scanned with ESET, it found a PUP called "Win32/OpenCandy.G", but you said "make sure that Remove found threats is unchecked". Shouldn't I remove it ? Also, should I also ignore those 4 things detected by RogueKiller ? thank you.

[Malicious website blocked - svchost.exe]

I also ticked these two options before scanning: "PUP is malware" and "PUM is malware". I hope it's ok.

Fixlog.txt

RogueKiller report.txt

[Malicious website blocked - svchost.exe]

done. 

ESET log.txt

malwarebytes old log 2.txt

malwarebytes old log 3.txt

malwarebytes older log 1.txt

[Malicious website blocked - svchost.exe]

Thanks Kevin, here are the logs:
 
Malwarebytes log: http://kl1p.com/NFxE
AdwCleaner log: http://kl1p.com/EJTP
First.txt: http://kl1p.com/zySr
Addition.txt: http://kl1p.com/qNSq

[Malicious website blocked - svchost.exe]

Hello. a few days ago I got a virus called "Win32:Apanas [Trj]" and I had to reinstall Windows (using the built-in feature of windows 10 - "Reset and remove everything") because most of my .exe files were infected. I scanned my PC again after this, using malwarebytes and avast and nothing showed up, but now I get a lot of messages from malwarebytes with:

 

"Malicious website blocked

IP:....

Type: inbound"

Process: C:\Windows\System32\svchost.exe"

 

Here's a picture: 

 

 

I've checked some of those ip addresses and they are from Russia, Botswana, Romania (my country), Philippines etc. Should I be worried ? 

 

thank you.

 

 

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

I disabled the services for: IObit Malware Fighter, seaport.exe and spooler.exe (i read about them, and they are useless for me now) . CPU Usage is now around 15%, so that's better i think ...

Thank you Mrc for all the help, you're the best

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

I'v just read that MsMpEng is in fact "Microsoft security essential (MSE)" . What about "svchost." ? It appears A LOT of times ... it's something wrong there ?

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

I did that, but it still appears in Task Manager - Processes . I also disabled and stopped the service .

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

It took me 1 minute to copy a 1 mb file from a folder to another ... Firefox, My computer and any other programs open much slower, everything is so slow !!! I so regret that i installed these 'updates'.

Task Manager:

Screenshot 1: http://puu.sh/1oFz1

Screenshot 2: http://puu.sh/1oFD9

Why so many ? Please help me again !

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

I installed all the updates and now my CPU Usage is always more than 50% . I have 1,66 GHz and 1 GB RAM. This means that my pc will be slower from now on ?

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

Thank you so much Mrc !

One more thing: should I turn Windows Updates on ?

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

AdwCleaner log:

# AdwCleaner v2.007 - Logfile created 11/10/2012 at 14:26:42

# Updated 06/11/2012 by Xplode

# Operating system : Windows 7 Starter (32 bits)

# User : Tedy - PC11-PC

# Boot Mode : Normal

# Running from : C:\Users\PC 11\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Browser Manager

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\Software\Conduit

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default-1352401354449 [Profil par défaut]

File : C:\Users\PC 11\AppData\Roaming\Mozilla\Firefox\Profiles\wbaww27j.default-1352401354449\prefs.js

[OK] File is clean.

Profile name : default-1352401354449 [Profil par défaut]

File : C:\Users\PC 11\AppData\Roaming\Mozilla\Firefox\Profiles\wbaww27j.default-1352401354449\prefs.js

[OK] File is clean.

Profile name : default-1352401354449 [Profil par défaut]

File : C:\Users\PC 11\AppData\Roaming\Mozilla\Firefox\Profiles\wbaww27j.default-1352401354449\prefs.js

[OK] File is clean.

-\\ Google Chrome v [unable to get version]

File : C:\Users\PC 11\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\PC 11\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\PC 11\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2181 octets] - [10/11/2012 14:14:23]

AdwCleaner[s2].txt - [2134 octets] - [10/11/2012 14:26:42]

########## EOF - C:\AdwCleaner[s2].txt - [2194 octets] ##########

Checkup.txt

Results of screen317's Security Check version 0.99.54

Windows 7 x86 (UAC is enabled)

Out of date service pack!!

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Microsoft Security Essentials

(On Access scanning disabled!)

`````````Anti-malware/Other Utilities Check:`````````

Spybot - Search & Destroy

SUPERAntiSpyware

Malwarebytes Anti-Malware version 1.65.1.1000

TuneUp Utilities 2011

TuneUp Utilities Language Pack (en-US)

TuneUp Utilities 2011

TuneUp Utilities Language Pack (en-US)

Java 6 Update 29

Java 7 Update 9

Adobe Flash Player 11.5.502.110

Adobe Reader 9 Adobe Reader out of Date!

Mozilla Firefox (16.0.2)

Google Chrome 23.0.1271.64

````````Process Check: objlist.exe by Laurent````````

Windows Defender MSMpEng.exe

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Spybot Teatimer.exe is disabled!

