Jump to content

Rokowski

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thank you! Can you please close this thread now? Rok
  2. T-2 is my ISP , if that may be usefull information. Rok
  3. Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 10.6.2015Scan Time: 19:39:51Logfile: Administrator: Yes Version: 2.01.6.1022Malware Database: v2015.06.10.04Rootkit Database: v2015.06.02.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 8.1CPU: x86File System: NTFSUser: Rok Scan Type: Threat ScanResult: CompletedObjects Scanned: 376061Time Elapsed: 31 min, 11 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 2Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, 84.255.209.79 84.255.210.79, Good: (), Bad: (84.255.209.79),,[b9534f6aa8e213237d1d4ff08c7a07f9]Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{3E81DDBA-D96E-4341-8C52-4B0DB92007D4}|DhcpNameServer, 84.255.209.79 84.255.210.79, Good: (), Bad: (84.255.209.79),,[b25af0c918723ef83d5de85747bf1be5] Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end)
  4. Hello! So today i ran malwarebytes for a full system scan and after half an hour when it finished it told me that it found 2 malicous registry keys; one of them was HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer and HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{3E81DDBA-D96E-4341-8C52-4B0DB92007D4}|DhcpNameServer so when it finished i removed both and mbam asked me to restart pc, and so I did. After it booted up i opened chrome and some websites, and i noticed that it won't load, ran ipconfig /flushdns , ipconfig /renew and got my network connection back. Ran malwarebytes full system scan again and after a whole scan i got report that it found same addreses.. I hope that someone can help me how to solve this problem. Thank you in advance, Rok!
  5. Ok, thanks for all your free time and helping me. you can close theard now, Rok
  6. I did everything as you instruced me and it found 4 threats, but none of them are kind you said wich to delete. So here's log* TDSSKiller.2.9.2.0_20.08.2013_10.33.29_log.txt
  7. Looks like it didnt find anything. Thanks for your help. mbar-log-2013-08-19 (17-30-07).txt system-log.txt
  8. Hello! Thank you for your fast reply. I am aware of the piracy warning and i uninstalled uTorrent. I carefully read your instructions and i have all 3 logs now. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2Run by Nina-NB at 16:11:21 on 2013-08-19Microsoft Windows 7 Professional 6.1.7601.1.1250.386.1033.18.8173.5790 [GMT 2:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\system32\WLANExt.exeC:\Windows\System32\GFNEXSrv.exeC:\Windows\system32\taskhost.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Hotspot Shield\bin\hsswd.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exec:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\SysWOW64\PnkBstrA.exec:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\TODDSrv.exeC:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\SearchIndexer.exeC:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Windows\system32\vssvc.exeC:\Windows\System32\svchost.exe -k swprvC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllmRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguimRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDriveTypeAutoRun = dword:255mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 192.168.43.1TCP: Interfaces\{2121B3CE-5D15-4A00-8A7F-52ADC9C5FD2E} : DHCPNameServer = 192.168.43.1TCP: Interfaces\{2121B3CE-5D15-4A00-8A7F-52ADC9C5FD2E}\14E64627F6964684F6473707F64793230303 : DHCPNameServer = 192.168.43.1TCP: Interfaces\{2121B3CE-5D15-4A00-8A7F-52ADC9C5FD2E}\24F6C6964556B457271636 : DHCPNameServer = 192.168.43.1TCP: Interfaces\{2121B3CE-5D15-4A00-8A7F-52ADC9C5FD2E}\94C65616E616 : DHCPNameServer = 192.168.0.