Jump to content

Sainsc21

Members
  • Posts

    16
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I have restarted numerous times, and tried updates, but my IE will not open or load any pages, chrome and mozilla open fine as to reply to this but IE will not work. Any way to trouble shoot it
  2. Combo Fix Log- ComboFix 13-07-15.01 - Sains 07/16/2013 13:58:39.4.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16361.13937 [GMT -5:00] Running from: c:\users\Sains\Desktop\mozilla downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2013-06-16 to 2013-07-16 ))))))))))))))))))))))))))))))) . . 2013-07-16 19:00 . 2013-07-16 19:00 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-07-16 19:00 . 2013-07-16 19:00 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-07-16 15:03 . 2013-07-16 18:39 -------- d-----w- c:\users\Sains\AppData\Roaming\vlc 2013-07-16 14:32 . 2013-07-16 14:32 -------- d-----w- c:\users\Sains\.MakeMKV 2013-07-16 14:32 . 2013-07-16 14:32 -------- d-----w- c:\program files (x86)\MakeMKV 2013-07-16 08:32 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{30902F92-72C4-44C1-9B30-10A39FA47036}\mpengine.dll 2013-07-15 08:32 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-07-15 08:01 . 2013-07-15 08:02 -------- d-----w- c:\windows\system32\MRT 2013-07-12 22:52 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll 2013-07-01 00:02 . 2013-07-01 00:07 -------- d-----w- c:\users\Sains\Doctor Web 2013-06-29 15:40 . 2013-06-29 15:49 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-06-29 14:38 . 2013-06-29 14:38 -------- d-----w- c:\users\Sains\AppData\Roaming\Oracle 2013-06-28 06:44 . 2013-06-28 06:44 -------- d-----w- c:\users\Sains\AppData\Local\ESET 2013-06-27 21:51 . 2013-06-27 21:51 -------- d-----w- c:\program files (x86)\ESET 2013-06-23 03:26 . 2013-06-23 03:26 -------- d-----w- c:\users\Sains\AppData\Roaming\Malwarebytes 2013-06-23 03:25 . 2013-06-23 03:25 -------- d-----w- c:\programdata\Malwarebytes 2013-06-23 03:25 . 2013-06-23 03:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-06-23 03:25 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-23 03:21 . 2013-06-23 03:21 -------- d-----w- c:\program files\CCleaner 2013-06-21 13:51 . 2013-06-21 13:51 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8C0E5C5E-F816-4193-942C-7C5BD9108090}\gapaengine.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-24 05:57 . 2012-01-20 05:16 78277128 ----a-w- c:\windows\system32\MRT.exe 2013-06-18 16:47 . 2012-02-29 03:15 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2013-06-18 16:47 . 2012-02-29 03:08 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-06-18 16:46 . 2012-02-29 03:08 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2013-06-13 02:48 . 2013-03-26 16:06 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-06-13 02:48 . 2012-01-18 05:18 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-05-28 01:01 . 2012-11-05 01:26 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-05-28 01:01 . 2012-01-18 05:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-21 14:39 . 2012-02-10 18:09 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-05-13 05:51 . 2013-06-12 01:16 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2013-05-13 05:51 . 2013-06-12 01:16 1464320 ----a-w- c:\windows\system32\crypt32.dll 2013-05-13 05:51 . 2013-06-12 01:16 139776 ----a-w- c:\windows\system32\cryptnet.dll 2013-05-13 05:50 . 2013-06-12 01:16 52224 ----a-w- c:\windows\system32\certenc.dll 2013-05-13 04:45 . 2013-06-12 01:16 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2013-05-13 04:45 . 2013-06-12 01:16 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll 2013-05-13 04:45 . 2013-06-12 01:16 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2013-05-13 03:43 . 2013-06-12 01:16 1192448 ----a-w- c:\windows\system32\certutil.exe 2013-05-13 03:08 . 2013-06-12 01:16 903168 ----a-w- c:\windows\SysWow64\certutil.exe 2013-05-13 03:08 . 2013-06-12 01:16 43008 ----a-w- c:\windows\SysWow64\certenc.dll 2013-05-10 05:49 . 2013-06-12 01:16 30720 ----a-w- c:\windows\system32\cryptdlg.dll 2013-05-10 03:20 . 2013-06-12 01:16 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll 2013-05-08 06:39 . 2013-06-12 01:16 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-05-02 15:29 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-04-30 22:40 . 2013-04-30 22:40 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-04-30 22:40 . 2013-04-30 22:40 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-04-30 22:40 . 2013-04-30 22:40 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-04-30 22:40 . 2013-04-30 22:40 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-04-30 22:40 . 2013-04-30 22:40 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-04-30 22:40 . 2013-04-30 22:40 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-04-30 22:40 . 2013-04-30 22:40 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-04-30 22:40 . 2013-04-30 22:40 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-04-30 22:40 . 2013-04-30 22:40 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-04-30 22:40 . 2013-04-30 22:40 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-04-30 22:40 . 2013-04-30 22:40 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-04-30 22:40 . 2013-04-30 22:40 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-04-30 22:40 . 2013-04-30 22:40 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-04-30 22:40 . 2013-04-30 22:40 81408 ----a-w- c:\windows\system32\icardie.dll 2013-04-30 22:40 . 2013-04-30 22:40 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-04-30 22:40 . 2013-04-30 22:40 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-04-30 22:40 . 2013-04-30 22:40 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-04-30 22:40 . 2013-04-30 22:40 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-04-30 22:40 . 2013-04-30 22:40 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-04-30 22:40 . 2013-04-30 22:40 441856 ----a-w- c:\windows\system32\html.iec 2013-04-30 22:40 . 2013-04-30 22:40 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-04-30 22:40 . 2013-04-30 22:40 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-04-30 22:40 . 2013-04-30 22:40 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-04-30 22:40 . 2013-04-30 22:40 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-04-30 22:40 . 2013-04-30 22:40 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-04-30 22:40 . 2013-04-30 22:40 235008 ----a-w- c:\windows\system32\url.dll 2013-04-30 22:40 . 2013-04-30 22:40 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-04-30 22:40 . 