Microsoft Security Client Antimalware MsMpEng.exe

IObit IObit Malware Fighter IMFsrv.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 4%

````````````````````End of Log``````````````````````

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

No detections found with Malwarebytes Anti-Malware

Malwarebytes Anti-Malware (PRO) 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.10.05

Windows 7 x86 NTFS

Internet Explorer 9.0.8112.16421

Tedy :: PC11-PC [administrator]

Protection: Enabled

11/10/2012 1:55:46 PM

mbam-log-2012-11-10 (13-55-46).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 247871

Time elapsed: 10 minute(s), 57 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

AdwCleaner log:

# AdwCleaner v2.007 - Logfile created 11/10/2012 at 14:14:23

# Updated 06/11/2012 by Xplode

# Operating system : Windows 7 Starter (32 bits)

# User : Tedy - PC11-PC

# Boot Mode : Normal

# Running from : C:\Users\PC 11\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

Folder Found : C:\ProgramData\Browser Manager

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\SmartBar

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\DataMngr_Toolbar

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Key Found : HKCU\Software\Softonic

Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\Software\Conduit

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default-1352401354449 [Profil par défaut]

File : C:\Users\PC 11\AppData\Roaming\Mozilla\Firefox\Profiles\wbaww27j.default-1352401354449\prefs.js

[OK] File is clean.

Profile name : default-1352401354449 [Profil par défaut]

File : C:\Users\PC 11\AppData\Roaming\Mozilla\Firefox\Profiles\wbaww27j.default-1352401354449\prefs.js

[OK] File is clean.

Profile name : default-1352401354449 [Profil par défaut]

File : C:\Users\PC 11\AppData\Roaming\Mozilla\Firefox\Profiles\wbaww27j.default-1352401354449\prefs.js

[OK] File is clean.

-\\ Google Chrome v [unable to get version]

File : C:\Users\PC 11\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\PC 11\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\PC 11\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2052 octets] - [10/11/2012 14:14:23]

########## EOF - C:\AdwCleaner[R1].txt - [2112 octets] ##########

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

ComboFix 12-11-09.02 - Tedy 11/10/2012 10:28:23.1.2 - x86

Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.1014.106 [GMT 2:00]

Running from: c:\users\PC 11\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\1351692492.bdinstall.bin

c:\programdata\1352383782.bdinstall.bin

c:\users\PC 11\bridwsmanconf.exe

c:\windows\logboot_08.11.2012.tureg.log

c:\windows\system32\Thumbs.db

c:\windows\winhelp.ini

.

.

((((((((((((((((((((((((( Files Created from 2012-10-10 to 2012-11-10 )))))))))))))))))))))))))))))))

.

.

2030-01-01 16:18 . 2012-11-08 20:20 -------- d-----w- C:\Boot

2012-11-10 08:50 . 2012-11-10 08:51 -------- d-----w- c:\users\PC 11\AppData\Local\temp

2012-11-10 08:50 . 2012-11-10 08:50 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp

2012-11-10 08:50 . 2012-11-10 08:50 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-11-10 08:50 . 2012-11-10 08:50 -------- d-----w- c:\users\Dad\AppData\Local\temp

2012-11-10 08:21 . 2012-11-10 08:21 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A23CD0F-0788-4835-86D8-8906EB34DB24}\MpKslaa2b51ab.sys

2012-11-09 18:02 . 2012-11-09 18:11 -------- d-----w- c:\users\PC 11\AppData\Roaming\Skype

2012-11-09 13:36 . 2012-02-09 12:17 713784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{62D1157A-CD9F-470D-AD46-B0190F3F8BF4}\gapaengine.dll

2012-11-09 13:34 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A23CD0F-0788-4835-86D8-8906EB34DB24}\mpengine.dll

2012-11-08 18:54 . 2012-11-08 18:54 -------- d-----w- c:\users\PC 11\AppData\Roaming\IObit

2012-11-08 14:27 . 2012-11-08 14:27 -------- d-----w- c:\programdata\Browser Manager

2012-11-08 14:25 . 2012-11-08 14:28 -------- d-----w- c:\program files\Your Uninstaller! 7

2012-11-08 14:25 . 2012-11-08 14:25 -------- d-----w- c:\windows\Profiles

2012-11-08 13:56 . 2012-11-08 13:55 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-11-08 13:45 . 2012-11-08 13:45 -------- d-----w- c:\users\PC 11\AppData\Roaming\SUPERAntiSpyware.com

2012-11-08 13:44 . 2012-11-08 13:52 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-11-08 13:44 . 2012-11-08 13:44 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2012-11-08 13:29 . 2012-11-08 13:29 -------- d-----w- c:\program files\ESET

2012-11-07 20:11 . 2012-11-07 20:11 -------- d-----w- c:\programdata\McAfee

2012-11-07 20:11 . 2012-11-08 14:08 -------- d-----w- c:\program files\McAfee Security Scan

2012-11-05 15:49 . 2012-11-05 15:49 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll

2012-11-05 15:27 . 2012-11-05 15:27 -------- d-----w- c:\users\PC 11\AppData\Roaming\Foxit Software

2012-11-05 14:15 . 2012-11-05 14:15 -------- d-----w- c:\users\PC 11\AppData\Roaming\TuneUp Software

2012-11-03 13:04 . 2012-11-03 13:06 -------- d-----w- c:\users\PC 11\AppData\Roaming\Torrent Episode Downloader

2012-11-02 21:38 . 2012-11-09 19:28 -------- d-----w- c:\users\PC 11\AppData\Roaming\uTorrent

2012-11-01 13:01 . 2012-11-06 14:47 -------- d-----w- c:\users\PC 11\AppData\Roaming\gtk-2.0

2012-10-31 19:33 . 2012-11-09 21:55 -------- d-----w- c:\users\PC 11\AppData\Roaming\vlc

2012-10-31 18:40 . 2012-10-31 18:40 -------- d-----w- c:\users\PC 11\AppData\Roaming\puush

2012-10-31 18:05 . 2012-10-31 18:05 -------- d-----w- c:\users\PC 11\AppData\Roaming\Yahoo!

2012-10-31 18:04 . 2012-11-09 22:12 -------- d-----w- c:\users\PC 11\AppData\Roaming\.purple

2012-10-31 14:34 . 2012-11-06 19:05 -------- d-----w- c:\users\PC 11\AppData\Roaming\MiniLyrics

2012-10-31 14:17 . 2012-10-31 14:17 -------- d-----w- c:\programdata\BDLogging

2012-10-31 14:11 . 2012-10-31 14:11 -------- d-----w- c:\users\PC 11\AppData\Roaming\URSoft

2012-10-31 14:08 . 2012-11-08 14:33 -------- d-----w- c:\program files\Bitdefender

2012-10-31 14:08 . 2012-10-31 14:08 -------- d-----w- c:\users\PC 11\AppData\Roaming\QuickScan

2012-10-31 14:07 . 2012-11-08 14:18 -------- d-----w- c:\program files\Common Files\Bitdefender

2012-10-31 14:05 . 2012-10-31 14:06 -------- d-----w- c:\users\PC 11\AppData\Roaming\Notepad++

2012-10-31 14:04 . 2012-10-31 14:05 -------- d-----w- c:\users\PC 11\AppData\Roaming\CubicExplorer

2012-10-28 15:00 . 2012-11-04 08:54 -------- d-sh--w- c:\users\PC 11\AppData\Roaming\MSDCSCR

2012-10-27 16:52 . 2012-10-27 16:52 -------- d-----w- c:\program files\IObit

2012-10-27 11:53 . 2012-10-30 21:16 -------- d-----w- c:\programdata\SecTaskMan

2012-10-27 11:39 . 2012-10-31 04:55 -------- d-----w- c:\program files\CubicExplorer

2012-10-27 09:22 . 2012-10-27 09:22 -------- d-----w- c:\programdata\PC Tools

2012-10-27 09:02 . 2012-10-27 09:02 -------- d-----w- C:\Macromedia

2012-10-27 09:00 . 2012-10-27 09:00 -------- d-----w- c:\programdata\Local Settings

2012-10-26 18:47 . 2012-11-04 08:58 -------- d-----w- c:\program files\Maxthon3

2012-10-23 19:12 . 2012-10-23 19:12 -------- d-----w- c:\users\PC 11\.swt

2012-10-23 18:02 . 2012-10-23 18:02 -------- d-----w- c:\users\PC 11\AppData\Local\fontconfig

2012-10-23 18:02 . 2012-11-06 21:55 -------- d-----w- c:\users\PC 11\.gimp-2.8

2012-10-23 18:02 . 2012-10-23 18:02 -------- d-----w- c:\users\PC 11\AppData\Local\gegl-0.2

2012-10-23 17:50 . 2012-10-23 17:57 -------- d-----w- c:\program files\GIMP 2

2012-10-19 18:05 . 2012-10-19 18:07 -------- d-----w- c:\program files\puush

2012-10-13 21:28 . 2012-10-13 21:28 -------- d-----w- c:\users\PC 11\AppData\Local\LogiShrd

2012-10-12 20:50 . 2012-10-12 20:52 -------- d-----w- c:\program files\Torrent Episode Downloader

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-08 13:55 . 2012-08-28 19:36 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-11-08 13:55 . 2011-10-22 11:10 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-11-07 20:11 . 2012-03-29 14:59 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-11-07 20:11 . 2011-09-19 18:50 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-10-20 11:46 . 2011-11-21 17:53 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2012-10-12 05:56 . 2011-11-27 13:25 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-08-20 22:48 . 2012-08-20 22:48 707354 ----a-w- c:\windows\unins000.exe

2012-11-07 20:01 . 2012-11-05 15:49 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"puush"="c:\program files\puush\puush.exe" [2012-10-19 565480]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"TaskbarNoNotification"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ted.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ted.lnk

backup=c:\windows\pss\ted.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^PC 11^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AeroFS.lnk]

path=c:\users\PC 11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AeroFS.lnk

backup=c:\windows\pss\AeroFS.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^PC 11^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^paintnet.exe]

path=c:\users\PC 11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\paintnet.exe

backup=c:\windows\pss\paintnet.exe.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^PC 11^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^RadioSure.exe]

path=c:\users\PC 11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RadioSure.exe

backup=c:\windows\pss\RadioSure.exe.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^PC 11^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^RadioSure.lnk]

path=c:\users\PC 11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RadioSure.lnk

backup=c:\windows\pss\RadioSure.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^PC 11^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Screenshot Utility.lnk]

path=c:\users\PC 11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Screenshot Utility.lnk

backup=c:\windows\pss\Screenshot Utility.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]

2010-03-06 01:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]

2010-02-22 02:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]

2010-09-28 21:20 3058304 ----a-w- c:\windows\AsScrPro.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]

2010-09-28 21:20 2018032 ----a-w- c:\program files\ASUS\APRP\aprp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AveoSTI.exe]

2010-12-02 13:34 32768 ----a-w- c:\program files\AVEO USB2.0 PC Camera(U2HGCV3P31048)\AveoSTI.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CapsHook]

2010-09-08 01:45 34728 ----a-w- c:\windows\System32\AsusSender.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]

2010-06-10 20:12 414384 ----a-w- c:\program files\ASUS\Eee Docking\Eee Docking.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]

2010-04-13 07:32 548744 ----a-w- c:\program files\Elantech\ETDCtrl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Everything]

2009-03-13 01:18 602624 ----a-w- c:\program files\Everything\Everything.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]

2011-10-07 09:40 1387288 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2011-10-24 17:11 136176 ----atw- c:\users\PC 11\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GraphicsSwitch]

