liam5

March 6, 2013

Thanks for the tech forum links thou. I will use them.

March 6, 2013

My job is to help people to remove malware from their computers......this is my specialty.
Operating system problems I don't and can't get involved in, that's what tech forums are for.
Your system is clean, no malware on it.
There's plenty of info on that error mesage on the web:
http://lmgtfy.com/?q...n_nonpaged_area
There's also plenty of tech forums available to you, here's a couple:
http://forums.whatth...p?showforum=119
http://www.geekstogo...-and-windows-7/
http://www.bleepingc...nt200020032008/
http://www.techsuppo...rum.com/forums/
http://forums.techguy.org/
MrC

Well I only got that bsod, since you helped me remove the malware. So one of your tools must of caused it.. Sigh.. Okay well thanks for the "partial help", I definitely won't be donating or using this forum ever again.

March 6, 2013

I just got the bsod again.. Here is the minidump file. The error was page_fault_in_nonpaged_area.

Mini030613-01.zip

March 4, 2013

OK, you already deleted everything.
How is it???? MrC

It's okay, but. Do you know what caused the bsod's and is it solved? I remember when the blue screen came up, the error was "page_file_not_found".

March 3, 2013

# AdwCleaner v2.113 - Logfile created 03/03/2013 at 21:08:35

# Updated 23/02/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (64 bits)

# User : User - USER-PC

# Boot Mode : Normal

# Running from : C:\Users\User\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\AVG Secure Search

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search

Deleted on reboot : C:\Program Files\IB Updater

Deleted on reboot : C:\ProgramData\AVG Secure Search

Deleted on reboot : C:\Windows\SysWOW64\WNLT

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{069B290F-5398-4629-A009-85B4BCB4B1B9}

Key Deleted : HKLM\Software\PIP

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Google Chrome v25.0.1364.97

*************************

AdwCleaner[R1].txt - [1135 octets] - [03/03/2013 21:08:04]

AdwCleaner[s1].txt - [1097 octets] - [03/03/2013 21:08:35]

########## EOF - C:\AdwCleaner[s1].txt - [1157 octets] ##########

March 3, 2013

ComboFix 13-03-03.01 - User 03/03/2013 19:45:03.2.4 - x64

Running from: c:\users\User\Downloads\ComboFix.exe

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\User\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue

c:\windows\SysWow64\Packet.dll

c:\windows\SysWow64\pthreadVC.dll

c:\windows\SysWow64\wpcap.dll

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_NPF

.

((((((((((((((((((((((((( Files Created from 2013-02-03 to 2013-03-03 )))))))))))))))))))))))))))))))

.

2013-03-03 19:58 . 2013-03-03 19:58 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-03-03 17:58 . 2013-03-03 17:59 -------- d-----w- c:\program files\Adobe

2013-03-03 17:55 . 2013-03-03 17:55 -------- d-----w- C:\adobeTemp

2013-03-03 17:52 . 2013-03-03 18:00 -------- d-----w- c:\program files\Common Files\Adobe

2013-03-03 16:36 . 2013-03-03 17:31 -------- d-----w- C:\Adobe Photoshop CS6

2013-03-03 16:36 . 2013-03-03 16:36 -------- d-----w- c:\users\User\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2013-03-03 13:39 . 2007-01-19 18:24 25312 ----a-r- c:\windows\system32\drivers\SCMNdisP.sys

2013-03-03 13:38 . 2011-12-12 17:37 1229568 ----a-w- c:\windows\system32\drivers\bcmwlhigh664.sys

2013-03-03 13:02 . 2013-03-03 13:02 -------- d-----w- c:\users\User\AppData\Roaming\InstallShield

2013-03-01 15:46 . 2013-03-03 12:39 -------- d-----w- c:\users\User\Tracing

2013-03-01 15:39 . 2013-03-01 15:42 -------- d-----w- c:\program files (x86)\Windows Live

2013-03-01 15:38 . 2013-03-01 15:45 -------- d-----w- c:\users\User\AppData\Local\Windows Live

2013-02-28 15:12 . 2013-02-28 16:33 -------- d-----w- c:\users\User\AppData\Roaming\BitTorrent

2013-02-27 11:55 . 2013-02-27 11:55 -------- d-----w- C:\VTRoot

2013-02-27 11:54 . 2013-02-27 11:54 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2013-02-27 10:56 . 2013-02-27 10:56 -------- d-----w- C:\Sandbox

2013-02-27 10:56 . 2013-02-27 10:56 -------- d-----w- c:\program files\Sandboxie

2013-02-26 14:07 . 2013-02-26 14:07 -------- d-----w- c:\users\User\AppData\Roaming\PDAppFlex

2013-02-26 11:49 . 2013-02-26 11:49 -------- d-----w- c:\users\User\AppData\Local\Microsoft Help

2013-02-26 11:37 . 2013-02-19 03:57 9162192 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E47A6050-4D40-43E7-BF49-9CD6E87941FE}\mpengine.dll

2013-02-26 11:28 . 2013-02-26 11:28 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2013-02-26 11:08 . 2013-02-26 11:08 -------- d-----w- c:\program files\CCleaner

2013-02-26 11:05 . 2013-02-26 11:05 404920 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-02-26 11:02 . 2013-02-26 11:02 310688 ----a-w- c:\windows\system32\javaws.exe

2013-02-26 11:02 . 2013-02-26 11:02 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll

2013-02-26 11:02 . 2013-02-26 11:02 188832 ----a-w- c:\windows\system32\javaw.exe

2013-02-26 11:02 . 2013-02-26 11:02 188320 ----a-w- c:\windows\system32\java.exe

2013-02-26 10:59 . 2013-02-26 10:59 -------- d-----w- c:\users\User\AppData\Local\WindowsUpdate

2013-02-26 10:56 . 2013-02-26 10:56 -------- d-----w- c:\users\User\AppData\Local\Secunia PSI