2013-04-30 22:40 216064 ----a-w- c:\windows\system32\msls31.dll 2013-04-30 22:40 . 2013-04-30 22:40 197120 ----a-w- c:\windows\system32\msrating.dll 2013-04-30 22:40 . 2013-04-30 22:40 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-04-30 22:40 . 2013-04-30 22:40 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-04-30 22:40 . 2013-04-30 22:40 144896 ----a-w- c:\windows\system32\wextract.exe 2013-04-30 22:40 . 2013-04-30 22:40 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-04-30 22:40 . 2013-04-30 22:40 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-04-30 22:40 . 2013-04-30 22:40 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-04-30 22:40 . 2013-04-30 22:40 102912 ----a-w- c:\windows\system32\inseng.dll 2013-04-30 22:40 . 2013-04-30 22:40 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-04-30 22:40 . 2013-04-30 22:40 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-04-30 22:40 . 2013-04-30 22:40 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-04-30 22:40 . 2013-04-30 22:40 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-04-30 22:40 . 2013-04-30 22:40 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-04-30 22:40 . 2013-04-30 22:40 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-04-30 22:40 . 2013-04-30 22:40 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-04-30 22:40 . 2013-04-30 22:40 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-04-30 22:40 . 2013-04-30 22:40 149504 ----a-w- c:\windows\system32\occache.dll 2013-04-30 22:40 . 2013-04-30 22:40 13824 ----a-w- c:\windows\system32\mshta.exe 2013-04-30 22:40 . 2013-04-30 22:40 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-04-30 22:40 . 2013-04-30 22:40 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-04-30 22:40 . 2013-04-30 22:40 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-04-26 05:51 . 2013-06-12 01:16 751104 ----a-w- c:\windows\system32\win32spl.dll 2013-04-26 04:55 . 2013-06-12 01:16 492544 ----a-w- c:\windows\SysWow64\win32spl.dll 2013-04-25 23:30 . 2013-06-12 01:16 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll 2009-05-15 02:02 . 2009-05-15 02:02 3392872 ----a-w- c:\program files (x86)\Common Files\adlmint_libFNP.dll 2009-05-15 02:02 . 2009-05-15 02:02 3298152 ----a-w- c:\program files (x86)\Common Files\adlmint.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3E7C8B5A-96AB-438F-BF9B-782400655440}] 2012-05-07 19:52 1960520 ----a-w- c:\users\Sains\AppData\Roaming\Qwiklinx\Qwiklinx.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] "Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2012-05-25 6595928] "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-11-13 3093624] "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2012-11-15 222496] "MusicManager"="c:\users\Sains\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2013-06-20 7345664] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SteelSeries World of Warcraft® MMO Gaming Mouse Legendary Edition"="c:\program files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe" [2011-10-04 1945600] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280] "Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-07-29 217256] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "VERIZONDM"="c:\program files (x86)\VERIZONDM\bin\sprtcmd.exe" [2012-09-06 206120] "VirtualCloneDrive"="h:\clone drive\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888] "DNS7reminder"="h:\dragons rawr\Ereg\Ereg.exe" [2007-04-16 259624] . c:\users\Sains\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ CurseClientStartup.ccip [2013-7-5 0] GameStop Now.lnk - h:\gamestop\GameStop App\Now\GameStopNow.exe [2013-1-18 1963872] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-6-4 1079584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer4"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x] R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x] R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Sains\Desktop\real temp\WinRing0x64.sys;c:\users\Sains\Desktop\real temp\WinRing0x64.sys [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [x] S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [x] S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x] S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x] S2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files (x86)\VERIZONDM\bin\sprtsvc.exe;c:\program files (x86)\VERIZONDM\bin\sprtsvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files (x86)\VERIZONDM\bin\tgsrvc.exe;c:\program files (x86)\VERIZONDM\bin\tgsrvc.exe [x] S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x] S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x] S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x] S3 SSMO4Filter;MMO-4 Mouse;c:\windows\system32\drivers\MO4Driver.sys;c:\windows\SYSNATIVE\drivers\MO4Driver.sys [x] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-01 18:10] . 2013-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-01 18:10] . 2013-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3125898561-2427038791-1072086541-1000Core.job - c:\users\Sains\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21 19:14] . 2013-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3125898561-2427038791-1072086541-1000UA.job - c:\users\Sains\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21 19:14] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2013-06-07 04:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-06-07 04:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-06-07 04:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2013-06-07 04:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2013-06-07 04:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2013-06-07 04:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: &Download All using 4shared Desktop - f:\random game stuff\4shared Desktop\Desktop.32/D_ALL_LINK IE: &Download using 4shared Desktop - f:\random game stuff\4shared Desktop\Desktop.32/D_ONE_LINK IE: E&xport to Microsoft Excel - f:\micros~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - f:\micros~1\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Sains\AppData\Roaming\Mozilla\Firefox\Profiles\9n9zi97t.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - ExtSQL: 2013-06-15 11:56; {79D6101A-ED22-BC03-A3FB-0EDAA033A329}; c:\users\Sains\AppData\Roaming\Mozilla\Firefox\Profiles\9n9zi97t.default\extensions\{79D6101A-ED22-BC03-A3FB-0EDAA033A329} FF - ExtSQL: 2013-06-23 12:52; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Sains\AppData\Roaming\Mozilla\Firefox\Profiles\9n9zi97t.