2010-09-08 01:45 34728 ----a-w- c:\windows\System32\AsusSender.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyMon]

2010-09-08 01:45 34728 ----a-w- c:\windows\System32\AsusSender.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

2010-10-24 17:20 173592 ----a-w- c:\windows\System32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyService]

2010-09-08 01:45 34728 ----a-w- c:\windows\System32\AsusSender.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

2009-06-05 02:03 186904 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

2010-10-24 17:20 141848 ----a-w- c:\windows\System32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]

2010-09-08 01:45 34728 ----a-w- c:\windows\System32\AsusSender.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]

2012-05-25 01:25 6595928 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]

2009-08-14 09:01 2332160 ----a-w- c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]

2011-06-15 13:16 997920 ----a-w- c:\program files\Microsoft Security Client\msseces.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOBESetup]

2009-12-11 05:56 334848 ----a-w- c:\program files\ASUS\OOBERegBackup\OOBERegBackup.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

2010-10-24 17:20 150552 ----a-w- c:\windows\System32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\puush]

2012-10-19 18:07 565480 ----a-w- c:\program files\puush\puush.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-04-18 17:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]

2007-09-02 10:58 495616 ----a-w- c:\program files\RocketDock\RocketDock.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2011-12-13 14:58 11487848 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2012-07-03 06:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]

2012-11-08 13:52 4763008 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperHybridEngine]

2010-09-08 01:45 34728 ----a-w- c:\windows\System32\AsusSender.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]

2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Syncables]

2010-07-19 19:27 370480 ----a-w- c:\program files\syncables\syncables desktop\syncables.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TabExplorer]

2012-08-01 17:05 421376 ----a-w- c:\program files\TabExplorer\TabExplorerStarter.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Unified Remote v2]

2012-07-08 07:09 280160 ----a-w- c:\program files\Unified Remote\RemoteServer.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]

2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

2012-11-02 21:40 963984 ----a-w- c:\program files\uTorrent\uTorrent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

2011-10-25 16:54 74752 ----a-w- c:\program files\Winamp\winampa.exe

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Google Update"="c:\users\PC 11\AppData\Local\Google\Update\GoogleUpdate.exe" /c

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"ASUSPRP"=c:\program files\ASUS\APRP\APRP.EXE

.

R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [x]

R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

R3 AVEO;USB2.0 PC Camera;c:\windows\system32\DRIVERS\AVEOdcnt.sys [x]

R3 BzeekDM;BzeekDM;c:\windows\system32\DRIVERS\drone.sys [x]

R3 BzeekDP;BzeekDP Drone Service;c:\windows\system32\DRIVERS\drone.sys [x]

R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]

R3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [x]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [x]

R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [x]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [x]

R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [x]

R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]

R4 persdwmsrv;Personalization Panel DWM controller;c:\program files\Winreview.ru\Personalization Panel DWM Controller\persdwmsrv.exe [x]

R4 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]

R4 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [x]

R4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [x]

R4 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [x]

S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S1 MpKslaa2b51ab;MpKslaa2b51ab;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A23CD0F-0788-4835-86D8-8906EB34DB24}\MpKslaa2b51ab.sys [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]

S2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MPKSLAA2B51AB

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Contents of the 'Scheduled Tasks' folder

.

2012-11-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 20:11]

.

2012-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-08 13:45]

.

2012-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-08 13:45]

.

2012-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-214102914-3584991394-1855280897-1000Core.job

- c:\users\PC 11\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-24 17:11]

.

2012-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-214102914-3584991394-1855280897-1000UA.job

- c:\users\PC 11\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-24 17:11]

.

2012-11-08 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 653d2b48-1fe5-4e65-a4aa-4e9c88d9e86f.job

- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]

.

2012-11-09 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 9ec30e70-ae02-41e4-a52a-6952764bccb6.job

- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]

.

2012-11-09 c:\windows\Tasks\update-S-1-5-21-214102914-3584991394-1855280897-1000.job

- c:\program files\Skillbrains\Updater\Updater.exe [2012-06-01 19:09]

.

2012-11-09 c:\windows\Tasks\update-sys.job

- c:\program files\Skillbrains\Updater\Updater.exe [2012-06-01 19:09]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://asus.msn.com

mStart Page = about:blank

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\PC 11\AppData\Roaming\Mozilla\Firefox\Profiles\wbaww27j.default-1352401354449\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.ro

FF - prefs.js: keyword.URL - hxxp://www.google.ro/search?q=

FF - ExtSQL: 2012-11-08 15:35; pamelantura@aol.com; C:\Macromedia

FF - ExtSQL: 2012-11-08 23:05; firegestures@xuldev.org; c:\users\PC 11\AppData\Roaming\Mozilla\Firefox\Profiles\wbaww27j.default-1352401354449\extensions\firegestures@xuldev.org.xpi

FF - ExtSQL: 2012-11-09 19:15; hypertranslate@mdc.com; c:\users\PC 11\AppData\Roaming\Mozilla\Firefox\Profiles\wbaww27j.default-1352401354449\extensions\hypertranslate@mdc.com.xpi

.

.

------- File Associations -------

.

.txt=Notepad++_file

.

- - - - ORPHANS REMOVED - - - -

.

BHO-{793A557B-65BC-48C3-B6F6-D472C5887C2E} - (no file)

Toolbar-Locked - (no file)

ShellIconOverlayIdentifiers-{882108B1-26E6-4926-BC70-EA1D738D5DEB} - (no file)

ShellIconOverlayIdentifiers-{882108B2-26E6-4926-BC70-EA1D738D5DEB} - (no file)

ShellIconOverlayIdentifiers-{882108B3-26E6-4926-BC70-EA1D738D5DEB} - (no file)

ShellIconOverlayIdentifiers-{882108B4-26E6-4926-BC70-EA1D738D5DEB} - (no file)

ShellIconOverlayIdentifiers-{882108B5-26E6-4926-BC70-EA1D738D5DEB} - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

MSConfigStartUp-Activex Application Updater - c:\users\PC 11\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe

MSConfigStartUp-AIM AutoRun - c:\users\PC 11\AppData\Roaming\IM.exe

MSConfigStartUp-BDAgent - c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe

MSConfigStartUp-Bzeek Icon - c:\program files\Bzeek\bzeek.exe

MSConfigStartUp-Document Explorer - c:\users\PC 11\Documents\explorer.exe

MSConfigStartUp-Download Manager - c:\users\PC 11\Downloads\explorer.exe

MSConfigStartUp-EeeSplendidAgent - c:\program files\ASUS\EPC\EeeSplendid\AsAgent.exe

MSConfigStartUp-F - c:\users\PC 11\Local Settings\Apps\F.lux\flux.exe

MSConfigStartUp-FileZilla Server Interface - c:\program files\FileZilla Server\FileZilla Server Interface.exe

MSConfigStartUp-Gtkoku - c:\users\PC 11\AppData\Roaming\Gtkoku.exe

MSConfigStartUp-IDMan - c:\program files\Internet Download Manager\IDMan.exe

MSConfigStartUp-LogMeIn GUI - c:\program files\LogMeIn\x86\LogMeInSystray.exe

MSConfigStartUp-MicroUpdate - c:\windows\system32\MSDdfsdfsdCSC\tb6dMkg9qQt3\msdumlpiop9icsc.exe

MSConfigStartUp-OTJFQ0JEOTg0MURGMTZCOD - c:\users\PC 11\bridwsmanconf.exe

MSConfigStartUp-PainNet - c:\users\PC 11\AppData\Roaming\PainNet.Dot\paintnet.exe

MSConfigStartUp-Profile Manager - c:\users\PC 11\explorer.exe

MSConfigStartUp-rundll32 - c:\users\PC 11\AppData\Roaming\MSDCSCR\msdcscmain32.exe

MSConfigStartUp-Spyware Doctor with AntiVirus - c:\users\PC 11\Desktop\sdasetup.exe

MSConfigStartUp-VizorHtmlDialog - c:\program files\Trend Micro\Titanium\VizorHtmlDialog.exe

MSConfigStartUp-Yahoo! Friend - c:\program files\YahooFriend\YahooFriend.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-214102914-3584991394-1855280897-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"scansk"=hex(0):44,c2,0f,4d,4d,d0,9e,6f,aa,78,5e,fb,bd,d0,d0,cf,ec,09,47,d7,ec,

a4,78,89,39,56,c6,7d,29,e4,06,11,3f,48,ee,06,5c,46,8e,43,00,00,00,00,00,00,\

.

[HKEY_USERS\S-1-5-21-214102914-3584991394-1855280897-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):7c,60,4d,bc,ef,cf,9c,89,0a,3a,9b,82,8d,4f,3d,85,d0,39,3e,11,7f,

fc,a0,21,ea,76,94,2b,d1,87,22,90,92,73,51,5f,97,87,58,63,00,00,00,00,00,00,\

.

[HKEY_USERS\S-1-5-21-214102914-3584991394-1855280897-1000_Classes\CLSID\{a0b82e81-982b-4f9c-bf74-5e6fd0c3e4dc}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:000000c9

"Therad"=dword:00000014

"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,

1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\

.

[HKEY_USERS\S-1-5-21-214102914-3584991394-1855280897-1000_Classes\CLSID\{ba2ebcf5-1908-41dc-9e37-094da6dfb079}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:00000075

"Therad"=dword:0000001b

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SYSTEM\BDSandBox\Tedy\machine\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="!shallow!"

.

[HKEY_LOCAL_MACHINE\SYSTEM\BDSandBox\Tedy\machine\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="!shallow!"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-11-10 10:57:25

ComboFix-quarantined-files.txt 2012-11-10 08:57

.

Pre-Run: 68,343,373,824 bytes free

Post-Run: 67,957,129,216 bytes free

.

- - End Of File - - 53F2F1FA94EC9081C9742DB719E3492B

Thank you again

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

I checked that option but i still can't acces http://www.bleepingcomputer.com/ .

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

I don't have that option ... I haven't made any updates since a very long time ... My current IE version is 8, si i'm gonna update it now to 9 to see if i'll have that option after that .

thanks again for wasting your time with me.

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

No, i can't ... It shows the same thing - .. is taking too long to respond -

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

I'm using Firefox, but i also tried to acces it with Google Chrome, Opera and Internet Explorer and i got the same "not responding" thing. I hope that's not a virus effect, although my internet connection was kinda slow lately ....

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

I did that too ... still not working .