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllAppInit_DLLs= C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXEx64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exex64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exex64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exex64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exex64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exex64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exex64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exex64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /rx64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exex64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Nina-NB\AppData\Roaming\Mozilla\Firefox\Profiles\wdffs210.default\FF - prefs.js: browser.startup.homepage - www.google.comFF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dllFF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Nina-NB\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dllFF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dllFF - plugin: C:\Windows\SysWOW64\npDeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: 2013-08-01 00:11; ascsurfingprotection@iobit.com; C:\Users\Nina-NB\AppData\Roaming\Mozilla\Firefox\Profiles\wdffs210.default\extensions\ascsurfingprotection@iobit.comFF - ExtSQL: 2013-08-03 16:56; afurladvisor@anchorfree.com; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afurladvisor@anchorfree.com.---- FIREFOX POLICIES ----FF - user.js: network.http.pipelining.maxrequests - 8FF - user.js: network.http.request.max-start-delay - 0FF - user.js: network.http.max-connections - 48FF - user.js: network.http.max-connections-per-server - 16FF - user.js: network.http.max-persistent-connections-per-proxy - 16FF - user.js: network.http.max-persistent-connections-per-server - 8FF - user.js: browser.turbo.enabled - trueFF - user.js: browser.display.show_image_placeholders - trueFF - user.js: browser.chrome.favicons - falseFF - user.js: browser.urlbar.autocomplete.enabled - trueFF - user.js: browser.cache.memory.capacity - 65536FF - user.js: content.notify.ontimer - trueFF - user.js: content.interrupt.parsing - trueFF - user.js: content.max.tokenizing.time - 2250000FF - user.js: content.switch.threshold - 750000FF - user.js: plugin.expose_full_path - trueFF - user.js: ui.submenuDelay - 0.============= SERVICES / DRIVERS ===============.R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-5-12 65336]R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-5-12 189936]R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-5-12 1030952]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-5-12 378944]R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-12-31 30568]R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2013-6-21 46792]R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-7-31 574272]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-5-12 33400]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-5-12 80816]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-12 46808]R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]R2 GFNEXSrv;GFNEX Service;C:\Windows\System32\GFNEXSrv.exe [2011-12-28 162824]R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2013-6-21 831272]R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-6-21 548136]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-17 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-17 701512]R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-18 14984480]R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-28 2656280]R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\Windows\System32\drivers\btfilter.sys [2010-10-18 42096]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-17 25928]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-8-18 39712]R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2011-12-28 38096]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-15 539240]R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-6-21 42184]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;C:\Windows\System32\drivers\InputFilter_FlexDef2b.sys [2010-6-19 17920]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-16 19456]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-12-28 250984]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-12-20 822704]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-16 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-5-16 30208]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-16 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S4 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-4-12 3560288]S4 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-12-28 54136]S4 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-12-8 267192]S4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-8 137632]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2013-08-18 18:08:08 -------- d-----w- C:\NvidiaLogging2013-08-18 18:06:49 39712 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys2013-08-18 