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF - user.js: extensions.autoDisableScopes - 14 . - - - - ORPHANS REMOVED - - - - . Toolbar-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file) AddRemove-4shared Desktop - f:\random game stuff\4shared Desktop\uninstall.exe AddRemove-Age of Empires 2.0 - f:\all game files\Games\UNINSTAL.EXE AddRemove-Age of Empires II: The Conquerors Expansion 1.0 - f:\all game files\Games\UNINSTALX.EXE AddRemove-DAEMON Tools Pro - f:\d tools\DAEMON Tools Pro\uninst.exe AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe AddRemove-foobar2000 - f:\lame_foobar\foobar2000\uninstall.exe AddRemove-ManyCam - f:\manyvam\uninstall.exe AddRemove-RFOnline - f:\rfonline\uninst.exe AddRemove-The Amazing Spider-Man_is1 - h:\all games\ASM\The Amazing Spider-Man\unins000.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-07-16 14:01:14 ComboFix-quarantined-files.txt 2013-07-16 19:01 ComboFix2.txt 2013-07-16 18:50 ComboFix3.txt 2013-06-27 21:34 ComboFix4.txt 2013-06-27 08:53 . Pre-Run: 27,079,364,608 bytes free Post-Run: 27,004,055,552 bytes free . - - End Of File - - 8F8B5475E0D34A5BC1ECA542D1CB4BA2 A36C5E4F47E84449FF07ED3517B43A31
  3. Yes i am still here, sorry had an emergency come up, and i ran the program and couldnt find the log im running it again and will have log today. Apologize for the wait
  4. Sorry have been on a business trip until today, i am running the programs you listed above right now
  5. System seemed to be doing fine and then had a couple of more pop ups but my internet wasn't open nor was skype. Can other programs cause it to go off as well?
  6. The system seems to be running very well at the moment, i have only had a few pop ups blocking malware come up from MBAM and it seems to be working. But my computer is slower then usual so i do not know if this has anything to do with the previous malware issues.
  7. Any time i try to use the tool you have linked, ever since we first started this forum post it says error and cant be removed, and then i go to do it manually like the instructions you listed showed me to do, and it deletes it, but it then we run the scanners again and it shows its still there.
  8. And I have ran all the tools you have showed me for the Java fix and it shows that its gone, but then it comes back again. I do not know what is going wrong and also here is the fix for the cure it log. cureit.log
  9. Ok i guess I messed something up i thought i attached my log i guess i missunderstood what i was doing, The Cureit log isnt attached i can try and copy and paste the 1500 pages but it lags out and crashes my firefox everytime.
  10. First off I want to apologize for the reply taking as long as it did, had a busy weekend and was out of the house a lot. Ok I made sure all the items were done as you said to do them. Here is the log for the MBAM Scan ________ Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.06.30.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16618 Sains :: SAINS-PC [administrator] Protection: Enabled 6/30/2013 6:57:17 PM mbam-log-2013-06-30 (18-57-17).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: PUP | PUM | P2P Objects scanned: 248339 Time elapsed: 1 minute(s), 18 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) And as for the Dr. Cureit! It said 1000 pages on my note pad so I didn’t know how long you wanted me to exactly put on here? I had to do a /search for this one and search for cure it. ============================================================================= Dr.Web Scanner SE for Windows v8.2.0.05230 © Doctor Web, Ltd., 1992-2013 Scan session started 2013/06/30 19:02:57 Module location : C:\Users\Sains\AppData\Local\Temp\A0EFF863-1B98A55E-7FD39D1B-88E7C5C6\ ============================================================================= OPTION [Automatic Apply Actions] NO OPTION [Turn Off Computer After Scan] NO OPTION [use Sound Alerts] NO OPTION [block Network] NO OPTION [Protect Process] NO OPTION [Protect Raw Disk] NO Using language: "English" ============================================================================= Dr.Web Scanner SE for Windows v8.2.0.05230 © Doctor Web, Ltd., 1992-2013 Scan session started 2013/06/30 19:04:22 Module location : C:\Users\Sains\AppData\Local\Temp\B4CC8A00-8794C3EC-1F2BEF04-4BFE3D50\ ============================================================================= OPTION [Automatic Apply Actions] NO OPTION [Turn Off Computer After Scan] NO OPTION [use Sound Alerts] NO OPTION [block Network] NO OPTION [Protect Process] NO OPTION [Protect Raw Disk] NO Using language: "English" Available instances: 12 Instances used: 12 Platform: Windows 7 Professional x64/WOW (Build 7601), Service Pack 1 API Version: 2.2 Scanning Engine version: 8.1.0.6170 Virus Finding Engine version: 7.0.4.9250 Total 120 virus bases are loaded from (COULDN’T GET full 1000 pages on forum post so just posted these 2 things)(and full report is attached) Total 7623749486 bytes in 31418 files scanned (33034 objects) Total 31387 files (32994 objects) are clean Total 2 files are suspicious Total 34 files are raised error condition Scan time is 00:02:23.784 ----------------------------------------------------------------------------- Start curing ----------------------------------------------------------------------------- c:\program files (x86)\verizondm\bin\sprtsync.dll - deleted, reboot required c:\program files (x86)\verizondm\bin\sprtupdate.dll - deleted, reboot required Total 7623749486 bytes in 31418 files scanned (33034 objects) Total 31387 files (32994 objects) are clean Total 2 files are suspicious Total 2 files are neutralized Total 34 files are raised error condition Scan time is 00:02:23.784 Farbars SSU is right here Farbar Service Scanner Version: 27-06-2013 Ran by Sains (administrator) on 30-06-2013 at 19:20:25 Running from "C:\Users\Sains\Desktop\mozilla downloads" Microsoft Windows 7 Professional Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\ipnathlp.dll => MD5 is legit C:\Windows\System32\iphlpsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** Security Check is here Results of screen317's Security Check version 0.99.68 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 25 Adobe Flash Player 11.7.700.202 Adobe Reader 10.1.2 Adobe Reader out of Date! Mozilla Firefox (22.0) Google Chrome 27.0.1453.110 Google Chrome 27.0.1453.116 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 17% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
  11. Alright got all of the stuff you needed me to done and deleted, and now i am running the MBAR.exe and doing it like you said to. Is there anything i need to do after this as far as link something like i did before?