Screenshot: http://puu.sh/1ohHz

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

http://www.bleepingcomputer.com/combofix/how-to-use-combofix is not responding. Is there any problem if I use another download source for Combofix ?

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

Awesome ! Malwarebytes Anti-Malware showed no detections now.

dds.txt

DDS (Ver_2012-11-07.01) - NTFS_x86

Internet Explorer: 8.0.7600.16869 BrowserJavaVersion: 10.9.2

Run by Tedy at 20:13:50 on 2012-11-09

Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.1014.373 [GMT 2:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

.

============== Running Processes ================

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\windows\System32\spoolsv.exe

C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Windows\System32\AsusService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\windows\system32\taskhost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\windows\system32\taskeng.exe

C:\windows\system32\Dwm.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\windows\Explorer.EXE

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\System32\svchost.exe -k HPZ12

C:\windows\System32\svchost.exe -k HPZ12

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.xvre-search.com/

uSearch Bar = Preserve

mStart Page = about:blank

BHO: AutorunsDisabled - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Help Update v1.1: {793A557B-65BC-48C3-B6F6-D472C5887C2E} - LocalServer32 - <no file>

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll

TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: TaskbarNoNotification = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-System: dontdisplaylastusername = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{27A441D5-7663-4869-9692-6C826C68FED0} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{CDE67439-FB12-47E4-BA25-583371888E31} : DHCPNameServer = 81.12.132.206 81.12.128.206

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Notify: igfxcui - igfxdev.dll

SSODL: WebCheck - <orphaned>

Hosts: 184.82.120.108 googleads.g.doubleclick.net

Hosts: 184.82.120.108 secure.tune-up.com

Hosts: 184.82.120.108 http://www.tune-up.com

Hosts: 184.82.120.108 www.tune-up.com

Hosts: 184.82.120.108 tune-up.com

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\pc 11\appdata\roaming\mozilla\firefox\profiles\wbaww27j.default-1352401354449\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.ro

FF - prefs.js: keyword.URL - hxxp://www.google.ro/search?q=

FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\pc 11\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - ExtSQL: 2012-11-08 15:35; pamelantura@aol.com; C:\Macromedia

FF - ExtSQL: 2012-11-08 23:05; firegestures@xuldev.org; c:\users\pc 11\appdata\roaming\mozilla\firefox\profiles\wbaww27j.default-1352401354449\extensions\firegestures@xuldev.org.xpi

FF - ExtSQL: 2012-11-09 19:15; hypertranslate@mdc.com; c:\users\pc 11\appdata\roaming\mozilla\firefox\profiles\wbaww27j.default-1352401354449\extensions\hypertranslate@mdc.com.xpi

.

============= SERVICES / DRIVERS ===============

.

R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-9-28 11520]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-11-5 232512]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]

R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2010-9-28 219136]

R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2012-10-27 821592]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2012-7-16 47640]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-7 399432]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-11-7 676936]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-11-12 1153368]

R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-7-29 109960]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-7-29 68208]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-7 22856]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 AVEO;USB2.0 PC Camera;c:\windows\system32\drivers\AVEOdcnt.sys [2012-7-13 318592]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-9-19 112128]

S3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\FileMonitor.sys [2012-10-27 20336]

S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-8-2 54632]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]

S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]

S3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\RegFilter.sys [2012-10-27 30640]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2010-11-29 10064]

S3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\UrlFilter.sys [2012-10-27 19832]

S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-22 81704]

S4 persdwmsrv;Personalization Panel DWM controller;c:\program files\winreview.ru\personalization panel dwm controller\persdwmsrv.exe [2011-5-28 7680]

S4 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S4 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-2-23 2886528]

S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376]

S4 VMCService;Vodafone Mobile Connect Service;c:\program files\vodafone\vodafone mobile connect\bin\VMCService.exe [2009-8-14 9216]

.

=============== File Associations ===============

.

FileExt: .txt: Notepad++_file="c:\program files\notepad++\notepad++.exe" "%1" [userChoice]

FileExt: .ini: Notepad++_file="c:\program files\notepad++\notepad++.exe" "%1"

ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs5\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2030-01-01 16:18:26 -------- d-sh--w- C:\Boot

2012-11-09 13:36:33 713784 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{62d1157a-cd9f-470d-ad46-b0190f3f8bf4}\gapaengine.dll

2012-11-09 13:34:30 6918632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{8a23cd0f-0788-4835-86d8-8906eb34db24}\mpengine.dll

2012-11-08 18:54:02 -------- d-----w- c:\users\pc 11\appdata\roaming\IObit

2012-11-08 14:27:41 -------- d-----w- c:\programdata\Browser Manager

2012-11-08 14:25:54 -------- d-----w- c:\program files\Your Uninstaller! 7

2012-11-08 14:25:03 -------- d-----w- c:\windows\Profiles

2012-11-08 14:20:29 168563 ----a-w- c:\programdata\1352383782.bdinstall.bin

2012-11-08 13:56:43 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-11-08 13:45:25 -------- d-----w- c:\users\pc 11\appdata\roaming\SUPERAntiSpyware.com

2012-11-08 13:44:33 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2012-11-08 13:44:33 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-11-08 13:29:07 -------- d-----w- c:\program files\ESET

2012-11-07 20:11:47 -------- d-----w- c:\program files\McAfee Security Scan

2012-11-07 20:01:33 73696 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll

2012-11-07 20:01:32 96224 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe

2012-11-07 20:01:32 157272 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe

2012-11-07 13:31:28 -------- d-----w- c:\users\pc 11\appdata\roaming\Malwarebytes

2012-11-07 13:30:46 -------- d-----w- c:\programdata\Malwarebytes

2012-11-07 13:30:38 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-07 13:30:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-11-06 14:39:56 -------- d-----w- c:\users\pc 11\appdata\roaming\Unified Remote

2012-11-05 18:52:28 -------- d-----w- c:\users\pc 11\appdata\roaming\BSplayer PRO

2012-11-05 15:27:31 -------- d-----w- c:\users\pc 11\appdata\roaming\Foxit Software

2012-11-05 14:15:04 -------- d-----w- c:\users\pc 11\appdata\roaming\TuneUp Software

2012-11-03 13:04:18 -------- d-----w- c:\users\pc 11\appdata\roaming\Torrent Episode Downloader

2012-11-02 21:38:56 -------- d-----w- c:\users\pc 11\appdata\roaming\uTorrent

2012-10-31 18:40:40 -------- d-----w- c:\users\pc 11\appdata\roaming\puush

2012-10-31 18:04:03 -------- d-----w- c:\users\pc 11\appdata\roaming\.purple

2012-10-31 14:34:51 -------- d-----w- c:\users\pc 11\appdata\roaming\MiniLyrics

2012-10-31 14:18:50 524076 ----a-w- c:\programdata\1351692492.bdinstall.bin

2012-10-31 14:17:59 -------- d-----w- c:\programdata\BDLogging

2012-10-31 14:11:36 -------- d-----w- c:\users\pc 11\appdata\roaming\URSoft

2012-10-31 14:08:52 -------- d-----w- c:\program files\Bitdefender

2012-10-31 14:08:46 -------- d-----w- c:\users\pc 11\appdata\roaming\QuickScan

2012-10-31 14:07:24 -------- d-----w- c:\program files\common files\Bitdefender

2012-10-31 14:04:50 -------- d-----w- c:\users\pc 11\appdata\roaming\CubicExplorer

2012-10-30 20:07:41 211456 --sha-r- c:\users\pc 11\bridwsmanconf.exe

2012-10-28 15:00:44 -------- d-sh--w- c:\users\pc 11\appdata\roaming\MSDCSCR

2012-10-27 16:52:20 -------- d-----w- c:\program files\IObit

2012-10-27 11:53:31 -------- d-----w- c:\programdata\SecTaskMan

2012-10-27 11:39:46 -------- d-----w- c:\program files\CubicExplorer

2012-10-27 09:22:56 -------- d-----w- c:\programdata\PC Tools

2012-10-27 09:02:44 -------- d-----w- C:\Macromedia

2012-10-26 18:47:17 -------- d-----w- c:\program files\Maxthon3

2012-10-23 19:12:16 -------- d-----w- c:\users\pc 11\.swt

2012-10-23 18:02:33 -------- d-----w- c:\users\pc 11\appdata\local\fontconfig

2012-10-23 18:02:13 -------- d-----w- c:\users\pc 11\.gimp-2.8

2012-10-23 18:02:12 -------- d-----w- c:\users\pc 11\appdata\local\gegl-0.2

2012-10-23 17:50:43 -------- d-----w- c:\program files\GIMP 2

2012-10-19 18:05:55 -------- d-----w- c:\program files\puush

2012-10-13 21:28:29 -------- d-----w- c:\users\pc 11\appdata\local\LogiShrd

2012-10-12 20:50:15 -------- d-----w- c:\program files\Torrent Episode Downloader

.

==================== Find3M ====================

.

2012-11-08 13:55:21 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-11-08 13:55:21 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-11-07 20:11:36 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-11-07 20:11:36 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-20 11:46:13 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2012-08-20 22:48:27 707354 ----a-w- c:\windows\unins000.exe

.

============= FINISH: 20:15:29.49 ===============

attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-07.01)

.

Microsoft Windows 7 Starter

Boot Device: \Device\HarddiskVolume1

Install Date: 8/2/2011 2:01:05 PM

System Uptime: 11/9/2012 8:12:20 PM (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | 1015PE

Processor: Intel® Atom CPU N455 @ 1.66GHz | CPU 1 | 983/167mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 100 GiB total, 62.166 GiB free.

D: is FIXED (NTFS) - 118 GiB total, 45.212 GiB free.

E: is CDROM ()

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: LogMeIn Kernel Information Provider

Device ID: ROOT\LEGACY_LMIINFO\0000

Manufacturer:

Name: LogMeIn Kernel Information Provider

PNP Device ID: ROOT\LEGACY_LMIINFO\0000

Service: LMIInfo

.

==== System Restore Points ===================

.

RP254: 10/27/2012 2:56:31 PM - Uninstall "Yahoo! Toolbar"

RP256: 10/31/2012 3:17:24 PM - Before uninstalling Personalization Panel DWM Controller

RP257: 10/31/2012 3:18:07 PM - Removed Personalization Panel DWM Controller

RP259: 10/31/2012 3:18:53 PM - Before uninstalling SmartFTP Client 4.0 Setup Files (remove only)

RP261: 10/31/2012 3:19:45 PM - Before uninstalling SmartFTP Client

RP262: 10/31/2012 3:20:08 PM - Removed SmartFTP Client