18:06:49 28448 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll2013-08-17 18:44:16 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DFD9E9B8-C416-425F-992C-182334DA200E}\offreg.dll2013-08-16 13:51:20 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DFD9E9B8-C416-425F-992C-182334DA200E}\mpengine.dll2013-08-14 15:28:53 1472512 ----a-w- C:\Windows\System32\crypt32.dll2013-08-14 15:28:52 224256 ----a-w- C:\Windows\System32\wintrust.dll2013-08-14 15:28:52 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-08-14 15:28:52 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-08-14 15:28:52 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-08-14 15:28:52 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-08-14 15:28:52 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-08-14 15:28:52 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-08-14 15:23:43 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-08-14 15:23:43 2048 ----a-w- C:\Windows\System32\tzres.dll2013-08-14 15:19:14 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-08-14 15:19:13 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-08-14 15:19:04 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll2013-08-14 15:19:03 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-08-14 15:16:50 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-14 15:16:48 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-14 15:16:47 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-14 15:16:47 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-14 15:16:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-14 15:16:46 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-14 15:16:46 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-14 15:16:45 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-14 15:16:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-14 15:16:44 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-14 15:16:44 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-14 15:15:26 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys2013-08-14 15:15:25 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-08-14 14:41:58 -------- d-----w- C:\Users\Nina-NB\AppData\Local\{86CC6A87-2C8C-4B5A-B54B-0CEFBA283075}2013-08-14 14:41:58 -------- d-----w- C:\Users\Nina-NB\AppData\Local\{7D4FD96E-9C41-468B-A5D3-22FCD925FA53}2013-08-14 14:41:44 -------- d-----w- C:\Users\Nina-NB\Tracing2013-08-13 15:57:33 -------- d-----w- C:\$RECYCLE.BIN2013-08-13 08:03:32 -------- d-----w- C:\Program Files (x86)\Enigma Software Group2013-08-13 08:02:40 -------- d-----w- C:\Windows\4941BFEB62C047A2801E998FC469CC2C.TMP2013-08-13 07:44:44 -------- d-----w- C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP2013-08-11 13:14:31 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-08-06 14:46:54 -------- d-----w- C:\.jagex_cache_322013-08-04 22:28:46 -------- d-----w- C:\Users\Nina-NB\AppData\Local\NVIDIA2013-08-04 22:22:54 31520 ----a-w- C:\Windows\System32\nvhdap64.dll2013-08-04 22:22:54 194848 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys2013-08-03 06:06:45 -------- d-----w- C:\Users\Nina-NB\AppData\Local\Chromium2013-08-03 06:06:35 -------- d-----w- C:\ProgramData\Rockstar Games2013-08-03 06:06:23 -------- d-----w- C:\Program Files (x86)\Rockstar Games2013-08-01 17:49:37 -------- d-----w- C:\Windows\System32\MRT2013-08-01 10:45:39 15584 ----a-w- C:\Users\Nina-NB\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll2013-08-01 10:44:11 -------- d-sh--w- C:\ProgramData\SecuROM2013-08-01 10:43:28 -------- d-----w- C:\Users\Nina-NB\AppData\Local\Rockstar Games2013-08-01 10:43:15 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll2013-08-01 10:42:40 -------- d-----w- C:\Windows\SysWow64\xlive2013-08-01 10:42:39 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE2013-08-01 09:00:53 -------- d-----w- C:\Users\Nina-NB\AppData\Roaming\LolClient2013-08-01 07:46:13 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin2013-08-01 07:46:12 -------- d-----w- C:\Riot Games2013-08-01 07:44:59 -------- d-----w- C:\Users\Nina-NB\AppData\Roaming\Riot Games2013-07-31 17:56:25 -------- d-----w- C:\Program Files (x86)\Steam2013-07-29 15:15:59 -------- d-----w- C:\Users\Nina-NB\AppData\Roaming\EndNote2013-07-29 15:15:59 -------- d-----w- C:\Program Files (x86)\Common Files\Risxtd2013-07-29 15:15:54 -------- d-----w- C:\Program Files (x86)\Common Files\ResearchSoft2013-07-29 15:15:02 -------- d-----w- C:\Program Files (x86)\EndNote X62013-07-29 15:14:27 -------- d-----w- C:\ProgramData\Thomson.ResearchSoft.Installers.