2013-02-26 10:56 . 2013-02-26 10:56 -------- d-----w- c:\program files (x86)\Secunia

2013-02-26 10:42 . 2013-02-26 10:42 -------- d-----w- c:\users\User\AppData\Roaming\abelhadigital.com

2013-02-26 10:42 . 2013-02-26 10:42 -------- d-----w- c:\programdata\abelhadigital.com

2013-02-26 10:42 . 2013-02-26 10:42 -------- d-----w- c:\program files (x86)\HostsMan

2013-02-26 10:27 . 2013-02-26 10:27 -------- d-----w- c:\programdata\Panda Security

2013-02-26 10:27 . 2013-02-26 10:27 -------- d-----w- c:\program files (x86)\Panda USB Vaccine

2013-02-26 10:26 . 2013-02-26 10:26 -------- d-----w- c:\program files (x86)\Cookienator

2013-02-26 08:47 . 2013-02-26 08:47 -------- d-----w- c:\program files (x86)\Foxit Software

2013-02-25 16:58 . 2013-02-25 16:58 -------- d-----w- c:\windows\ERUNT

2013-02-25 16:58 . 2013-02-25 17:26 -------- d-----w- C:\JRT

2013-02-25 16:56 . 2013-02-25 16:56 -------- d-----w- c:\program files (x86)\Common Files\COMODO

2013-02-25 16:06 . 2013-03-03 20:04 -------- d-----w- c:\users\User\AppData\Local\temp

2013-02-25 13:59 . 2013-02-25 13:59 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-02-25 12:37 . 2013-03-03 18:00 -------- d-----w- c:\programdata\regid.1986-12.com.adobe

2013-02-25 12:10 . 2013-02-25 12:21 -------- d-----w- C:\Adobe Dreamweaver CS6

2013-02-25 12:08 . 2013-02-25 12:08 -------- d-----w- c:\program files (x86)\Adobe Download Assistant

2013-02-25 11:59 . 2013-02-25 11:59 -------- d-----w- c:\users\User\AppData\Roaming\KompoZer

2013-02-25 11:24 . 2013-02-25 11:24 -------- d-s---w- c:\programdata\Shared Space

2013-02-25 11:21 . 2013-03-03 17:47 56072 ----a-w- c:\windows\system32\certsentry.dll

2013-02-25 11:21 . 2013-03-03 17:47 47368 ----a-w- c:\windows\SysWow64\certsentry.dll

2013-02-25 11:20 . 2013-02-25 11:20 -------- d-----w- c:\programdata\Comodo Downloader

2013-02-25 10:40 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-02-25 10:40 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2013-02-25 10:40 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2013-02-25 10:40 . 2012-10-30 22:51 44272 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2013-02-25 10:40 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-02-25 10:40 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-02-25 10:40 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr

2013-02-25 10:40 . 2012-10-30 22:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe

2013-02-25 09:34 . 2013-03-03 13:47 -------- d-s---w- c:\users\User\Google Drive

2013-02-25 09:24 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe

2013-02-25 09:22 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll

2013-02-25 09:22 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\vgx\VGX.dll

2013-02-25 09:14 . 2013-02-25 09:14 -------- d-----w- c:\users\User\AppData\Roaming\Malwarebytes

2013-02-25 09:13 . 2013-02-25 09:13 -------- d-----w- c:\programdata\Malwarebytes

2013-02-25 09:13 . 2013-02-25 09:13 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-02-25 09:13 . 2012-12-14 16:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-02-25 09:10 . 2012-11-02 10:47 1869824 ----a-w- c:\windows\system32\msxml3.dll

2013-02-25 09:10 . 2012-11-02 10:47 1794560 ----a-w- c:\windows\system32\msxml6.dll

2013-02-25 09:10 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\SysWow64\msxml6.dll

2013-02-25 09:10 . 2012-11-02 10:19 1248768 ----a-w- c:\windows\SysWow64\msxml3.dll

2013-02-25 09:10 . 2013-01-05 05:37 4695400 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-02-25 09:09 . 2013-01-04 11:31 1423720 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-02-25 09:09 . 2013-01-04 01:59 2773504 ----a-w- c:\windows\system32\win32k.sys

2013-02-25 09:09 . 2012-11-22 04:22 456192 ----a-w- c:\windows\system32\shlwapi.dll

2013-02-25 09:09 . 2012-11-08 04:26 1570816 ----a-w- c:\windows\system32\quartz.dll

2013-02-25 09:09 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\SysWow64\quartz.dll

2013-02-25 09:09 . 2012-11-20 04:22 204288 ----a-w- c:\windows\SysWow64\ncrypt.dll

2013-02-25 09:09 . 2012-11-20 04:21 253952 ----a-w- c:\windows\system32\ncrypt.dll

2013-02-24 21:37 . 2013-02-27 11:56 -------- d-----w- c:\users\User\jagexcache

2013-02-24 21:36 . 2013-02-24 21:36 -------- d-----w- c:\program files (x86)\Skillbrains

2013-02-24 21:36 . 2013-02-24 21:36 -------- d-----w- c:\users\User\AppData\Local\Skillbrains

2013-02-24 21:26 . 2013-02-24 21:26 -------- d-----w- c:\program files (x86)\Common Files\Skype

2013-02-24 19:31 . 2012-12-16 13:31 48128 ----a-w- c:\windows\system32\atmlib.dll

2013-02-24 19:31 . 2012-12-16 13:12 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2013-02-24 19:31 . 2012-12-16 11:08 368128 ----a-w- c:\windows\system32\atmfd.dll

2013-02-24 19:31 . 2012-12-16 10:50 293376 ----a-w- c:\windows\SysWow64\atmfd.dll

2013-02-24 19:30 . 2011-03-30 21:54 95544 ----a-w- c:\windows\system32\bcmwlcoi.dll