RP264: 10/31/2012 4:13:03 PM - Before uninstalling Ricochet Infinity

RP266: 11/4/2012 10:57:44 AM - Before uninstalling Maxthon 3

RP267: 11/8/2012 3:52:21 PM - Installed Java 7 Update 9

RP269: 11/8/2012 4:06:34 PM - Before uninstalling McAfee Security Scan Plus

RP271: 11/8/2012 4:09:10 PM - Before uninstalling Bitdefender Antivirus Plus 2012

RP273: 11/8/2012 4:55:29 PM - Before uninstalling Babylon toolbar

.

==== Hosts File Hijack ======================

.

Hosts: 184.82.120.108 googleads.g.doubleclick.net

Hosts: 184.82.120.108 secure.tune-up.com

Hosts: 184.82.120.108 http://www.tune-up.com

Hosts: 184.82.120.108 www.tune-up.com

Hosts: 184.82.120.108 tune-up.com

Hosts: 184.82.120.108 ad.e-kolay.net

Hosts: 184.82.120.108 adonline.e-kolay.net

Hosts: 184.82.120.108 img.adnet.com.tr

Hosts: 184.82.120.108 www.adnet.com.tr

Hosts: 184.82.120.108 adnet.com.tr

Hosts: 184.82.120.108 ads1.msads.net

Hosts: 184.82.120.108 global.msads.net

Hosts: 184.82.120.108 reklam.mynet.com

Hosts: 184.82.120.108 reklam1.mynet.com

Hosts: 184.82.120.108 reklam2.mynet.com

Hosts: 184.82.120.108 reklam3.mynet.com

Hosts: 184.82.120.108 reklam4.mynet.com

Hosts: 184.82.120.108 reklam5.mynet.com

Hosts: 184.82.120.108 reklam6.mynet.com

Hosts: 184.82.120.108 reklam7.mynet.com

Hosts: 184.82.120.108 servad.mynet.com

Hosts: 184.82.120.108 www.adhood.com

Hosts: 184.82.120.108 adhood.com

Hosts: 184.82.120.108 ads.mynet.com

Hosts: 184.82.120.108 ads1.mynet.com

Hosts: 184.82.120.108 ads2.mynet.com

Hosts: 184.82.120.108 ads3.mynet.com

Hosts: 184.82.120.108 ads4.mynet.com

Hosts: 184.82.120.108 ads5.mynet.com

Hosts: 184.82.120.108 ads6.mynet.com

Hosts: 184.82.120.108 ads7.mynet.com

Hosts: 184.82.120.108 ads8.mynet.com

Hosts: 184.82.120.108 ads9.mynet.com

Hosts: 184.82.120.108 ads.adklik.com.tr

Hosts: 184.82.120.108 ads1.adklik.com.tr

Hosts: 184.82.120.108 ads2.adklik.com.tr

Hosts: 184.82.120.108 ads3.adklik.com.tr

Hosts: 184.82.120.108 ads4.adklik.com.tr

Hosts: 184.82.120.108 ads5.adklik.com.tr

Hosts: 184.82.120.108 ads7.adklik.com.tr

Hosts: 184.82.120.108 ads8.adklik.com.tr

Hosts: 184.82.120.108 ads9.adklik.com.tr

Hosts: 184.82.120.108 ads10.adklik.com.tr

Hosts: 184.82.120.108 creative.ak.fbcdn.net

Hosts: 184.82.120.108 ifa.camads.net

Hosts: 184.82.120.108 camads.net

Hosts: 184.82.120.108 ts.videosz.com

Hosts: 184.82.120.108 feeds.videosz.com

Hosts: 184.82.120.108 www.sixsigmatraffic.com

Hosts: 184.82.120.108 sixsigmatraffic.com

Hosts: 184.82.120.108 ads.trafficjunky.net

Hosts: 184.82.120.108 trafficjunky.net

Hosts: 184.82.120.108 media.trafficjunky.net

Hosts: 184.82.120.108 adserver.adklik.com.tr

Hosts: 184.82.120.108 reklam.chip.com.tr

Hosts: 184.82.120.108 ad.reklamport.com

Hosts: 184.82.120.108 s.adklik.com.tr

Hosts: 184.82.120.108 ad-emea.doubleclick.net

Hosts: 184.82.120.108 rs.chip.com.tr

Hosts: 184.82.120.108 pagead2.googlesyndication.com

Hosts: 184.82.120.108 pagead.googlesyndication.com

Hosts: 184.82.120.108 pagead1.googlesyndication.com

Hosts: 184.82.120.108 pagead3.googlesyndication.com

Hosts: 184.82.120.108 pagead4.googlesyndication.com

Hosts: 184.82.120.108 pagead5.googlesyndication.com

Hosts: 184.82.120.108 run.admost.com

Hosts: 184.82.120.108 pro.hit.gemius.pl

Hosts: 184.82.120.108 adtext.adnet.com.tr

Hosts: 184.82.120.108 substatic.milliyet.com.tr

Hosts: 184.82.120.108 ad.logro.com.tr

Hosts: 184.82.120.108 logro.com.tr

Hosts: 184.82.120.108 adlog.com.com

Hosts: 184.82.120.108 dis-altfarm.mediaplex.com

Hosts: 184.82.120.108 adimg.cnet.com

Hosts: 184.82.120.108 mads.cnet.com

Hosts: 184.82.120.108 ads.pointroll.com

Hosts: 184.82.120.108 server2.mediajmp.com

Hosts: 184.82.120.108 server1.mediajmp.com

Hosts: 184.82.120.108 server3.mediajmp.com

Hosts: 184.82.120.108 server4.mediajmp.com

Hosts: 184.82.120.108 rad.msn.com

Hosts: 184.82.120.108 d14.zedo.com

Hosts: 184.82.120.108 d13.zedo.com

Hosts: 184.82.120.108 d12.zedo.com

Hosts: 184.82.120.108 d11.zedo.com

Hosts: 184.82.120.108 d10.zedo.com

Hosts: 184.82.120.108 d9.zedo.com

Hosts: 184.82.120.108 d8.zedo.com

Hosts: 184.82.120.108 d7.zedo.com

Hosts: 184.82.120.108 d6.zedo.com

Hosts: 184.82.120.108 d5.zedo.com

Hosts: 184.82.120.108 d4.zedo.com

Hosts: 184.82.120.108 d3.zedo.com

Hosts: 184.82.120.108 d2.zedo.com

Hosts: 184.82.120.108 d1.zedo.com

Hosts: 184.82.120.108 d0.zedo.com

Hosts: 184.82.120.108 d.zedo.com

Hosts: 184.82.120.108 fls.doubleclick.net

Hosts: 184.82.120.108 ad.yieldmanager.com

Hosts: 184.82.120.108 ads.bluelithium.com

Hosts: 184.82.120.108 global.ard.yahoo.com

Hosts: 184.82.120.108 ads.yimg.com

Hosts: 184.82.120.108 adx.chip.de

Hosts: 184.82.120.108 pagead2.googlesyndication.com

Hosts: 184.82.120.108 pagead1.googlesyndication.com

Hosts: 184.82.120.108 pagead3.googlesyndication.com

Hosts: 184.82.120.108 pagead4.googlesyndication.com

Hosts: 184.82.120.108 pagead5.googlesyndication.com

Hosts: 184.82.120.108 ad.de.doubleclick.net

Hosts: 184.82.120.108 imagesrv.adition.com

Hosts: 184.82.120.108 ad3.adfarm1.adition.com

Hosts: 184.82.120.108 pay.2gvn.com

Hosts: 184.82.120.108 partner.googleadservices.com

Hosts: 184.82.120.108 pubads.g.doubleclick.net

Hosts: 184.82.120.108 aptech.ac.vn

Hosts: 184.82.120.108 admicro.vcmedia.vn

Hosts: 184.82.120.108 admicro1.vcmedia.vn

Hosts: 184.82.120.108 admicro2.vcmedia.vn

Hosts: 184.82.120.108 admicro3.vcmedia.vn

Hosts: 184.82.120.108 logging.admicro.vn

Hosts: 184.82.120.108 lauxanh.us

Hosts: 184.82.120.108 media.vatgia.vn

Hosts: 184.82.120.108 adserving.cpxinteractive.com

Hosts: 184.82.120.108 ads.v1vn.com

Hosts: 184.82.120.108 ads.easyvn.net

Hosts: 184.82.120.108 pagead2.googlesyndication.com

Hosts: 184.82.120.108 pubads.g.doubleclick.net

Hosts: 184.82.120.108 ads.tech24.vn

Hosts: 184.82.120.108 media.adnetwork.vn

Hosts: 184.82.120.108 delivery.adnetwork.vn

Hosts: 184.82.120.108 altfarm.mediaplex.com

Hosts: 184.82.120.108 adclick.g.doubleclick.net

Hosts: 184.82.120.108 img-cdn.mediaplex.com

Hosts: 184.82.120.108 www.googleadservices.com

Hosts: 184.82.120.108 media2.manga24h.com

Hosts: 184.82.120.108 ads.tik.vn

Hosts: 184.82.120.108 delivery.adnetwork.vn

Hosts: 184.82.120.108 ads.adnetwork.vn

Hosts: 184.82.120.108 img.ad.zing.vn

Hosts: 184.82.120.108 ad.zing.vn

Hosts: 184.82.120.108 www.lauxanh.us

Hosts: 184.82.120.108 ads2.xdeal.vn

Hosts: 184.82.120.108 img.tamtay.vn

Hosts: 184.82.120.108 w2.caovang.com

Hosts: 184.82.120.108 caovang.com

Hosts: 184.82.120.108 www.caovang.com

Hosts: 184.82.120.108 adsviet.info

Hosts: 184.82.120.108 logging.admicro.vn

.

==== Installed Programs ======================

.

µTorrent

32 Bit HP CIO Components Installer

Acrobat.com

Adobe After Effects CS4

Adobe After Effects CS4 Presets

Adobe After Effects CS4 Third Party Content

Adobe AIR

Adobe Anchor Service CS4

Adobe CMaps CS4

Adobe Color Video Profiles AE CS4

Adobe Default Language CS4

Adobe Device Central CS4

Adobe Dynamiclink Support

Adobe ExtendScript Toolkit CS4

Adobe Extension Manager CS4

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Fonts All

Adobe Media Encoder CS4

Adobe Media Encoder CS4 Additional Exporter

Adobe Media Player

Adobe MotionPicture Color Files CS4

Adobe Output Module

Adobe PDF Library Files CS4

Adobe Reader 9.1 MUI

Adobe Setup

Adobe Type Support CS4

Adobe Update Manager CS4

Adobe XMP Panels CS4

AIMP3

Anki

Apple Application Support

ASUSUpdate for Eee PC

Atheros Client Installation Program

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

AVEO USB2.0 PC Camera(U2HGCV3P31048)

BitTorrent

Broadcom 802.11n Network Adapter

Broadcom Wireless Network Adapter

BSPlayer Pro 2.58 version 1058

Camera Viewer Pro

Camtasia Studio 7

Camtasia Studio 8

CapsHook

CodeBlocks

CPUID CPU-Z 1.61.5

CSSExplorerSetup

CyberLink PowerRecover

DAEMON Tools Lite

Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition

E-Cam

Eee Docking 3.8.1

EeeSplendid

eReg

ESET Online Scanner v3

ETDWare PS/2-x86 7.0.5.11_WHQL

Everything 1.2.1.371

File Name Converter

FluffyApp

FontResizer

Foxit Reader 5.0

GIMP 2.8.2

Gimp Themes v1.0

Google Chrome

Google Chrome Canary

Google SketchUp 8

Google Update Helper

gpedt.msc 1.0

Hotkey Service

Indeo® Software

Intel® Graphics Media Accelerator Driver

Intel® Matrix Storage Manager

IObit Malware Fighter

Java 7 Update 9

Java Auto Updater

Java 6 Update 29

Junk Mail filter update

Just Learn Morse Code

LiveUpdate

Logitech SetPoint 6.32

Malwarebytes Anti-Malware version 1.65.1.1000

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Antimalware

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2010

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Business 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Search Enhancement Pack

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

MiniLyrics

Mozilla Firefox 16.0.2 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser (KB973685)

Notepad++

OOBERegBackup

Opera Next 12.01 internal build 1473

PDF Settings CS5

Personalization Panel

Personalization Panel DWM Controller

Photomizer

Photoshop Camera Raw

Picasa 3

Pidgin

Pixel Bender Toolkit

PPTLaunch

puush

QuickTime

RadioSure

Ralink RT2860 Wireless LAN Card

Realtek High Definition Audio Driver

RidNacs 2.0.3

RocketDock 1.3.5

Româna cu Alt dreapta (cu sedile) - diacritice.ro

RummyRoyal.com

Security Update for Microsoft Excel 2010 (KB2553070)

Security Update for Microsoft Office 2010 (KB2289078)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft PowerPoint 2010 (KB2519975)

Security Update for Microsoft Publisher 2010 (KB2409055)

Security Update for Microsoft Word 2010 (KB2345000)

Skype Click to Call

Skype™ 5.5

SmartFTP Client

Songr

Spybot - Search & Destroy

StarterBackgroundChanger

Steam

Suite Shared Configuration CS4

Super Hybrid Engine

SUPERAntiSpyware

syncables desktop DE

System Requirements Lab CYRI

System Requirements Lab for Intel

TabExplorer

TeamViewer 7

Torrent Episode Downloader

TuneUp Utilities 2011

TuneUp Utilities Language Pack (en-US)

Unified Remote

Unlocker 1.9.1

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft Office 2010 (KB2202188)

Update for Microsoft Office 2010 (KB2413186)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2523113)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

VLC media player 2.0.3

Vodafone Mobile Connect Lite

Winamp

Winamp Detector Plug-in

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Mail

Windows Live Photo Gallery

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

WinRAR archiver

WinSCP 4.3.5

Yahoo! Messenger

Your Uninstaller! 7

.

==== Event Viewer Messages From Past Week ========

.

11/9/2012 8:12:45 PM, Error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.

11/9/2012 8:12:43 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/9/2012 8:12:43 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/9/2012 8:11:53 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/9/2012 8:11:27 PM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.