  12. That is the combo fix i ran a couple nights ago, i didnt see you telling me to run it again so i just put the only text i had on there, so if i need to change anything or run it again please let me know. I didnt know if i would need to redo it after i deleted utorrent and the eset
  13. 1. I deleted ESET because it was a trial verson 2. I kept Microsoft Security Essentials 3.I ran the zip file you gave me and it shut down my computer 4. I deleted all my utorrent items and the application, it was on my external hard drive so i did a search after the unistall for anything with utorrent in the name and im pretty sure i deleted all of it. 5. this is what i recieved from defogger defogger_disable by jpshortstuff (23.02.10.1) Log created at 09:48 on 29/06/2013 (Sains) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- 6. I tried to unistall java and it would not let me so i did it the manual way the site listed and it doesnt show 30 just 25, I wanted to ask you first what i should do. 7. This is the combo fix information ComboFix 13-06-27.01 - Sains 06/27/2013 16:31:35.2.8 - x64 NETWORK Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16361.15136 [GMT -5:00] Running from: c:\users\Sains\Desktop\mozilla downloads\ComboFix.exe AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2013-05-27 to 2013-06-27 ))))))))))))))))))))))))))))))) . . 2013-06-27 21:33 . 2013-06-27 21:33 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-06-27 21:33 . 2013-06-27 21:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-06-27 16:36 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5430027B-EF36-47B4-AB6A-2A13A7A9F727}\mpengine.dll 2013-06-26 04:10 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-06-23 03:26 . 2013-06-23 03:26 -------- d-----w- c:\users\Sains\AppData\Roaming\Malwarebytes 2013-06-23 03:25 . 2013-06-23 03:25 -------- d-----w- c:\programdata\Malwarebytes 2013-06-23 03:25 . 2013-06-23 03:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-06-23 03:25 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-23 03:21 . 2013-06-23 03:21 -------- d-----w- c:\program files\CCleaner 2013-06-21 13:51 . 2013-06-21 13:51 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8C0E5C5E-F816-4193-942C-7C5BD9108090}\gapaengine.dll 2013-06-15 17:13 . 2013-06-15 17:13 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-06-15 16:56 . 2013-06-23 03:59 -------- d-----w- c:\users\Sains\AppData\Roaming\wabEventSupport16 2013-06-14 16:55 . 2013-06-15 15:41 -------- d-----w- c:\users\Sains\AppData\Local\Trion 2013-06-14 01:52 . 2013-06-14 01:53 -------- d-----w- c:\users\Sains\AppData\Roaming\Curse Advertising 2013-06-14 01:51 . 2013-06-27 20:35 -------- d-----w- c:\users\Sains\AppData\Local\Deployment 2013-06-14 01:51 . 2013-06-14 01:51 -------- d-----w- c:\users\Sains\AppData\Local\Apps 2013-06-12 03:54 . 2013-05-17 00:59 2241024 ----a-w- c:\windows\system32\wininet.dll 2013-06-03 01:05 . 2013-06-03 01:06 -------- d-----w- c:\windows\AsDmiHtm 2013-06-03 01:05 . 2013-06-03 01:05 -------- d-----w- c:\program files (x86)\Marvell . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-18 16:47 . 2012-02-29 03:15 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2013-06-18 16:47 . 2012-02-29 03:08 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-06-18 16:46 . 2012-02-29 03:08 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2013-06-13 02:48 . 2013-03-26 16:06 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-06-13 02:48 . 2012-01-18 05:18 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-06-13 02:47 . 2013-03-26 16:06 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-06-12 03:55 . 2012-01-20 05:16 75825640 ----a-w- c:\windows\system32\MRT.exe 2013-05-28 01:01 . 2012-11-05 01:26 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-05-28 01:01 . 2012-01-18 05:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-21 14:39 . 2012-02-10 18:09 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-05-02 15:29 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-04-30 22:40 . 2013-04-30 22:40 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-04-30 22:40 . 2013-04-30 22:40 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-04-30 22:40 . 2013-04-30 22:40 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-04-30 22:40 . 2013-04-30 22:40 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-04-30 22:40 . 2013-04-30 22:40 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-04-30 22:40 . 2013-04-30 22:40 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-04-30 22:40 . 2013-04-30 22:40 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-04-30 22:40 . 2013-04-30 22:40 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-04-30 22:40 . 2013-04-30 22:40 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-04-30 22:40 . 2013-04-30 22:40 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-04-30 22:40 . 2013-04-30 22:40 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-04-30 22:40 . 2013-04-30 22:40 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-04-30 22:40 . 2013-04-30 22:40 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-04-30 22:40 . 2013-04-30 22:40 81408 ----a-w- c:\windows\system32\icardie.dll 2013-04-30 22:40 . 2013-04-30 22:40 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-04-30 22:40 . 2013-04-30 22:40 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-04-30 22:40 . 2013-04-30 22:40 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-04-30 22:40 . 2013-04-30 22:40 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-04-30 22:40 . 2013-04-30 22:40 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-04-30 22:40 . 2013-04-30 22:40 441856 ----a-w- c:\windows\system32\html.iec 2013-04-30 22:40 . 2013-04-30 22:40 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-04-30 22:40 . 2013-04-30 22:40 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-04-30 22:40 . 