==================== Find3M ====================.2013-08-11 13:14:24 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-08-11 13:14:24 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-06-30 15:12:55 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2013-06-30 15:12:55 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2013-06-21 10:23:16 6496544 ----a-w- C:\Windows\System32\nvcpl.dll2013-06-21 10:23:16 3514656 ----a-w- C:\Windows\System32\nvsvc64.dll2013-06-21 10:23:11 884512 ----a-w- C:\Windows\System32\nvvsvc.exe2013-06-21 10:23:10 63776 ----a-w- C:\Windows\System32\nvshext.dll2013-06-21 10:23:10 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll2013-06-21 10:23:10 237856 ----a-w- C:\Windows\System32\nvmctray.dll2013-06-21 01:09:46 42184 ----a-w- C:\Windows\System32\drivers\taphss6.sys2013-06-21 01:07:16 46792 ----a-w- C:\Windows\System32\drivers\hssdrv6.sys2013-06-11 19:33:37 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-06-11 19:33:37 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll2013-05-30 22:50:51 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2011-11-03 19:31:32 88832144 ----a-w- C:\Program Files\savw_97_sa_sfx.exe.============= FINISH: 16:11:38,79 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1Install Date: 15.3.2012 9:38:59System Uptime: 19.8.2013 15:59:12 (1 hours ago).Motherboard: Intel Corporation | | Oneonta FallsProcessor: Intel® Core i5-2430M CPU @ 2.40GHz | CPU 1 | 2401/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 349 GiB total, 216,154 GiB free.D: is FIXED (NTFS) - 349 GiB total, 68,491 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Microsoft Teredo Tunneling AdapterDevice ID: ROOT\*TEREDO\0000Manufacturer: MicrosoftName: Teredo Tunneling Pseudo-InterfacePNP Device ID: ROOT\*TEREDO\0000Service: tunnel.==== System Restore Points ===================.RP283: 9.8.2013 9:56:37 - Windows UpdateRP284: 11.8.2013 15:13:39 - Installed Java 7 Update 25RP285: 11.8.2013 17:07:41 - Installed DirectXRP286: 13.8.2013 9:35:54 - Windows UpdateRP287: 13.8.2013 9:39:10 - Windows BackupRP288: 13.8.2013 9:44:49 - Installed SpyHunterRP289: 13.8.2013 10:02:44 - Installed SpyHunterRP290: 13.8.2013 11:13:42 - Removed SpyHunterRP291: 14.8.2013 22:42:40 - Windows UpdateRP292: 18.8.2013 19:00:19 - Windows Backup.==== Installed Programs ======================.64 Bit HP CIO Components Installer7-Zip 9.20 (x64 edition)ACDSee Pro 3ACDSee RAW Image Decoder Plug-In Update 4.1Adobe Acrobat 9 Pro - English, Français, DeutschAdobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.0) MUIAdobe Shockwave Player 12.0Advanced SystemCare 6Alan WakeApple Application SupportApple Mobile Device SupportApple Software UpdateAtheros Bluetooth Filter Driver PackageAtheros Driver Installation ProgramAurora 15.0a2 (x86 sl)avast! Free AntivirusBejeweled 2 DeluxeBejeweled 3Bluetooth Stack for Windows by ToshibaBonjourCCleanerChicken Invaders 3 - Revenge of the YolkChuzzle DeluxeContrôle ActiveX Windows Live Mesh pour connexions a distanceCrystal Reports for Visual StudioD3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDiner Dash 2 Restaurant RescueDotfuscator Software Services - Community EditionDVD Flick 1.3.0.7EndNote X6FATEFinal Drive: NitroGalerie de photos Windows LiveGoodSyncGoogle ChromeGoogle Update HelperGoogle ZemljaGrand Theft Auto IVHalf-Life 2HiJackThisHotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)Hotspot Shield 3.09IL Shared LibrariesImgBurnInsaniquarium DeluxeIntel® Management Engine ComponentsIntel® Rapid Storage TechnologyiTunesJava 7 Update 17 (64-bit)Java 7 Update 25Java Auto UpdaterJava SE Development Kit 7 Update 17 (64-bit)Java 6 Update 45Junk Mail filter updateLeague of LegendsMalwarebytes Anti-Malware version 1.75.0.1300Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft .NET Framework 4 Multi-Targeting PackMicrosoft Application Error ReportingMicrosoft ASP.NET MVC 2Microsoft ASP.NET MVC 2 - Visual Studio 2010 ToolsMicrosoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)Microsoft Games for Windows - LIVEMicrosoft Games for Windows - LIVE RedistributableMicrosoft Help Viewer 1.0Microsoft Office 2010Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (Slovenian) 2010Microsoft Office Excel