11/9/2012 7:07:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/9/2012 7:07:45 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/9/2012 7:06:18 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/9/2012 7:03:17 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/9/2012 3:35:40 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/9/2012 3:34:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/9/2012 3:23:44 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/9/2012 3:23:44 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/8/2012 8:53:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/8/2012 8:43:09 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/8/2012 4:56:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/8/2012 4:34:27 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/8/2012 3:00:43 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/8/2012 2:44:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/8/2012 2:44:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/8/2012 11:42:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/8/2012 11:32:16 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/8/2012 11:32:16 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/8/2012 10:44:31 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/8/2012 10:27:39 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/7/2012 4:08:57 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/7/2012 3:57:02 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/7/2012 3:57:02 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/7/2012 3:07:22 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/7/2012 2:57:04 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/7/2012 2:57:04 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/7/2012 10:18:04 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/7/2012 10:07:27 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/7/2012 10:07:27 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/6/2012 3:14:11 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/6/2012 3:03:44 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/6/2012 3:03:44 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/5/2012 8:17:06 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/5/2012 2:36:49 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/5/2012 2:26:30 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/5/2012 2:26:30 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/4/2012 10:39:12 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/4/2012 10:39:12 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/3/2012 7:25:59 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/3/2012 7:25:59 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/3/2012 12:08:07 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/3/2012 12:06:47 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.773.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/3/2012 11:56:20 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/3/2012 11:56:20 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/2/2012 8:00:23 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.773.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/2/2012 7:50:05 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/2/2012 7:50:05 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/2/2012 5:54:05 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.773.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/2/2012 5:43:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/2/2012 5:43:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/2/2012 2:52:24 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.773.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/2/2012 2:42:04 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/2/2012 2:42:04 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

.

==== End Of File ===========================

RogueKiller log

RogueKiller V8.2.3 [11/07/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website: http://tigzy.geekstogo.com/roguekiller.php

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 32 bits version

Started in : Normal mode

User : Tedy [Admin rights]

Mode : Scan -- Date : 11/09/2012 20:17:32

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 18 ¤¤¤

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND

[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND

[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND

[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost

184.82.120.108 googleads.g.doubleclick.net

184.82.120.108 secure.tune-up.com

127.0.0.1 secure.tune-up.com

184.82.120.108 hxxp://www.tune-up.com

184.82.120.108 www.tune-up.com

184.82.120.108 tune-up.com

184.82.120.108 ad.e-kolay.net

184.82.120.108 adonline.e-kolay.net

184.82.120.108 img.adnet.com.tr

184.82.120.108 www.adnet.com.tr

184.82.120.108 adnet.com.tr

184.82.120.108 ads1.msads.net

184.82.120.108 global.msads.net

184.82.120.108 reklam.mynet.com

184.82.120.108 reklam1.mynet.com

184.82.120.108 reklam2.mynet.com

184.82.120.108 reklam3.mynet.com

184.82.120.108 reklam4.mynet.com

184.82.120.108 reklam5.mynet.com

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9250315AS +++++

--- User ---

[MBR] 54454208b7efa8d1779b706d915d20e2

[bSP] 2871b0cb4a20f4adcbfd66f245d395bf : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo

1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 120694 Mo

3 - [XXXXXX] UNKNOWN (0xef) [VISIBLE] Offset (sectors): 488355840 | Size: 20 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_11092012_02d2017.txt >>

RKreport[1]_S_11092012_02d2017.txt

Thank you!

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

Thank you for the quick response !

Malwarebytes Anti-Malware report:

Malwarebytes Anti-Malware (PRO) 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.08.09

Windows 7 x86 NTFS

Internet Explorer 8.0.7600.16385

Tedy :: PC11-PC [administrator]

Protection: Enabled

11/9/2012 5:02:57 PM

mbam-log-2012-11-09 (17-33-07).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 244272

Time elapsed: 12 minute(s), 47 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 2

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\PC11~1\LOCALS~1\Temp\msvriso.bat -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\PC11~1\LOCALS~1\Temp\msvriso.bat -> No action taken.

Registry Data Items Detected: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

DDS.txt

DDS (Ver_2012-11-07.01) - NTFS_x86

Internet Explorer: 8.0.7600.16869 BrowserJavaVersion: 10.9.2

Run by Tedy at 19:09:32 on 2012-11-09

Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.1014.357 [GMT 2:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

.

============== Running Processes ================

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\windows\System32\spoolsv.exe

C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Windows\System32\AsusService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\windows\system32\taskhost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Windows\system32\WUDFHost.exe

C:\windows\system32\taskeng.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\System32\svchost.exe -k HPZ12

C:\windows\System32\svchost.exe -k HPZ12

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.xvre-search.com/

uSearch Bar = Preserve

mStart Page = about:blank

BHO: AutorunsDisabled - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Help Update v1.1: {793A557B-65BC-48C3-B6F6-D472C5887C2E} - LocalServer32 - <no file>

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll

TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: TaskbarNoNotification = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-System: dontdisplaylastusername = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{27A441D5-7663-4869-9692-6C826C68FED0} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{CDE67439-FB12-47E4-BA25-583371888E31} : DHCPNameServer = 81.12.132.206 81.12.128.206

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Notify: igfxcui - igfxdev.dll

SSODL: WebCheck - <orphaned>

Hosts: 184.82.120.108 googleads.g.doubleclick.net

Hosts: 184.82.120.108 secure.tune-up.com

Hosts: 184.82.120.108 http://www.tune-up.com

Hosts: 184.82.120.108 www.tune-up.com

Hosts: 184.82.120.108 tune-up.com

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\pc 11\appdata\roaming\mozilla\firefox\profiles\wbaww27j.default-1352401354449\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.ro

FF - prefs.js: keyword.URL - hxxp://www.google.ro/search?q=

FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\pc 11\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - ExtSQL: 2012-11-08 15:35; pamelantura@aol.com; C:\Macromedia

FF - ExtSQL: 2012-11-08 23:05; firegestures@xuldev.org; c:\users\pc 11\appdata\roaming\mozilla\firefox\profiles\wbaww27j.default-1352401354449\extensions\firegestures@xuldev.org.xpi

.

============= SERVICES / DRIVERS ===============

.

R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-9-28 11520]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-11-5 232512]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]

R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2010-9-28 219136]

R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2012-10-27 821592]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2012-7-16 47640]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-7 399432]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-11-7 676936]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-11-12 1153368]

R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-7-29 109960]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-7-29 68208]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-7 22856]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 AVEO;USB2.0 PC Camera;c:\windows\system32\drivers\AVEOdcnt.sys [2012-7-13 318592]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-9-19 112128]

S3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\FileMonitor.sys [2012-10-27 20336]

S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-8-2 54632]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]

S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]

S3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\RegFilter.sys [2012-10-27 30640]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2010-11-29 10064]

S3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\UrlFilter.sys [2012-10-27 19832]

S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-22 81704]

S4 persdwmsrv;Personalization Panel DWM controller;c:\program files\winreview.ru\personalization panel dwm controller\persdwmsrv.exe [2011-5-28 7680]

S4 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S4 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-2-23 2886528]

S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376]

S4 VMCService;Vodafone Mobile Connect Service;c:\program files\vodafone\vodafone mobile connect\bin\VMCService.exe [2009-8-14 9216]

.

=============== File Associations ===============

.

FileExt: .txt: Notepad++_file="c:\program files\notepad++\notepad++.exe" "%1" [userChoice]

FileExt: .ini: Notepad++_file="c:\program files\notepad++\notepad++.exe" "%1"

ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs5\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2030-01-01 16:18:26 -------- d-sh--w- C:\Boot

2012-11-09 13:36:33 713784 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{62d1157a-cd9f-470d-ad46-b0190f3f8bf4}\gapaengine.dll