2013-02-24 19:30 . 2011-03-30 21:51 3566592 ----a-w- c:\windows\system32\bcmihvui64.dll

2013-02-24 19:30 . 2011-03-30 21:51 3900928 ----a-w- c:\windows\system32\bcmihvsrv64.dll

2013-02-24 19:30 . 2010-02-03 11:20 47632 ----a-w- c:\windows\system32\drivers\npf.sys

2013-02-24 19:30 . 2006-11-02 08:04 1919968 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll

2013-02-24 19:30 . 2013-03-03 13:25 -------- d-----w- c:\program files (x86)\NETGEAR

2013-02-17 22:06 . 2013-02-18 08:26 -------- d-----w- C:\Firefox

2013-02-07 12:15 . 2013-02-07 12:15 18456 ----a-w- c:\windows\system32\drivers\psi_mf_amd64.sys

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-02-26 11:02 . 2012-12-06 15:39 963488 ----a-w- c:\windows\system32\deployJava1.dll

2013-02-26 11:02 . 2012-12-06 15:39 1085344 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-02-25 13:59 . 2012-12-06 15:23 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-02-25 13:59 . 2012-12-06 15:23 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-02-04 22:49 . 2006-11-02 12:35 70004024 ----a-w- c:\windows\system32\mrt.exe

2013-01-24 22:43 . 2013-01-24 22:43 43216 ----a-w- c:\windows\system32\cmdcsr.dll

2013-01-24 22:43 . 2013-01-24 22:43 461384 ----a-w- c:\windows\system32\guard64.dll

2013-01-24 22:43 . 2013-01-24 22:43 354752 ----a-w- c:\windows\SysWow64\guard32.dll

2013-01-24 22:42 . 2013-01-24 22:42 45776 ----a-w- c:\windows\system32\cmdkbd64.dll

2013-01-24 22:42 . 2013-01-24 22:42 326352 ----a-w- c:\windows\system32\cmdvrt64.dll

2013-01-24 22:42 . 2013-01-24 22:42 40656 ----a-w- c:\windows\SysWow64\cmdkbd32.dll

2013-01-24 22:42 . 2013-01-24 22:42 263888 ----a-w- c:\windows\SysWow64\cmdvrt32.dll

2013-01-17 01:28 . 2012-12-17 13:28 273840 ------w- c:\windows\system32\MpSigStub.exe

2013-01-16 19:51 . 2013-01-16 19:51 95752 ----a-w- c:\windows\system32\drivers\inspect.sys

2013-01-16 19:51 . 2013-01-16 19:51 700904 ----a-w- c:\windows\system32\drivers\cmdguard.sys

2013-01-16 19:51 . 2013-01-16 19:51 47336 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2013-01-16 19:51 . 2013-01-16 19:51 23688 ----a-w- c:\windows\system32\drivers\cmderd.sys

2012-12-12 11:02 . 2012-12-12 11:02 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2012-12-09 20:38 . 2012-12-09 20:38 161792 ----a-w- c:\windows\SysWow64\msls31.dll

2012-12-09 20:38 . 2012-12-09 20:38 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll

2012-12-09 20:38 . 2012-12-09 20:38 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2012-12-09 20:38 . 2012-12-09 20:38 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2012-12-09 20:38 . 2012-12-09 20:38 74752 ----a-w- c:\windows\SysWow64\iesetup.dll

2012-12-09 20:38 . 2012-12-09 20:38 63488 ----a-w- c:\windows\SysWow64\tdc.ocx

2012-12-09 20:38 . 2012-12-09 20:38 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2012-12-09 20:38 . 2012-12-09 20:38 367104 ----a-w- c:\windows\SysWow64\html.iec

2012-12-09 20:38 . 2012-12-09 20:38 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll

2012-12-09 20:38 . 2012-12-09 20:38 152064 ----a-w- c:\windows\SysWow64\wextract.exe

2012-12-09 20:38 . 2012-12-09 20:38 150528 ----a-w- c:\windows\SysWow64\iexpress.exe

2012-12-09 20:38 . 2012-12-09 20:38 11776 ----a-w- c:\windows\SysWow64\mshta.exe

2012-12-09 20:38 . 2012-12-09 20:38 35840 ----a-w- c:\windows\SysWow64\imgutil.dll

2012-12-09 20:38 . 2012-12-09 20:38 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2012-12-09 20:38 . 2012-12-09 20:38 101888 ----a-w- c:\windows\SysWow64\admparse.dll

2012-12-09 20:38 . 2012-12-09 20:38 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2012-12-09 20:38 . 2012-12-09 20:38 55296 ----a-w- c:\windows\system32\msfeedsbs.dll

2012-12-09 20:38 . 2012-12-09 20:38 49664 ----a-w- c:\windows\system32\imgutil.dll

2012-12-09 20:38 . 2012-12-09 20:38 267776 ----a-w- c:\windows\system32\ieaksie.dll

2012-12-09 20:38 . 2012-12-09 20:38 222208 ----a-w- c:\windows\system32\msls31.dll

2012-12-09 20:38 . 2012-12-09 20:38 197120 ----a-w- c:\windows\system32\msrating.dll

2012-12-09 20:38 . 2012-12-09 20:38 163840 ----a-w- c:\windows\system32\ieakui.dll

2012-12-09 20:38 . 2012-12-09 20:38 145920 ----a-w- c:\windows\system32\iepeers.dll

2012-12-09 20:38 . 2012-12-09 20:38 136192 ----a-w- c:\windows\system32\advpack.dll

2012-12-09 20:38 . 2012-12-09 20:38 12288 ----a-w- c:\windows\system32\mshta.exe

2012-12-09 20:38 . 2012-12-09 20:38 114176 ----a-w- c:\windows\system32\admparse.dll