MUI (Slovenian) 2010Microsoft Office Groove MUI (Slovenian) 2010Microsoft Office InfoPath MUI (Slovenian) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (Slovenian) 2010Microsoft Office Outlook MUI (Slovenian) 2010Microsoft Office PowerPoint MUI (Slovenian) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (Croatian) 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (German) 2010Microsoft Office Proof (Italian) 2010Microsoft Office Proof (Slovenian) 2010Microsoft Office Proofing (Slovenian) 2010Microsoft Office Publisher MUI (Slovenian) 2010Microsoft Office Shared 64-bit MUI (Slovenian) 2010Microsoft Office Shared MUI (Slovenian) 2010Microsoft Office Word MUI (Slovenian) 2010Microsoft Primary Interoperability Assemblies 2005Microsoft SilverlightMicrosoft Silverlight 3 SDKMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server 2008 (64-bit)Microsoft SQL Server 2008 BrowserMicrosoft SQL Server 2008 Common FilesMicrosoft SQL Server 2008 Database Engine ServicesMicrosoft SQL Server 2008 Database Engine SharedMicrosoft SQL Server 2008 Native ClientMicrosoft SQL Server 2008 R2 Data-Tier Application FrameworkMicrosoft SQL Server 2008 R2 Data-Tier Application ProjectMicrosoft SQL Server 2008 R2 Management ObjectsMicrosoft SQL Server 2008 R2 Management Objects (x64)Microsoft SQL Server 2008 R2 Transact-SQL Language ServiceMicrosoft SQL Server 2008 RsFx DriverMicrosoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENUMicrosoft SQL Server Compact 3.5 SP2 x64 ENUMicrosoft SQL Server Database Publishing Wizard 1.4Microsoft SQL Server System CLR TypesMicrosoft SQL Server System CLR Types (x64)Microsoft SQL Server VSS WriterMicrosoft Sync Framework Runtime v1.0 SP1 (x64)Microsoft Sync Framework SDK v1.0 SP1Microsoft Sync Framework Services v1.0 SP1 (x64)Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)Microsoft Team Foundation Server 2010 Object Model - ENUMicrosoft Visual Basic 2010 Express - ENUMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319Microsoft Visual F# 2.0 RuntimeMicrosoft Visual Studio 2010 ADO.NET Entity Framework ToolsMicrosoft Visual Studio 2010 Express Prerequisites x64 - ENUMicrosoft Visual Studio 2010 Office Developer Tools (x64)Microsoft Visual Studio 2010 Professional - ENUMicrosoft Visual Studio 2010 SharePoint Developer ToolsMicrosoft Visual Studio 2010 Tools for Office Runtime (x64)Microsoft Visual Studio Macro ToolsMicrosoft XNA Framework Redistributable 3.1Microsoft_VC80_CRT_x86Microsoft_VC90_CRT_x86Mozilla Firefox 22.0 (x86 sl)Mozilla Maintenance ServiceMSVCRTMSVCRT RedistsMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Nero Audio Pack 1Nero BackItUpNero BackItUp Help (CHM)Nero Blu-ray PlayerNero Blu-ray Player Help (CHM)Nero Burning ROMNero Burning ROM Help (CHM)Nero ControlCenterNero ControlCenter Help (CHM)Nero Core ComponentsNero Disc Menus BasicNero Effects BasicNero ExpressNero Express Help (CHM)Nero Kwik MediaNero Kwik Media Help (CHM)Nero Kwik Themes BasicNero PiP Effects BasicNero RecodeNero Recode Help (CHM)Nero RescueAgentNero RescueAgent Help (CHM)Nero SharedVideoCodecsNero UpdateNero VideoNero Video Help (CHM)NVIDIA Control Panel 320.49NVIDIA GeForce Experience 1.6NVIDIA Graphics Driver 320.49NVIDIA HD Audio Driver 1.3.24.2NVIDIA Install ApplicationNVIDIA PhysXNVIDIA PhysX System Software 9.13.0604NVIDIA Update 7.2.17NVIDIA Update ComponentsNVIDIA Virtual Audio 1.2.1osu!Pando Media BoosterPenguins!Plants vs. Zombies - Game of the YearPlayReady PC Runtime amd64Polar BowlerPrerequisite installerRaccolta foto di Windows LiveRealtek Ethernet Controller DriverRealtek High Definition Audio DriverRealtek USB 2.0 Card ReaderRenesas Electronics USB 3.0 Host Controller DriverResearchSoft Direct Export HelperRockstar Games Social ClubRuneScape Launcher 1.2.3SecureW2 EAP Suite 1.1.4 for WindowsSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit EditionSecurity Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687276) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687501) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687510) 32-Bit EditionSecurity Update for Microsoft OneNote 2010 (KB2760600) 32-Bit EditionSecurity Update for Microsoft Publisher 2010 (KB2553147) 32-Bit EditionSecurity Update for Microsoft Visio 2010 (KB2810068) 32-Bit EditionSecurity Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit EditionSecurity Update for Microsoft Visual Basic 2010 Express - ENU (KB2251489)Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2251489)Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980)Security Update for Microsoft Visual Studio Macro Tools (KB2669970)Security Update for Microsoft Word 2010 (KB2760410) 32-Bit EditionService Pack 1 for SQL Server 2008 (KB968369) (64-bit)SHIELD StreamingSkype™ 6.6Slingo DeluxeSql Server Customer Experience Improvement ProgramSTATGRAPHICS Centurion XV.IISteamSumatraPDFswMSMSynaptics Pointing Device DriverTeamViewer 8TOSHIBA AssistTOSHIBA Bulletin BoardTOSHIBA ConfigFreeTOSHIBA Disc CreatorTOSHIBA eco UtilityTOSHIBA Face RecognitionTOSHIBA Hardware SetupTOSHIBA HDD/SSD AlertToshiba ManualsTOSHIBA Media ControllerTOSHIBA Media Controller Plug-inTOSHIBA Online Product InformationTOSHIBA PC Health MonitorTOSHIBA Places Icon UtilityTOSHIBA Recovery Media CreatorTOSHIBA Recovery Media Creator ReminderTOSHIBA ReelTimeTOSHIBA Resolution+ Plug-in for Windows Media PlayerTOSHIBA Service StationTOSHIBA Sleep UtilityTOSHIBA Supervisor PasswordTOSHIBA TEMPROTOSHIBA Value Added PackageTOSHIBA Web Camera ApplicationTOSHIBA Wireless LAN IndicatorTRORMCLauncherUniblue PowerSuiteUniblue RegistryBoosterUnity Web PlayerUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939)Update for Microsoft Office 2010 (KB2494150)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553092)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553270) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553378) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598242) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687503) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687509) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2767886) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2597090) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2598240) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit EditionVisual Studio 2010 Prerequisites - EnglishVisual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENUVisual Studio 2012 Update 1 (KB2707250)VLC media player 2.0.6Web Deployment ToolWelcome App (Start-up experience)WildTangent GamesWildTangent Games App (Toshiba Games)Windows LiveWindows Live Communications PlatformWindows Live EssentialsWindows Live FotogalerieWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh - ActiveX-besturingselement voor externe verbindingenWindows Live Mesh ActiveX control for remote connectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWinRAR 5.00 beta 7 (64-bit)WinRAR archiverZuma Deluxe.==== Event Viewer Messages From Past Week ========.19.8.2013 9:42:08, Error: ACPI [10] - ACPI: ACPI BIOS is attempting to write to an illegal PCI Operation Region (0x4), Please contact your system vendor for technical assistance.13.8.2013 17:55:44, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.13.8.2013 17:55:13, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.13.8.2013 12:11:41, Error: Service Control Manager [7022] - The Windows Update service hung on starting.13.8.2013 12:05:26, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.13.8.2013 12:05:26, Error: Service Control Manager [7000] - The SQL Server (SQLEXPRESS) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion..==== End Of File =========================== RogueKiller V8.6.6 _x64_ [Aug 19 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Nina-NB [Admin rights]Mode : Scan -- Date : 08/19/2013 16:19:05| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++--- User ---[MBR] 8af29adc5e7eb5a6138b124dc607dde5[bSP] 6432989a7200822f7229f5f7c55a550b : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 400 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 821248 | Size: 357392 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 732760064 | Size: 357611 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_08192013_161905.txt>> With all appriciation, Rok.
  9. Hello! My name is Rok and i would need your help. So i use Malwarebytes Pro and Avast! for antivirus. Yestrday i ran full systemscan on avast and it found some rootkit under c:\windows\system32\nvaudcap64v.dll. avast asked me to preform full systemscan before win starts up so i did that but it didnt found anything usefull. I scanned whole pc with MBAM earlier but didnt found anything usefull either. Picture is in attachment. Hope you can help me. Thanks in advance, Rok
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.