2013-04-30 22:40 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-04-30 22:40 . 2013-04-30 22:40 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-04-30 22:40 . 2013-04-30 22:40 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-04-30 22:40 . 2013-04-30 22:40 235008 ----a-w- c:\windows\system32\url.dll 2013-04-30 22:40 . 2013-04-30 22:40 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-04-30 22:40 . 2013-04-30 22:40 216064 ----a-w- c:\windows\system32\msls31.dll 2013-04-30 22:40 . 2013-04-30 22:40 197120 ----a-w- c:\windows\system32\msrating.dll 2013-04-30 22:40 . 2013-04-30 22:40 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-04-30 22:40 . 2013-04-30 22:40 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-04-30 22:40 . 2013-04-30 22:40 144896 ----a-w- c:\windows\system32\wextract.exe 2013-04-30 22:40 . 2013-04-30 22:40 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-04-30 22:40 . 2013-04-30 22:40 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-04-30 22:40 . 2013-04-30 22:40 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-04-30 22:40 . 2013-04-30 22:40 102912 ----a-w- c:\windows\system32\inseng.dll 2013-04-30 22:40 . 2013-04-30 22:40 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-04-30 22:40 . 2013-04-30 22:40 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-04-30 22:40 . 2013-04-30 22:40 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-04-30 22:40 . 2013-04-30 22:40 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-04-30 22:40 . 2013-04-30 22:40 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-04-30 22:40 . 2013-04-30 22:40 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-04-30 22:40 . 2013-04-30 22:40 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-04-30 22:40 . 2013-04-30 22:40 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-04-30 22:40 . 2013-04-30 22:40 149504 ----a-w- c:\windows\system32\occache.dll 2013-04-30 22:40 . 2013-04-30 22:40 13824 ----a-w- c:\windows\system32\mshta.exe 2013-04-30 22:40 . 2013-04-30 22:40 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-04-30 22:40 . 2013-04-30 22:40 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-04-30 22:40 . 2013-04-30 22:40 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-04-13 05:49 . 2013-05-16 13:39 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49 . 2013-05-16 13:39 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49 . 2013-05-16 13:39 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49 . 2013-05-16 13:39 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45 . 2013-05-16 13:39 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-04-13 04:45 . 2013-05-16 13:39 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-04-12 14:45 . 2013-04-23 19:28 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-10 06:01 . 2013-05-16 13:39 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2013-04-10 06:01 . 2013-05-16 13:39 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2013-04-10 03:30 . 2013-05-16 13:39 3153920 ----a-w- c:\windows\system32\win32k.sys 2009-05-15 02:02 . 2009-05-15 02:02 3392872 ----a-w- c:\program files (x86)\Common Files\adlmint_libFNP.dll 2009-05-15 02:02 . 2009-05-15 02:02 3298152 ----a-w- c:\program files (x86)\Common Files\adlmint.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3E7C8B5A-96AB-438F-BF9B-782400655440}] 2012-05-07 19:52 1960520 ----a-w- c:\users\Sains\AppData\Roaming\Qwiklinx\Qwiklinx.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] "Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2012-05-25 6595928] "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-11-13 3093624] "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2012-11-15 222496] "MusicManager"="c:\users\Sains\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2013-04-23 7331840] "Trion"="c:\users\Sains\AppData\Local\Trion\xloodjfg.dll" [2013-06-14 519680] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SteelSeries World of Warcraft® MMO Gaming Mouse Legendary Edition"="c:\program files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe" [2011-10-04 1945600] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280] "Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-07-29 217256] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "VERIZONDM"="c:\program files (x86)\VERIZONDM\bin\sprtcmd.exe" [2012-09-06 206120] "VirtualCloneDrive"="h:\clone drive\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888] "DNS7reminder"="h:\dragons rawr\Ereg\Ereg.exe" [2007-04-16 259624] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] . c:\users\Sains\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ GameStop Now.lnk - h:\gamestop\GameStop App\Now\GameStopNow.exe [2013-1-18 1963872] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-6-4 1079584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer4"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [x] R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [x] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x] R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] R2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x] R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files (x86)\VERIZONDM\bin\sprtsvc.exe;c:\program files (x86)\VERIZONDM\bin\sprtsvc.exe [x] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files (x86)\VERIZONDM\bin\tgsrvc.exe;c:\program files (x86)\VERIZONDM\bin\tgsrvc.exe [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x] R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x] R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x] R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Sains\Desktop\real temp\WinRing0x64.sys;c:\users\Sains\Desktop\real temp\WinRing0x64.sys [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x] S3 SSMO4Filter;MMO-4 Mouse;c:\windows\system32\drivers\MO4Driver.sys;c:\windows\SYSNATIVE\drivers\MO4Driver.