2012-12-09 20:38 . 2012-12-09 20:38 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2012-12-09 20:38 . 2012-12-09 20:38 89088 ----a-w- c:\windows\system32\ie4uinit.exe

2012-12-09 20:38 . 2012-12-09 20:38 85504 ----a-w- c:\windows\system32\iesetup.dll

2012-12-09 20:38 . 2012-12-09 20:38 82432 ----a-w- c:\windows\system32\icardie.dll

2012-12-09 20:38 . 2012-12-09 20:38 76800 ----a-w- c:\windows\system32\tdc.ocx

2012-12-09 20:38 . 2012-12-09 20:38 534528 ----a-w- c:\windows\system32\ieapfltr.dll

2012-12-09 20:38 . 2012-12-09 20:38 48640 ----a-w- c:\windows\system32\mshtmler.dll

2012-12-09 20:38 . 2012-12-09 20:38 452608 ----a-w- c:\windows\system32\dxtmsft.dll

2012-12-09 20:38 . 2012-12-09 20:38 448512 ----a-w- c:\windows\system32\html.iec

2012-12-09 20:38 . 2012-12-09 20:38 403248 ----a-w- c:\windows\system32\iedkcs32.dll

2012-12-09 20:38 . 2012-12-09 20:38 39936 ----a-w- c:\windows\system32\iernonce.dll

2012-12-09 20:38 . 2012-12-09 20:38 3695416 ----a-w- c:\windows\system32\ieapfltr.dat

2012-12-09 20:38 . 2012-12-09 20:38 282112 ----a-w- c:\windows\system32\dxtrans.dll

2012-12-09 20:38 . 2012-12-09 20:38 160256 ----a-w- c:\windows\system32\ieakeng.dll

2012-12-09 20:38 . 2012-12-09 20:38 135168 ----a-w- c:\windows\system32\IEAdvpack.dll

2012-12-09 20:38 . 2012-12-09 20:38 111616 ----a-w- c:\windows\system32\iesysprep.dll

2012-12-09 20:38 . 2012-12-09 20:38 10752 ----a-w- c:\windows\system32\msfeedssync.exe

2012-12-09 20:38 . 2012-12-09 20:38 65024 ----a-w- c:\windows\system32\pngfilt.dll

2012-12-09 20:38 . 2012-12-09 20:38 30720 ----a-w- c:\windows\system32\licmgr10.dll

2012-12-09 20:38 . 2012-12-09 20:38 249344 ----a-w- c:\windows\system32\webcheck.dll

2012-12-09 20:38 . 2012-12-09 20:38 165888 ----a-w- c:\windows\system32\iexpress.exe

2012-12-09 20:38 . 2012-12-09 20:38 160256 ----a-w- c:\windows\system32\wextract.exe

2012-12-09 20:38 . 2012-12-09 20:38 149504 ----a-w- c:\windows\system32\occache.dll

2012-12-09 20:38 . 2012-12-09 20:38 103936 ----a-w- c:\windows\system32\inseng.dll

2012-12-09 20:37 . 2012-12-09 20:37 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll

2012-12-09 20:37 . 2012-12-09 20:37 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll

2012-12-09 20:37 . 2012-12-09 20:37 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll

2012-12-09 20:37 . 2012-12-09 20:37 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll

2012-12-09 20:37 . 2012-12-09 20:37 98816 ----a-w- c:\windows\SysWow64\mfps.dll

2012-12-09 20:37 . 2012-12-09 20:37 377344 ----a-w- c:\windows\system32\mfmp4src.dll

2012-12-09 20:37 . 2012-12-09 20:37 3548672 ----a-w- c:\windows\system32\mf.dll

2012-12-09 20:37 . 2012-12-09 20:37 345088 ----a-w- c:\windows\system32\mfreadwrite.dll

2012-12-09 20:37 . 2012-12-09 20:37 34304 ----a-w- c:\windows\system32\mfpmp.exe

2012-12-09 20:37 . 2012-12-09 20:37 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll

2012-12-09 20:37 . 2012-12-09 20:37 2873344 ----a-w- c:\windows\SysWow64\mf.dll

2012-12-09 20:37 . 2012-12-09 20:37 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll

2012-12-09 20:37 . 2012-12-09 20:37 195072 ----a-w- c:\windows\system32\mfps.dll

2012-12-09 20:37 . 2012-12-09 20:37 748544 ----a-w- c:\windows\system32\stobject.dll

2012-12-09 20:37 . 2012-12-09 20:37 586240 ----a-w- c:\windows\SysWow64\stobject.dll

2012-12-09 20:37 . 2012-12-09 20:37 278528 ----a-w- c:\windows\system32\mfplat.dll

2012-12-09 20:37 . 2012-12-09 20:37 209920 ----a-w- c:\windows\SysWow64\mfplat.dll

2012-12-09 20:37 . 2012-12-09 20:37 1204224 ----a-w- c:\windows\system32\shdocvw.dll

2012-12-09 20:37 . 2012-12-09 20:37 566272 ----a-w- c:\windows\system32\d3d10level9.dll

2012-12-09 20:37 . 2012-12-09 20:37 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll

2012-12-09 20:37 . 2012-12-09 20:37 231936 ----a-w- c:\windows\system32\XpsRasterService.dll

2012-12-09 20:37 . 2012-12-09 20:37 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2012-12-09 20:37 . 2012-12-09 20:37 625152 ----a-w- c:\windows\system32\dxgi.dll

2012-12-09 20:37 . 2012-12-09 20:37 478720 ----a-w- c:\windows\SysWow64\dxgi.dll

2012-12-09 20:37 . 2012-12-09 20:37 47104 ----a-w- c:\windows\system32\cdd.dll

2012-12-09 20:37 . 2012-12-09 20:37 366592 ----a-w- c:\windows\system32\winspool.drv

2012-12-09 20:37 . 2012-12-09 20:37 35840 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll

2012-12-09 20:37 . 2012-12-09 20:37 287232 ----a-w- c:\windows\system32\d3d10core.dll

2012-12-09 20:37 . 2012-12-09 20:37 258048 ----a-w- c:\windows\SysWow64\winspool.drv

2012-12-09 20:37 . 2012-12-09 20:37 189952 ----a-w- c:\windows\SysWow64\d3d10core.dll

2012-12-09 20:37 . 2012-12-09 20:37 1268224 ----a-w- c:\windows\system32\d3d10.dll

2012-12-09 20:37 . 2012-12-09 20:37 1032192 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightShot"="c:\users\User\AppData\Local\Skillbrains\lightshot\LightShot.exe" [2012-11-15 226152]

"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-12-17 16328976]

"Cookienator"="c:\program files (x86)\Cookienator\cookienator.exe" [2009-10-19 1333472]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Trigger New Acer AlaunchX"="c:\acer\Preload\Command\AlaunchX\AppInRun.exe" [2008-08-13 172032]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]

"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]

"gbrspcontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2013-01-15 1851088]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"New Acer AlaunchX"="c:\acer\Preload\Command\AlaunchX\LaunchAlaunchX.exe" [2008-07-17 200704]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-26 269448]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

Themes

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-02-24 19:42 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-06 14:31]

.

2013-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-06 14:31]

.

2013-03-03 c:\windows\Tasks\update-S-1-5-21-935262092-2157221715-4053049809-1000.job

- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2013-02-24 21:34]

.

2013-03-03 c:\windows\Tasks\update-sys.job

- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2013-02-24 21:34]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2012-12-17 19:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]

2012-12-17 19:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2012-12-17 19:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2012-12-17 19:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acer Empowering Technology Monitor"="c:\program files\Acer\Empowering Technology\SysMonitor.exe" [2008-04-25 319488]

"EmpoweringTechnology"="c:\program files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-04-25 319488]

"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-01-24 1451728]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp64&d=1212&m=aspire_x3200

mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp64&d=1212&m=aspire_x3200

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{275C39E0-15FB-4626-B38D-1F40FC7C7F39}: NameServer = 192.168.1.254

TCP: Interfaces\{58076081-F728-4D3D-A97B-8765461E6B5D}: NameServer = 192.168.1.254

TCP: Interfaces\{A5F9A929-8C54-4047-A14A-95F18EB46ECB}: NameServer = 8.26.56.26,156.154.70.22

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKCU-Run-AdobeBridge - (no file)

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10zj_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10zj_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zj.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zj.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zj.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zj.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]

@Denied: (A 2) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]

@="Shockwave Flash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]

@Denied: (A 2) (Everyone)

@=""

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]

@="FlashBroker"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]

"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\COMODO\launcher_service.exe

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

c:\program files (x86)\Comodo\Dragon\dragon_updater.exe

c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

c:\program files (x86)\Panda USB Vaccine\USBVaccine.exe

c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

c:\program files (x86)\Secunia\PSI\PSIA.exe

c:\program files (x86)\Secunia\PSI\sua.exe

c:\program files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe

c:\program files (x86)\Secunia\PSI\psi_tray.exe

c:\program files (x86)\Comodo\GeekBuddy\unit_manager.exe

c:\program files (x86)\Comodo\GeekBuddy\unit.exe

c:\users\User\AppData\Local\Skillbrains\lightshot\3.4.0.0\LightShot.exe

.

**************************************************************************

.

Completion time: 2013-03-03 20:12:40 - machine was rebooted

ComboFix-quarantined-files.txt 2013-03-03 20:12

.

Pre-Run: 142,571,380,736 bytes free

Post-Run: 143,130,775,552 bytes free

.

- - End Of File - - 76B35815E8B0CC19C47FFC940EC4B835

March 3, 2013

No viruses were found.

March 3, 2013

RogueKiller V8.5.2 _x64_ [Feb 23 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version

Started in : Normal mode

User : User [Admin rights]

Mode : Scan -- Date : 03/03/2013 13:54:40

| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤

[sUSP PATH] Lightshot.exe -- C:\Users\User\AppData\Local\Skillbrains\lightshot\3.4.0.0\LightShot.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 10 ¤¤¤

[RUN][sUSP PATH] HKCU\[...]\Run : LightShot (C:\Users\User\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue) [7] -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-935262092-2157221715-4053049809-1000[...]\Run : LightShot (C:\Users\User\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue) [7] -> FOUND

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{A5F9A929-8C54-4047-A14A-95F18EB46ECB} : NameServer (8.26.56.26,156.154.70.22) -> FOUND

[DNS] HKLM\[...]\ControlSet003\Services\Tcpip\Interfaces\{A5F9A929-8C54-4047-A14A-95F18EB46ECB} : NameServer (8.26.56.26,156.154.70.22) -> FOUND

[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[sCREENSV][sUSP PATH] HKCU\[...]\Desktop (C:\Windows\Acer(Wide).scr) [-] -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

::1 localhost #[iPv6]

127.0.0.1 fr.a2dfp.net

127.0.0.1 m.fr.a2dfp.net

127.0.0.1 ad.a8.net

127.0.0.1 asy.a8ww.net

127.0.0.1 abcstats.com

127.0.0.1 a.abv.bg

127.0.0.1 adserver.abv.bg

127.0.0.1 adv.abv.bg

127.0.0.1 bimg.abv.bg

127.0.0.1 ca.abv.bg

127.0.0.1 www2.a-counter.kiev.ua

127.0.0.1 track.acclaimnetwork.com

127.0.0.1 accuserveadsystem.com

127.0.0.1 www.accuserveadsystem.com

127.0.0.1 achmedia.com

127.0.0.1 aconti.net

127.0.0.1 secure.aconti.net

127.0.0.1 www.aconti.net #[Dialer.Aconti]

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD64 00AAKS-22A7B SCSI Disk Device +++++

--- User ---

[MBR] 6315d3b28ff1bc28fe367695fd4eebb4

[bSP] f2c4f199b44e0dd5c3912661e7704de9 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 20480 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 41945088 | Size: 293413 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 642854961 | Size: 296583 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[1]_S_03032013_02d1354.txt >>

RKreport[1]_S_03032013_02d1354.txt

March 2, 2013

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.15.2

Run by User at 22:12:33 on 2013-03-02

.