2012-11-09 13:34:30 6918632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{8a23cd0f-0788-4835-86d8-8906eb34db24}\mpengine.dll

2012-11-08 18:54:02 -------- d-----w- c:\users\pc 11\appdata\roaming\IObit

2012-11-08 14:27:41 -------- d-----w- c:\programdata\Browser Manager

2012-11-08 14:25:54 -------- d-----w- c:\program files\Your Uninstaller! 7

2012-11-08 14:25:03 -------- d-----w- c:\windows\Profiles

2012-11-08 14:20:29 168563 ----a-w- c:\programdata\1352383782.bdinstall.bin

2012-11-08 13:56:43 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-11-08 13:45:25 -------- d-----w- c:\users\pc 11\appdata\roaming\SUPERAntiSpyware.com

2012-11-08 13:44:33 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2012-11-08 13:44:33 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-11-08 13:29:07 -------- d-----w- c:\program files\ESET

2012-11-07 20:11:47 -------- d-----w- c:\program files\McAfee Security Scan

2012-11-07 20:01:33 73696 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll

2012-11-07 20:01:32 96224 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe

2012-11-07 20:01:32 157272 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe

2012-11-07 13:31:28 -------- d-----w- c:\users\pc 11\appdata\roaming\Malwarebytes

2012-11-07 13:30:46 -------- d-----w- c:\programdata\Malwarebytes

2012-11-07 13:30:38 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-07 13:30:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-11-06 14:39:56 -------- d-----w- c:\users\pc 11\appdata\roaming\Unified Remote

2012-11-05 18:52:28 -------- d-----w- c:\users\pc 11\appdata\roaming\BSplayer PRO

2012-11-05 15:27:31 -------- d-----w- c:\users\pc 11\appdata\roaming\Foxit Software

2012-11-05 14:15:04 -------- d-----w- c:\users\pc 11\appdata\roaming\TuneUp Software

2012-11-03 13:04:18 -------- d-----w- c:\users\pc 11\appdata\roaming\Torrent Episode Downloader

2012-11-02 21:38:56 -------- d-----w- c:\users\pc 11\appdata\roaming\uTorrent

2012-10-31 18:40:40 -------- d-----w- c:\users\pc 11\appdata\roaming\puush

2012-10-31 18:04:03 -------- d-----w- c:\users\pc 11\appdata\roaming\.purple

2012-10-31 14:34:51 -------- d-----w- c:\users\pc 11\appdata\roaming\MiniLyrics

2012-10-31 14:18:50 524076 ----a-w- c:\programdata\1351692492.bdinstall.bin

2012-10-31 14:17:59 -------- d-----w- c:\programdata\BDLogging

2012-10-31 14:11:36 -------- d-----w- c:\users\pc 11\appdata\roaming\URSoft

2012-10-31 14:08:52 -------- d-----w- c:\program files\Bitdefender

2012-10-31 14:08:46 -------- d-----w- c:\users\pc 11\appdata\roaming\QuickScan

2012-10-31 14:07:24 -------- d-----w- c:\program files\common files\Bitdefender

2012-10-31 14:04:50 -------- d-----w- c:\users\pc 11\appdata\roaming\CubicExplorer

2012-10-30 20:07:41 211456 --sha-r- c:\users\pc 11\bridwsmanconf.exe

2012-10-28 15:00:44 -------- d-sh--w- c:\users\pc 11\appdata\roaming\MSDCSCR

2012-10-27 16:52:20 -------- d-----w- c:\program files\IObit

2012-10-27 11:53:31 -------- d-----w- c:\programdata\SecTaskMan

2012-10-27 11:39:46 -------- d-----w- c:\program files\CubicExplorer

2012-10-27 09:22:56 -------- d-----w- c:\programdata\PC Tools

2012-10-27 09:02:44 -------- d-----w- C:\Macromedia

2012-10-26 18:47:17 -------- d-----w- c:\program files\Maxthon3

2012-10-23 19:12:16 -------- d-----w- c:\users\pc 11\.swt

2012-10-23 18:02:33 -------- d-----w- c:\users\pc 11\appdata\local\fontconfig

2012-10-23 18:02:13 -------- d-----w- c:\users\pc 11\.gimp-2.8

2012-10-23 18:02:12 -------- d-----w- c:\users\pc 11\appdata\local\gegl-0.2

2012-10-23 17:50:43 -------- d-----w- c:\program files\GIMP 2

2012-10-19 18:05:55 -------- d-----w- c:\program files\puush

2012-10-13 21:28:29 -------- d-----w- c:\users\pc 11\appdata\local\LogiShrd

2012-10-12 20:50:15 -------- d-----w- c:\program files\Torrent Episode Downloader

.

==================== Find3M ====================

.

2012-11-08 13:55:21 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-11-08 13:55:21 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-11-07 20:11:36 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-11-07 20:11:36 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-20 11:46:13 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2012-08-20 22:48:27 707354 ----a-w- c:\windows\unins000.exe

.

============= FINISH: 19:11:17.06 ===============

attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-07.01)

.

Microsoft Windows 7 Starter

Boot Device: \Device\HarddiskVolume1

Install Date: 8/2/2011 2:01:05 PM

System Uptime: 11/9/2012 7:07:22 PM (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | 1015PE

Processor: Intel® Atom CPU N455 @ 1.66GHz | CPU 1 | 983/167mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 100 GiB total, 62.168 GiB free.

D: is FIXED (NTFS) - 118 GiB total, 45.212 GiB free.

E: is CDROM ()

F: is CDROM ()

G: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: LogMeIn Kernel Information Provider

Device ID: ROOT\LEGACY_LMIINFO\0000

Manufacturer:

Name: LogMeIn Kernel Information Provider

PNP Device ID: ROOT\LEGACY_LMIINFO\0000

Service: LMIInfo

.

==== System Restore Points ===================

.

RP254: 10/27/2012 2:56:31 PM - Uninstall "Yahoo! Toolbar"

RP256: 10/31/2012 3:17:24 PM - Before uninstalling Personalization Panel DWM Controller

RP257: 10/31/2012 3:18:07 PM - Removed Personalization Panel DWM Controller

RP259: 10/31/2012 3:18:53 PM - Before uninstalling SmartFTP Client 4.0 Setup Files (remove only)

RP261: 10/31/2012 3:19:45 PM - Before uninstalling SmartFTP Client

RP262: 10/31/2012 3:20:08 PM - Removed SmartFTP Client

RP264: 10/31/2012 4:13:03 PM - Before uninstalling Ricochet Infinity

RP266: 11/4/2012 10:57:44 AM - Before uninstalling Maxthon 3

RP267: 11/8/2012 3:52:21 PM - Installed Java 7 Update 9

RP269: 11/8/2012 4:06:34 PM - Before uninstalling McAfee Security Scan Plus

RP271: 11/8/2012 4:09:10 PM - Before uninstalling Bitdefender Antivirus Plus 2012

RP273: 11/8/2012 4:55:29 PM - Before uninstalling Babylon toolbar

.

==== Hosts File Hijack ======================

.

Hosts: 184.82.120.108 googleads.g.doubleclick.net

Hosts: 184.82.120.108 secure.tune-up.com

Hosts: 184.82.120.108 http://www.tune-up.com

Hosts: 184.82.120.108 www.tune-up.com

Hosts: 184.82.120.108 tune-up.com

Hosts: 184.82.120.108 ad.e-kolay.net

Hosts: 184.82.120.108 adonline.e-kolay.net

Hosts: 184.82.120.108 img.adnet.com.tr

Hosts: 184.82.120.108 www.adnet.com.tr

Hosts: 184.82.120.108 adnet.com.tr

Hosts: 184.82.120.108 ads1.msads.net

Hosts: 184.82.120.108 global.msads.net

Hosts: 184.82.120.108 reklam.mynet.com

Hosts: 184.82.120.108 reklam1.mynet.com

Hosts: 184.82.120.108 reklam2.mynet.com

Hosts: 184.82.120.108 reklam3.mynet.com

Hosts: 184.82.120.108 reklam4.mynet.com

Hosts: 184.82.120.108 reklam5.mynet.com

Hosts: 184.82.120.108 reklam6.mynet.com

Hosts: 184.82.120.108 reklam7.mynet.com

Hosts: 184.82.120.108 servad.mynet.com

Hosts: 184.82.120.108 www.adhood.com

Hosts: 184.82.120.108 adhood.com

Hosts: 184.82.120.108 ads.mynet.com

Hosts: 184.82.120.108 ads1.mynet.com

Hosts: 184.82.120.108 ads2.mynet.com

Hosts: 184.82.120.108 ads3.mynet.com

Hosts: 184.82.120.108 ads4.mynet.com

Hosts: 184.82.120.108 ads5.mynet.com

Hosts: 184.82.120.108 ads6.mynet.com

Hosts: 184.82.120.108 ads7.mynet.com

Hosts: 184.82.120.108 ads8.mynet.com

Hosts: 184.82.120.108 ads9.mynet.com

Hosts: 184.82.120.108 ads.adklik.com.tr

Hosts: 184.82.120.108 ads1.adklik.com.tr

Hosts: 184.82.120.108 ads2.adklik.com.tr

Hosts: 184.82.120.108 ads3.adklik.com.tr

Hosts: 184.82.120.108 ads4.adklik.com.tr

Hosts: 184.82.120.108 ads5.adklik.com.tr

Hosts: 184.82.120.108 ads7.adklik.com.tr

Hosts: 184.82.120.108 ads8.adklik.com.tr

Hosts: 184.82.120.108 ads9.adklik.com.tr

Hosts: 184.82.120.108 ads10.adklik.com.tr

Hosts: 184.82.120.108 creative.ak.fbcdn.net

Hosts: 184.82.120.108 ifa.camads.net

Hosts: 184.82.120.108 camads.net

Hosts: 184.82.120.108 ts.videosz.com

Hosts: 184.82.120.108 feeds.videosz.com

Hosts: 184.82.120.108 www.sixsigmatraffic.com

Hosts: 184.82.120.108 sixsigmatraffic.com

Hosts: 184.82.120.108 ads.trafficjunky.net

Hosts: 184.82.120.108 trafficjunky.net

Hosts: 184.82.120.108 media.trafficjunky.net

Hosts: 184.82.120.108 adserver.adklik.com.tr

Hosts: 184.82.120.108 reklam.chip.com.tr

Hosts: 184.82.120.108 ad.reklamport.com

Hosts: 184.82.120.108 s.adklik.com.tr

Hosts: 184.82.120.108 ad-emea.doubleclick.net

Hosts: 184.82.120.108 rs.chip.com.tr

Hosts: 184.82.120.108 pagead2.googlesyndication.com

Hosts: 184.82.120.108 pagead.googlesyndication.com

Hosts: 184.82.120.108 pagead1.googlesyndication.com

Hosts: 184.82.120.108 pagead3.googlesyndication.com

Hosts: 184.82.120.108 pagead4.googlesyndication.com

Hosts: 184.82.120.108 pagead5.googlesyndication.com

Hosts: 184.82.120.108 run.admost.com

Hosts: 184.82.120.108 pro.hit.gemius.pl

Hosts: 184.82.120.108 adtext.adnet.com.tr

Hosts: 184.82.120.108 substatic.milliyet.com.tr

Hosts: 184.82.120.108 ad.logro.com.tr

Hosts: 184.82.120.108 logro.com.tr

Hosts: 184.82.120.108 adlog.com.com

Hosts: 184.82.120.108 dis-altfarm.mediaplex.com

Hosts: 184.82.120.108 adimg.cnet.com

Hosts: 184.82.120.108 mads.cnet.com

Hosts: 184.82.120.108 ads.pointroll.com

Hosts: 184.82.120.108 server2.mediajmp.com

Hosts: 184.82.120.108 server1.mediajmp.com

Hosts: 184.82.120.108 server3.mediajmp.com

Hosts: 184.82.120.108 server4.mediajmp.com

Hosts: 184.82.120.108 rad.msn.com

Hosts: 184.82.120.108 d14.zedo.com

Hosts: 184.82.120.108 d13.zedo.com

Hosts: 184.82.120.108 d12.zedo.com

Hosts: 184.82.120.108 d11.zedo.com

Hosts: 184.82.120.108 d10.zedo.com

Hosts: 184.82.120.108 d9.zedo.com

Hosts: 184.82.120.108 d8.zedo.com

Hosts: 184.82.120.108 d7.zedo.com

Hosts: 184.82.120.108 d6.zedo.com

Hosts: 184.82.120.108 d5.zedo.com

Hosts: 184.82.120.108 d4.zedo.com

Hosts: 184.82.120.108 d3.zedo.com

Hosts: 184.82.120.108 d2.zedo.com

Hosts: 184.82.120.108 d1.zedo.com

Hosts: 184.82.120.108 d0.zedo.com

Hosts: 184.82.120.108 d.zedo.com

Hosts: 184.82.120.108 fls.doubleclick.net

Hosts: 184.82.120.108 ad.yieldmanager.com

Hosts: 184.82.120.108 ads.bluelithium.com

Hosts: 184.82.120.108 global.ard.yahoo.com

Hosts: 184.82.120.108 ads.yimg.com

Hosts: 184.82.120.108 adx.chip.de

Hosts: 184.82.120.108 pagead2.googlesyndication.com

Hosts: 184.82.120.108 pagead1.googlesyndication.com

Hosts: 184.82.120.108 pagead3.googlesyndication.com

Hosts: 184.82.120.108 pagead4.googlesyndication.com

Hosts: 184.82.120.108 pagead5.googlesyndication.com

Hosts: 184.82.120.108 ad.de.doubleclick.net

Hosts: 184.82.120.108 imagesrv.adition.com

Hosts: 184.82.120.108 ad3.adfarm1.adition.com

Hosts: 184.82.120.108 pay.2gvn.com

Hosts: 184.82.120.108 partner.googleadservices.com

Hosts: 184.82.120.108 pubads.g.doubleclick.net

Hosts: 184.82.120.108 aptech.ac.vn

Hosts: 184.82.120.108 admicro.vcmedia.vn

Hosts: 184.82.120.108 admicro1.vcmedia.vn

Hosts: 184.82.120.108 admicro2.vcmedia.vn

Hosts: 184.82.120.108 admicro3.vcmedia.vn

Hosts: 184.82.120.108 logging.admicro.vn

Hosts: 184.82.120.108 lauxanh.us

Hosts: 184.82.120.108 media.vatgia.vn

Hosts: 184.82.120.108 adserving.cpxinteractive.com

Hosts: 184.82.120.108 ads.v1vn.com

Hosts: 184.82.120.108 ads.easyvn.net

Hosts: 184.82.120.108 pagead2.googlesyndication.com

Hosts: 184.82.120.108 pubads.g.doubleclick.net

Hosts: 184.82.120.108 ads.tech24.vn

Hosts: 184.82.120.108 media.adnetwork.vn