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2013-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-01 18:10] . 2013-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-01 18:10] . 2013-06-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3125898561-2427038791-1072086541-1000Core.job - c:\users\Sains\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21 19:14] . 2013-06-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3125898561-2427038791-1072086541-1000UA.job - c:\users\Sains\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21 19:14] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2013-06-07 04:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-06-07 04:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-06-07 04:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2013-06-07 04:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2013-06-07 04:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2013-06-07 04:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: &Download All using 4shared Desktop - f:\random game stuff\4shared Desktop\Desktop.32/D_ALL_LINK IE: &Download using 4shared Desktop - f:\random game stuff\4shared Desktop\Desktop.32/D_ONE_LINK IE: E&xport to Microsoft Excel - f:\micros~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - f:\micros~1\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Sains\AppData\Roaming\Mozilla\Firefox\Profiles\9n9zi97t.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - ExtSQL: 2013-06-15 11:56; {79D6101A-ED22-BC03-A3FB-0EDAA033A329}; c:\users\Sains\AppData\Roaming\Mozilla\Firefox\Profiles\9n9zi97t.default\extensions\{79D6101A-ED22-BC03-A3FB-0EDAA033A329} FF - ExtSQL: 2013-06-23 12:52; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Sains\AppData\Roaming\Mozilla\Firefox\Profiles\9n9zi97t.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF - user.js: extensions.autoDisableScopes - 14 . - - - - ORPHANS REMOVED - - - - . Toolbar-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file) Wow6432Node-HKCU-Run-uTorrent - f:\winrar\uTorrent.exe Wow6432Node-HKLM-Run-BCSSync - f:\microsoft office\Office14\BCSSync.exe Wow6432Node-HKLM-Run-iTunesHelper - F:\iTunesHelper.exe c:\users\Sains\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk - f:\microsoft office\Office14\ONENOTEM.EXE /tsr AddRemove-4shared Desktop - f:\random game stuff\4shared Desktop\uninstall.exe AddRemove-Age of Empires 2.0 - f:\all game files\Games\UNINSTAL.EXE AddRemove-Age of Empires II: The Conquerors Expansion 1.0 - f:\all game files\Games\UNINSTALX.EXE AddRemove-DAEMON Tools Pro - f:\d tools\DAEMON Tools Pro\uninst.exe AddRemove-foobar2000 - f:\lame_foobar\foobar2000\uninstall.exe AddRemove-ManyCam - f:\manyvam\uninstall.exe AddRemove-RFOnline - f:\rfonline\uninst.exe AddRemove-uTorrent - f:\winrar\uTorrent.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-06-27 16:34:20 ComboFix-quarantined-files.txt 2013-06-27 21:34 ComboFix2.txt 2013-06-27 08:53 . Pre-Run: 29,079,744,512 bytes free Post-Run: 28,910,333,952 bytes free . - - End Of File - - 27739B6214007114BBFE7E16C934CA46 A36C5E4F47E84449FF07ED3517B43A31
  14. Ok thank you so much!!! here is the DDS and Attach as well as ck Scanner DDS -------- DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.25.2 Run by Sains at 17:48:37 on 2013-06-28 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16361.12343 [GMT -5:00] . AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Users\Sains\AppData\Local\Programs\Google\MusicManager\MusicManager.exe C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe H:\clone drive\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMTray4.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files\iPod\bin\iPodService.exe C:\ProgramData\FLEXnet\Connect\11\agent.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Qwiklinx: {3E7C8B5A-96AB-438F-BF9B-782400655440} - C:\Users\Sains\AppData\Roaming\Qwiklinx\Qwiklinx.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Microsoft office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\Microsoft office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler uRun: [MusicManager] "C:\Users\Sains\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_Plugin.exe -update plugin mRun: [steelSeries World of Warcraft® MMO Gaming Mouse Legendary Edition] "C:\Program Files (x86)\SteelSeries\World of Warcraft® MMO Gaming Mouse Legendary Edition\WoWMHID4.exe" mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [VERIZONDM] "C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM mRun: [VirtualCloneDrive] "H:\clone drive\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [DNS7reminder] "H:\dragons RAWR\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Sains\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMEST~1.LNK - H:\Gamestop\GameStop App\Now\GameStopNow.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: &Download All using 4shared Desktop - F:\random game stuff\4shared Desktop\Desktop.32/D_ALL_LINK IE: &Download using 4shared Desktop - F:\random game stuff\4shared Desktop\Desktop.32/D_ONE_LINK IE: E&xport to Microsoft Excel - F:\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - F:\MICROS~1\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - F:\Microsoft office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - F:\Microsoft office\Office14\ONBttnIELinkedNotes.dll IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: NameServer = 192.168.1.1 TCP: Interfaces\{6A3EC32A-5E76-4B89-92FA-95C2A58BF2E6} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{6A3EC32A-5E76-4B89-92FA-95C2A58BF2E6}\3616C696 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{D6C9D5BF-978C-483F-9BA7-7C1AFF30E50C} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\Microsoft office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Sains\AppData\Roaming\Mozilla\Firefox\Profiles\9n9zi97t.