============== Running Processes ================

.

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp64&d=1212&m=aspire_x3200

mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp64&d=1212&m=aspire_x3200

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [Trigger New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\AppInRun.exe

mRunOnce: [New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\LaunchAlaunchX.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{275C39E0-15FB-4626-B38D-1F40FC7C7F39} : NameServer = 192.168.1.254

TCP: Interfaces\{58076081-F728-4D3D-A97B-8765461E6B5D} : NameServer = 192.168.1.254

TCP: Interfaces\{98D85A36-E35D-4D06-B3B7-612C3BBEFB5A} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{A5F9A929-8C54-4047-A14A-95F18EB46ECB} : NameServer = 8.26.56.26,156.154.70.22

TCP: Interfaces\{B502BE17-8E9D-4353-87AC-FD1D346219F0} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{DC6F562A-1627-4C22-87DE-90B53BF39822} : NameServer = 208.67.222.222,208.67.220.220

TCP: Interfaces\{DC6F562A-1627-4C22-87DE-90B53BF39822} : DHCPNameServer = 192.168.1.254

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll

Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp64&d=1212&m=aspire_x3200

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe

x64-Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot

x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

x64-mPolicies-Explorer: NoDrives = dword:0

x64-mPolicies-System: EnableUIADesktopToggle = dword:0

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll

x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll

x64-Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAd64.dll

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

Hosts: 127.0.0.1 ads.mcafee.com

Hosts: 127.0.0.1 analytics.microsoft.com

Hosts: 127.0.0.1 metrics.bitdefender.com

Hosts: 127.0.0.1 metrics.mcafee.com

Hosts: 127.0.0.1 om.symantec.com

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

============= SERVICES / DRIVERS ===============

.

R? athrusb;Belkin Wireless LAN USB device driver

R? BUNAgentSvc;NTI Backup Now 5 Agent Service

R? CFRMD;CFRMD

R? CLPSLauncher;COMODO LPS Launcher

R? clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64

R? cmdvirth;COMODO Virtual Service Manager

R? DragonUpdater;COMODO Dragon Update Service

R? GeekBuddyRSP;GeekBuddyRSP Service

R? McAfee SiteAdvisor Service;McAfee SiteAdvisor Service

R? NTIBackupSvc;NTI Backup Now 5 Backup Service

R? NTISchedulerSvc;NTI Backup Now 5 Scheduler Service

R? PerfHost;Performance Counter DLL Host

R? PSI;PSI

R? Secunia PSI Agent;Secunia PSI Agent

R? Secunia Update Agent;Secunia Update Agent

R? Skype C2C Service;Skype C2C Service

R? SkypeUpdate;Skype Updater

R? vToolbarUpdater13.2.0;vToolbarUpdater13.2.0

R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0

R? WSWNDA3100v2;WSWNDA3100v2

S? Acer HomeMedia Connect Service;Acer HomeMedia Connect Service

S? aswFsBlk;aswFsBlk

S? aswMonFlt;aswMonFlt

S? aswSnx;aswSnx

S? aswSP;aswSP

S? avast! Antivirus;avast! Antivirus

S? avgtp;avgtp

S? BCMH43XX;Broadcom 802.11 USB Network Adapter Driver

S? cmderd;COMODO Internet Security Eradication Driver

S? cmdGuard;COMODO Internet Security Sandbox Driver

S? cmdHlp;COMODO Internet Security Helper Driver

S? ETService;Empowering Technology Service

S? FontCache;Windows Font Cache Service

S? MBAMProtector;MBAMProtector

S? MBAMScheduler;MBAMScheduler

S? MBAMService;MBAMService

S? SbieDrv;SbieDrv

S? SCMNdisP;General NDIS Protocol Driver

.

=============== File Associations ===============

.

FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

==================== Find3M ====================

.

2013-02-26 11:05:39 404920 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-02-26 11:02:31 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

2013-02-26 11:02:29 310688 ----a-w- C:\Windows\System32\javaws.exe

2013-02-26 11:02:28 963488 ----a-w- C:\Windows\System32\deployJava1.dll

2013-02-26 11:02:28 188832 ----a-w- C:\Windows\System32\javaw.exe

2013-02-26 11:02:28 188320 ----a-w- C:\Windows\System32\java.exe

2013-02-26 11:02:28 1085344 ----a-w- C:\Windows\System32\npDeployJava1.dll

2013-02-25 13:59:37 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-02-25 13:59:35 262560 ----a-w- C:\Windows\SysWow64\javaws.exe

2013-02-25 13:59:35 174496 ----a-w- C:\Windows\SysWow64\javaw.exe

2013-02-25 13:59:34 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-02-25 13:59:34 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-02-25 13:59:34 174496 ----a-w- C:\Windows\SysWow64\java.exe

2013-02-25 11:21:09 50952 ----a-w- C:\Windows\System32\certsentry.dll

2013-02-25 11:21:09 42760 ----a-w- C:\Windows\SysWow64\certsentry.dll

2013-02-07 12:15:22 18456 ----a-w- C:\Windows\System32\drivers\psi_mf_amd64.sys

2013-02-04 22:49:34 70004024 ----a-w- C:\Windows\System32\mrt.exe

2013-01-24 22:43:04 43216 ----a-w- C:\Windows\System32\cmdcsr.dll

2013-01-24 22:43:02 461384 ----a-w- C:\Windows\System32\guard64.dll

2013-01-24 22:43:02 354752 ----a-w- C:\Windows\SysWow64\guard32.dll

2013-01-24 22:42:54 45776 ----a-w- C:\Windows\System32\cmdkbd64.dll

2013-01-24 22:42:54 326352 ----a-w- C:\Windows\System32\cmdvrt64.dll

2013-01-24 22:42:50 40656 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll

2013-01-24 22:42:50 263888 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll

2013-01-17 01:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe

2013-01-16 19:51:40 95752 ----a-w- C:\Windows\System32\drivers\inspect.sys

2013-01-16 19:51:40 700904 ----a-w- C:\Windows\System32\drivers\cmdguard.sys

2013-01-16 19:51:40 47336 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys

2013-01-16 19:51:38 23688 ----a-w- C:\Windows\System32\drivers\cmderd.sys

2013-01-09 01:48:55 17812992 ----a-w- C:\Windows\System32\mshtml.dll

2013-01-09 01:22:26 10925568 ----a-w- C:\Windows\System32\ieframe.dll

2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-01-09 01:12:29 1346048 ----a-w- C:\Windows\System32\urlmon.dll

2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-01-09 01:10:26 237056 ----a-w- C:\Windows\System32\url.dll

2013-01-09 01:09:10 85504 ----a-w- C:\Windows\System32\jsproxy.dll

2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-01-09 01:07:50 816640 ----a-w- C:\Windows\System32\jscript.dll

2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-01-09 01:06:39 729088 ----a-w- C:\Windows\System32\msfeeds.dll

2013-01-09 01:05:45 2147840 ----a-w- C:\Windows\System32\iertutil.dll

2013-01-09 01:04:58 96768 ----a-w- C:\Windows\System32\mshtmled.dll

2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-01-09 01:00:48 248320 ----a-w- C:\Windows\System32\ieui.dll

2013-01-08 22:23:25 12321280 ----a-w- C:\Windows\SysWow64\mshtml.dll

2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-01-08 22:09:18 9738240 ----a-w- C:\Windows\SysWow64\ieframe.dll

2013-01-08 22:03:57 1103872 ----a-w- C:\Windows\SysWow64\urlmon.dll

2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-01-08 22:01:48 231936 ----a-w- C:\Windows\SysWow64\url.dll

2013-01-08 22:00:14 65024 ----a-w- C:\Windows\SysWow64\jsproxy.dll

2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-01-08 21:58:43 717824 ----a-w- C:\Windows\SysWow64\jscript.dll

2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-01-08 21:57:49 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll

2013-01-08 21:56:51 1796096 ----a-w- C:\Windows\SysWow64\iertutil.dll

2013-01-08 21:56:37 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll

2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-01-08 21:53:13 176640 ----a-w- C:\Windows\SysWow64\ieui.dll

2013-01-05 05:37:50 4695400 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-01-04 11:31:10 1423720 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-01-04 01:59:24 2773504 ----a-w- C:\Windows\System32\win32k.sys

2012-12-16 13:31:20 48128 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-16 13:12:54 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-16 11:08:21 368128 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-16 10:50:29 293376 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-14 16:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-12-12 11:02:37 30568 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2012-12-09 20:37:08 979456 ----a-w- C:\Windows\SysWow64\MFH264Dec.dll

2012-12-09 20:35:30 449024 ----a-w- C:\Windows\System32\WMPhoto.dll

.

============= FINISH: 22:13:49.90 ===============

.

==== Hosts File Hijack ======================

.

Hosts: 127.0.0.1 ads.mcafee.com

Hosts: 127.0.0.1 analytics.microsoft.com

Hosts: 127.0.0.1 metrics.bitdefender.com

Hosts: 127.0.0.1 metrics.mcafee.com

Hosts: 127.0.0.1 om.symantec.com

Hosts: 127.0.0.1 ox-d.majorgeeks.com

Hosts: 127.0.0.1 ads.bleepingcomputer.com

Hosts: 127.0.0.1 wdcs.trendmicro.com

Hosts: 127.0.0.1 rad.microsoft.com

Hosts: 127.0.0.1 www.spywareinfo.com

Hosts: 127.0.0.1 smetrics.mcafee.com

.

==== Installed Programs ======================

.

Acer Arcade Live Main Page

Acer DV Magician

Acer DVDivine

Acer Empowering Technology

Acer GameZone Console DTV 2.0.1.1

Acer HomeMedia

Acer HomeMedia Connect

Acer HomeMedia Trial Creator

Acer ScreenSaver

Acer SlideShow DVD

Acer VideoMagician

Action Replay DSi Code Manager

Activation Assistant for the 2007 Microsoft Office suites

Adobe AIR

Adobe Download Assistant

Adobe Dreamweaver CS6

Adobe Flash Player 10 ActiveX

Adobe Help Manager

Adobe Widget Browser

Agatha Christie Death on the Nile

Alice Greenfingers

AV Input Selection

avast! Free Antivirus

Azada

Belkin Wireless USB Utility

Big Kahuna Reef

Bookworm Deluxe

Bricks of Egypt

Cake Mania

CCleaner

Chicken Invaders 3

Chuzzle

Comodo Dragon

COMODO Internet Security

Cookienator

D3DX10

Diner Dash Flo on the Go

eSobi v2

Flip Words 2

Foxit Reader

GameFly

GeekBuddy

Google Chrome

Google Drive

Google Toolbar for Internet Explorer

Google Update Helper

HostsMan 3.2.73

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

ImgBurn

ISO to USB

Java 7 Update 15

Java 7 Update 15 (64-bit)

Java Auto Updater

Java SE Development Kit 7 Update 15 (64-bit)

Java SE Development Kit 7 Update 9 (64-bit)