Hosts: 184.82.120.108 delivery.adnetwork.vn

Hosts: 184.82.120.108 altfarm.mediaplex.com

Hosts: 184.82.120.108 adclick.g.doubleclick.net

Hosts: 184.82.120.108 img-cdn.mediaplex.com

Hosts: 184.82.120.108 www.googleadservices.com

Hosts: 184.82.120.108 media2.manga24h.com

Hosts: 184.82.120.108 ads.tik.vn

Hosts: 184.82.120.108 delivery.adnetwork.vn

Hosts: 184.82.120.108 ads.adnetwork.vn

Hosts: 184.82.120.108 img.ad.zing.vn

Hosts: 184.82.120.108 ad.zing.vn

Hosts: 184.82.120.108 www.lauxanh.us

Hosts: 184.82.120.108 ads2.xdeal.vn

Hosts: 184.82.120.108 img.tamtay.vn

Hosts: 184.82.120.108 w2.caovang.com

Hosts: 184.82.120.108 caovang.com

Hosts: 184.82.120.108 www.caovang.com

Hosts: 184.82.120.108 adsviet.info

Hosts: 184.82.120.108 logging.admicro.vn

.

==== Installed Programs ======================

.

µTorrent

32 Bit HP CIO Components Installer

Acrobat.com

Adobe After Effects CS4

Adobe After Effects CS4 Presets

Adobe After Effects CS4 Third Party Content

Adobe AIR

Adobe Anchor Service CS4

Adobe CMaps CS4

Adobe Color Video Profiles AE CS4

Adobe Default Language CS4

Adobe Device Central CS4

Adobe Dynamiclink Support

Adobe ExtendScript Toolkit CS4

Adobe Extension Manager CS4

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Fonts All

Adobe Media Encoder CS4

Adobe Media Encoder CS4 Additional Exporter

Adobe Media Player

Adobe MotionPicture Color Files CS4

Adobe Output Module

Adobe PDF Library Files CS4

Adobe Reader 9.1 MUI

Adobe Setup

Adobe Type Support CS4

Adobe Update Manager CS4

Adobe XMP Panels CS4

AIMP3

Anki

Apple Application Support

ASUSUpdate for Eee PC

Atheros Client Installation Program

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

AVEO USB2.0 PC Camera(U2HGCV3P31048)

BitTorrent

Broadcom 802.11n Network Adapter

Broadcom Wireless Network Adapter

BSPlayer Pro 2.58 version 1058

Camera Viewer Pro

Camtasia Studio 7

Camtasia Studio 8

CapsHook

CodeBlocks

CPUID CPU-Z 1.61.5

CSSExplorerSetup

CyberLink PowerRecover

DAEMON Tools Lite

Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition

E-Cam

Eee Docking 3.8.1

EeeSplendid

eReg

ESET Online Scanner v3

ETDWare PS/2-x86 7.0.5.11_WHQL

Everything 1.2.1.371

File Name Converter

FluffyApp

FontResizer

Foxit Reader 5.0

GIMP 2.8.2

Gimp Themes v1.0

Google Chrome

Google Chrome Canary

Google SketchUp 8

Google Update Helper

gpedt.msc 1.0

Hotkey Service

Indeo® Software

Intel® Graphics Media Accelerator Driver

Intel® Matrix Storage Manager

IObit Malware Fighter

Java 7 Update 9

Java Auto Updater

Java 6 Update 29

Junk Mail filter update

Just Learn Morse Code

LiveUpdate

Logitech SetPoint 6.32

Malwarebytes Anti-Malware version 1.65.1.1000

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Antimalware

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2010

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Business 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Search Enhancement Pack

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

MiniLyrics

Mozilla Firefox 16.0.2 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser (KB973685)

Notepad++

OOBERegBackup

Opera Next 12.01 internal build 1473

PDF Settings CS5

Personalization Panel

Personalization Panel DWM Controller

Photomizer

Photoshop Camera Raw

Picasa 3

Pidgin

Pixel Bender Toolkit

PPTLaunch

puush

QuickTime

RadioSure

Ralink RT2860 Wireless LAN Card

Realtek High Definition Audio Driver

RidNacs 2.0.3

RocketDock 1.3.5

Româna cu Alt dreapta (cu sedile) - diacritice.ro

RummyRoyal.com

Security Update for Microsoft Excel 2010 (KB2553070)

Security Update for Microsoft Office 2010 (KB2289078)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft PowerPoint 2010 (KB2519975)

Security Update for Microsoft Publisher 2010 (KB2409055)

Security Update for Microsoft Word 2010 (KB2345000)

Skype Click to Call

Skype™ 5.5

SmartFTP Client

Songr

Spybot - Search & Destroy

StarterBackgroundChanger

Steam

Suite Shared Configuration CS4

Super Hybrid Engine

SUPERAntiSpyware

syncables desktop DE

System Requirements Lab CYRI

System Requirements Lab for Intel

TabExplorer

TeamViewer 7

Torrent Episode Downloader

TuneUp Utilities 2011

TuneUp Utilities Language Pack (en-US)

Unified Remote

Unlocker 1.9.1

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft Office 2010 (KB2202188)

Update for Microsoft Office 2010 (KB2413186)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2523113)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

VLC media player 2.0.3

Vodafone Mobile Connect Lite

Winamp

Winamp Detector Plug-in

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Mail

Windows Live Photo Gallery

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

WinRAR archiver

WinSCP 4.3.5

Yahoo! Messenger

Your Uninstaller! 7

.

==== Event Viewer Messages From Past Week ========

.

11/9/2012 7:07:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/9/2012 7:07:47 PM, Error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.

11/9/2012 7:07:45 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/9/2012 7:06:18 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/9/2012 7:05:58 PM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.

11/9/2012 7:03:17 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/9/2012 3:35:40 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/9/2012 3:34:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/9/2012 3:23:44 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/9/2012 3:23:44 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/8/2012 8:53:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/8/2012 8:43:09 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/8/2012 4:56:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/8/2012 4:34:27 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/8/2012 3:00:43 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/8/2012 2:44:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/8/2012 2:44:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/8/2012 11:42:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/8/2012 11:32:16 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/8/2012 11:32:16 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/8/2012 10:44:31 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/8/2012 10:27:39 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/7/2012 4:08:57 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/7/2012 3:57:02 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/7/2012 3:57:02 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/7/2012 3:07:22 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/7/2012 2:57:04 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/7/2012 2:57:04 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/7/2012 10:18:04 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/7/2012 10:07:27 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/7/2012 10:07:27 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/6/2012 3:14:11 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/6/2012 3:03:44 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/6/2012 3:03:44 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/5/2012 8:17:06 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/5/2012 2:36:49 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1264.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/5/2012 2:26:30 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/5/2012 2:26:30 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/4/2012 10:39:12 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/4/2012 10:39:12 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/3/2012 7:25:59 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/3/2012 7:25:59 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/3/2012 12:08:07 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/3/2012 12:06:47 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.773.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/3/2012 11:56:20 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/3/2012 11:56:20 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/2/2012 8:00:23 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.773.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/2/2012 7:50:05 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/2/2012 7:50:05 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/2/2012 5:54:05 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.773.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/2/2012 5:43:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/2/2012 5:43:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11/2/2012 2:52:24 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.773.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070422 Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/2/2012 2:42:04 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

11/2/2012 2:42:04 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

.

==== End Of File ===========================

RogueKiller log

RogueKiller V8.2.3 [11/07/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website: http://tigzy.geekstogo.com/roguekiller.php

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 32 bits version

Started in : Normal mode

User : Tedy [Admin rights]

Mode : Scan -- Date : 11/09/2012 19:15:01

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 18 ¤¤¤

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND

[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND

[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND

[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost

184.82.120.108 googleads.g.doubleclick.net

184.82.120.108 secure.tune-up.com

127.0.0.1 secure.tune-up.com

184.82.120.108 hxxp://www.tune-up.com

184.82.120.108 www.tune-up.com

184.82.120.108 tune-up.com

184.82.120.108 ad.e-kolay.net

184.82.120.108 adonline.e-kolay.net

184.82.120.108 img.adnet.com.tr

184.82.120.108 www.adnet.com.tr

184.82.120.108 adnet.com.tr

184.82.120.108 ads1.msads.net

184.82.120.108 global.msads.net

184.82.120.108 reklam.mynet.com

184.82.120.108 reklam1.mynet.com

184.82.120.108 reklam2.mynet.com

184.82.120.108 reklam3.mynet.com

184.82.120.108 reklam4.mynet.com

184.82.120.108 reklam5.mynet.com

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9250315AS +++++

--- User ---

[MBR] 54454208b7efa8d1779b706d915d20e2

[bSP] 2871b0cb4a20f4adcbfd66f245d395bf : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo

1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 120694 Mo

3 - [XXXXXX] UNKNOWN (0xef) [VISIBLE] Offset (sectors): 488355840 | Size: 20 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_11092012_02d1915.txt >>

RKreport[1]_S_11092012_02d1915.txt

[Help ! PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad]

Hello! I ran malwarebytes and it came up with 3 infected things: PUM.hijack.startmenu, Trojan.Ransom, PUM.UserWLoad

Registry Values Detected: 2

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\PC11~1\LOCALS~1\Temp\msvriso.bat -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\PC11~1\LOCALS~1\Temp\msvriso.bat -> No action taken.

Registry Data Items Detected: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

What should i do ?

thanks.