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Users\Sains\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Users\Sains\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Sains\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Users\Sains\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - plugin: F:\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: F:\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: F:\Mozilla Plugins\npitunes.dll FF - ExtSQL: 2013-06-15 11:56; {79D6101A-ED22-BC03-A3FB-0EDAA033A329}; C:\Users\Sains\AppData\Roaming\Mozilla\Firefox\Profiles\9n9zi97t.default\extensions\{79D6101A-ED22-BC03-A3FB-0EDAA033A329} FF - ExtSQL: 2013-06-23 12:52; {73a6fe31-595d-460b-a920-fcc0f8843232}; C:\Users\Sains\AppData\Roaming\Mozilla\Firefox\Profiles\9n9zi97t.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi . ---- FIREFOX POLICIES ---- FF - user.js: extensions.autoDisableScopes - 14 . ============= SERVICES / DRIVERS =============== . R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2013-2-20 58416] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-11-22 303408] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-3-27 283200] R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2013-2-20 213416] R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2013-1-10 59440] R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2010-7-23 296808] R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-3-21 1341664] R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-8-3 352248] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-2-28 133800] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-22 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-22 701512] R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-10-12 5739008] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008] R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [2012-9-6 206120] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264] R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [2012-9-6 185640] R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2012-7-26 66728] R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2011-12-20 34304] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-6-22 25928] R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-2-28 28160] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248] R3 SSMO4Filter;MMO-4 Mouse;C:\Windows\System32\drivers\MO4Driver.sys [2011-7-27 21504] R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-1-3 35104] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168] S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-19 1255736] S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users\Sains\Desktop\real temp\WinRing0x64.sys [2008-7-26 14544] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976] S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880] . =============== File Associations =============== . FileExt: .txt: Applications\WINWORD.EXE="F:\Microsoft office\Office14\WINWORD.EXE" /n "%1" [userChoice] [default=edit - 'Open' doesn't exist] . =============== Created Last 30 ================ . 2013-06-28 06:44:45 -------- d-----w- C:\Users\Sains\AppData\Roaming\ESET 2013-06-28 06:44:45 -------- d-----w- C:\Users\Sains\AppData\Local\ESET 2013-06-28 06:44:02 -------- d-----w- C:\Program Files\ESET 2013-06-27 21:51:20 -------- d-----w- C:\Program Files (x86)\ESET 2013-06-27 21:37:50 -------- d-sh--w- C:\$RECYCLE.BIN 2013-06-27 16:36:30 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5430027B-EF36-47B4-AB6A-2A13A7A9F727}\mpengine.dll 2013-06-27 08:50:21 98816 ----a-w- C:\Windows\sed.exe 2013-06-27 08:50:21 256000 ----a-w- C:\Windows\PEV.exe 2013-06-27 08:50:21 208896 ----a-w- C:\Windows\MBR.exe 2013-06-26 04:10:45 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-06-23 03:26:06 -------- d-----w- C:\Users\Sains\AppData\Roaming\Malwarebytes 2013-06-23 03:25:57 -------- d-----w- C:\ProgramData\Malwarebytes 2013-06-23 03:25:56 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-06-23 03:25:56 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-06-23 03:21:02 -------- d-----w- C:\Program Files\CCleaner 2013-06-21 13:51:15 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8C0E5C5E-F816-4193-942C-7C5BD9108090}\gapaengine.dll 2013-06-15 16:56:58 -------- d-----w- C:\Users\Sains\AppData\Roaming\wabEventSupport16 2013-06-14 16:55:58 -------- d-----w- C:\Users\Sains\AppData\Local\Trion 2013-06-14 01:52:04 -------- d-----w- C:\Users\Sains\AppData\Roaming\Curse Advertising 2013-06-14 01:51:36 -------- d-----w- C:\Users\Sains\AppData\Local\Deployment 2013-06-14 01:51:36 -------- d-----w- C:\Users\Sains\AppData\Local\Apps 2013-06-12 03:54:59 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-06-03 01:05:59 -------- d-----w- C:\Windows\AsDmiHtm 2013-06-03 01:05:45 -------- d-----w- C:\Program Files (x86)\Marvell . ==================== Find3M ==================== . 2013-06-18 16:47:12 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2013-06-18 16:47:12 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-06-18 16:46:48 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2013-06-13 02:48:23 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-06-13 02:48:17 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-06-13 02:47:57 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-28 01:01:06 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-28 01:01:06 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-03-31 22:52:16 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2009-05-15 02:02:10 3392872 ----a-w- C:\Program Files (x86)\Common Files\adlmint_libFNP.dll 2009-05-15 02:02:10 3298152 ----a-w- C:\Program Files (x86)\Common Files\adlmint.dll . ============= FINISH: 17:48:48.20 =============== Attach ___ . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume3 Install Date: 1/17/2012 10:23:18 PM System Uptime: 6/28/2013 11:17:47 AM (6 hours ago) . Motherboard: ASUSTeK Computer INC. | | SABERTOOTH P67 Processor: Intel® Core i7-2600K CPU @ 3.40GHz | LGA1155 | 3401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 112 GiB total, 26.244 GiB free. D: is CDROM () E: is CDROM (UDF) F: is FIXED (NTFS) - 465 GiB total, 38.099 GiB free. G: is CDROM () H: is FIXED (NTFS) - 932 GiB total, 499.473 GiB free. I: is CDROM () Z: is FIXED (NTFS) - 60 GiB total, 35.215 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: Description: SM Bus Controller Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_844D1043&REV_05\3&11583659&0&FB Manufacturer: Name: SM Bus Controller PNP Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_844D1043&REV_05\3&11583659&0&FB Service: . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: D-Link DWA-552 XtremeN Desktop Adapter Device ID: PCI\VEN_168C&DEV_0029&SUBSYS_3A7D1186&REV_01\5&D93DF5B&0&0000E6 Manufacturer: D-Link Corporation Name: D-Link DWA-552 XtremeN Desktop Adapter PNP Device ID: PCI\VEN_168C&DEV_0029&SUBSYS_3A7D1186&REV_01\5&D93DF5B&0&0000E6 Service: athr . ==== System Restore Points =================== . RP271: 6/24/2013 11:11:05 PM - Windows Update RP272: 6/27/2013 3:46:13 AM - Windows Modules Installer . ==== Installed Programs ====================== . µTorrent 4shared Desktop Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 ActiveX 64-bit Adobe Flash Player 11 Plugin Adobe Reader X (10.1.2) Age of Empires II: HD Edition America's Army 3 Anti-phishing Domain Advisor APB Reloaded Apple Application Support Apple Mobile Device Support Apple Software Update Audacity 2.0.2 Battlefield 3™ Blacklight: Retribution Bonjour CCleaner Cheat Engine 6.2 Company of Heroes Curse Client DAEMON Tools Pro DC Universe Online DC Universe Online Live DEFIANCE DefianceRuntimes Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Diablo III Dragon NaturallySpeaking 11 ESET Online Scanner v3 ESET Smart Security ESN Sonar EVGA Precision 2.0.4 EVGA Precision X 3.0.2 Fable III Far Cry 3 foobar2000 v1.1.12a Fraps (remove only) GameStop App Google Chrome Google Drive Google Talk Plugin Google Update Helper Gotham City Impostors: Free To Play GTA San Andreas iCloud IHA_MessageCenter Intel® Network Connections 15.6.25.0 iTunes Java 7 Update 25 Java Auto Updater Java 6 Update 30 Just Cause 2 Malwarebytes Anti-Malware version 1.75.0.1300 ManyCam 3.0.53 (remove only) marvell 91xx driver Mass Effect™ 3 Maya 2010 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Age of Empires II Microsoft Age of Empires II: The Conquerors Expansion Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Games for Windows - LIVE Microsoft Help Viewer 1.0 Microsoft IntelliPoint 8.2 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime v1.0 SP1 (x64) Microsoft Sync Framework SDK v1.0 SP1 Microsoft Sync Framework Services v1.0 SP1 (x64) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 Microsoft Visual F# 2.0 Runtime Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio Macro Tools Mozilla Firefox 22.0 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) Music Manager Native Instruments Controller Editor Native Instruments Service Center Native Instruments Traktor 2 Need for Speed™ Most Wanted NVIDIA 3D Vision Controller Driver 301.42 NVIDIA 3D Vision Driver 311.06 NVIDIA Control Panel 311.06 NVIDIA Graphics Driver 311.06 NVIDIA HD Audio Driver 1.3.16.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.0213 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components Origin Pando Media Booster Psi Ops PunkBuster Services QuickTime Qwiklinx RaiderZ Redist Renesas Electronics USB 3.0 Host Controller Driver Respondus LockDown Browser RF Uninstall Secure Download Manager Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Visual Studio Macro Tools (KB2669970) Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) Skype™ 6.1 Sniper Elite V2 Demo Sql Server Customer Experience Improvement Program Steam Stronghold Kingdoms Team Fortress 2 TeamSpeak 3 Client TERA The Amazing Spider-Man The Elder Scrolls V: Skyrim The Elder Scrolls V: Skyrim Dawnguard™ Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Ventrilo Client for Windows x64 Verizon Download Manager Verizon Media Manager Virtual Audio Cable 4.10 VirtualCloneDrive Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) Visual Studio 2010 Prerequisites - English Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU Vz In Home Agent Web Deployment Tool WIDCOMM Bluetooth Software Winamp Winamp Detector Plug-in WinRAR 4.11 (64-bit) World of Warcraft World of Warcraft® MMO Gaming Mouse: Legendary Edition Yahoo! Messenger . ==== Event Viewer Messages From Past Week ======== . 6/28/2013 11:20:12 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 6/28/2013 11:20:12 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. 6/28/2013 1:44:05 AM, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 6/27/2013 4:33:21 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 6/27/2013 4:31:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} 6/27/2013 4:30:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 6/27/2013 4:30:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 6/27/2013 4:30:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 6/27/2013 4:30:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 6/27/2013 4:30:15 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache ElbyCDIO MpFilter spldr Wanarpv6 6/27/2013 3:52:36 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. . ==== End Of File =========================== Ck Scanner ----- CKScanner 2.3 - Additional Security Risks - These are not necessarily bad scanner sequence 3.RP.11.HWNAWP ----- EOF -----
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.