Jewel Quest Solitaire

Kick N Rush

LightScribe 1.4.142.1

lightshot-3.4.0.0

Mahjong Escape Ancient China

Mahjongg Artifacts

Malwarebytes Anti-Malware version 1.70.0.1100

McAfee SiteAdvisor

Messenger Companion

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

Mystery Case Files - Huntsville

Mystery Solitaire - Secret Island

NETGEAR WNDA3100v2 wireless USB 2.0 adapter

No-IP DUC

NTI Backup Now 5

NTI Backup Now Standard

NTI Media Maker 8

NVIDIA Drivers

NVIDIA ForceWare Network Access Manager

Panda USB Vaccine 1.0.1.4

PowerISO

proXPN 2.5.1

Realtek High Definition Audio Driver

Sandboxie 3.76 (64-bit)

Secunia PSI (3.0.0.6005)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Segoe UI

Simple Port Forwarding

Skype Click to Call

Skype™ 6.1

System Requirements Lab CYRI

Tixati

Turbo Pizza

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Windows Driver Package - Datel Design & Development (usbio) USBIOControlledDevices (04/21/2009 2.40.0.0)

Windows Driver Package - Datel Design & Development USBIOControlledDevices (04/21/2009 2.40.0.0)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

WinRAR 4.20 (64-bit)

Zuma Deluxe

.

==== End Of File ===========================

March 2, 2013

I'm not sure what that error means, did you make any changes to the computer?
MrC

nope to be honest I started getting it after I ran that junk remover program. can't remember name.

March 2, 2013

Still would like some help with this bsod.

March 1, 2013

What am I supposed to do with that file???
MrC

I thought the minidump file shows the blue screen logs. Okay tell me what you would like me to do.

March 1, 2013

Compressed the minidump file into a zip folder.

Mini030113-02.zip

March 1, 2013

Ran it again and just checked.

-All installed programs

-minidump files

MiniToolBox by Farbar Version:01-03-2013

Ran by User (administrator) on 01-03-2013 at 22:19:33

Running from "C:\Users\User\Desktop"

Windows Vista Home Premium Service Pack 2 (X64)

Boot Mode: Normal

***************************************************************************

=========================== Installed Programs ============================

23

Action Replay DSi Code Manager

CCleaner (Version: 3.28)

COMODO Internet Security (Version: 6.0.2566.2708)

Java 7 Update 15 (64-bit) (Version: 7.0.150)

Java SE Development Kit 7 Update 15 (64-bit) (Version: 1.7.0.150)

Java SE Development Kit 7 Update 9 (64-bit) (Version: 1.7.0.90)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

NVIDIA Drivers

NVIDIA ForceWare Network Access Manager (Version: 1.00.6776)

Sandboxie 3.76 (64-bit) (Version: 3.76)

Windows Driver Package - Datel Design & Development (usbio) USBIOControlledDevices (04/21/2009 2.40.0.0) (Version: 04/21/2009 2.40.0.0)

Windows Driver Package - Datel Design & Development USBIOControlledDevices (04/21/2009 2.40.0.0) (Version: 04/21/2009 2.40.0.0)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)

Windows Live Language Selector (Version: 15.4.3555.0308)

WinRAR 4.20 (64-bit) (Version: 4.20.0)

========================= Minidump Files ==================================

C:\Windows\Minidump\Mini030113-01.dmp

C:\Windows\Minidump\Mini030113-02.dmp

**** End of log ****

March 1, 2013

When I tried to run it, it posted a log and got this error.

MiniToolBox by Farbar Version:01-03-2013

Ran by User (administrator) on 01-03-2013 at 22:13:56

Running from "C:\Users\User\Desktop"

Windows Vista Home Premium Service Pack 2 (X64)

Boot Mode: Normal

***************************************************************************

========================= Event log errors: ===============================

Application errors:

==================

Error: (03/01/2013 09:41:00 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

March 1, 2013

Thanks .

http://www.mediafire.com/?1nco793udul97tn

March 1, 2013

OK, I messed up...Have you tried this:
Open the Start menu. Type "SystemPropertiesProtection.exe" in the "Start Search" field. Press "Enter."
Look under the "Available Disks" section. Uncheck the box of the duplicate C: drive.
Place a check by the C: drive with the Windows logo. Click "Apply" and click "OK."
MrC

There is only one c drive, btw I'm having trouble with my other computer now as well. I seem to be getting a bsod. A mod kindly reopened, the old thread.

http://forums.malwarebytes.org/index.php?showtopic=123112

March 1, 2013

Thanks for reoponeening this. Mr C, I've started to get a bsod recently and I was wondering if you could help. I can't upload the dmp file for some reason...Could I upload it to mediafire or something then link you?

March 1, 2013

Yes there is:
http://support.micro...windows_update/
MrC

Dude that's windows update xd.

March 1, 2013

Yes, my mistake > system restore. MrC

Nope nothing there. Guess I'm screwed lol.

March 1, 2013

Go to Microsoft Fixit:
http://support.microsoft.com/fixit/
Take a look around, there should be a Fixit for Windows Update under Windows.
I can't give you a specific link because it's operating system specific.
Let me know....MrC

Do you mean system restore? I'll take a look thanks .

February 28, 2013

Try these suggestions:
http://answers.micro...f1-8896acd54f05
Let me know.....MrC

Tried it but it didn't find anything wrong :/.(talking about method 2)

Already checked method 1.

February 28, 2013

No, that should have repaired system restore, please try it. MrC

Oh my mistake. Okay I tried it but I got this error "The restore point could not be created for the following reason:

The shadow copy provider had an unexpected error while trying to process the specified operation. (0x8004230F)

Please try again.

February 27, 2013

The program ran fine and did everything, I tried afterwards to edit the respiritory(whatever it's called) folder, but it still didn't work. ..

February 27, 2013

I'll get back to you asap.....MrC

No problem at all MrC.

I can see your busy with lots of other people as well, so it's not a problem at all .

Events

Profiles

Forums

Posts posted by liam5

Important Information