Jump to content

koalaboy14

Members
 View Profile  See their activity

  • Posts

    8

  • Joined

  • Last visited

Reputation

0 Neutral
  1. koalaboy14
    anf the malware bytes log Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.09.02.03 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16660 DSE :: DSE-PC [administrator] Protection: Enabled 2/09/2013 10:50:42 PM mbam-log-2013-09-02 (22-50-42).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 250049 Time elapsed: 7 minute(s), 27 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\DSE\Downloads\DAEMONToolsPro500316-0317.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully. (end)
  2. koalaboy14
    and log after cleaning #AdwCleaner v3.002 - Report created 02/09/2013 at 22:23:35 # Updated 01/09/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (32 bits) # Username : DSE - DSE-PC # Running from : C:\Users\DSE\Downloads\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Ask File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Deleted : HKCU\Software\1ClickDownload Key Deleted : HKLM\Software\Iminent Product Deleted : Google Update Helper ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Google Chrome v29.0.1547.62 [ File : C:\Users\DSE\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2831 octets] - [02/09/2013 22:20:10] AdwCleaner[s0].txt - [2732 octets] - [02/09/2013 22:23:35] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2792 octets] ##########
  3. koalaboy14
    okiedokey. ran adw and heres the log before cleaning # AdwCleaner v3.002 - Report created 02/09/2013 at 22:20:10# Updated 01/09/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)# Username : DSE - DSE-PC# Running from : C:\Users\DSE\Downloads\AdwCleaner.exe# Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnkFile Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnkFolder Found C:\ProgramData\Ask ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\1ClickDownloadKey Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLLKey Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}Key Found : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}Key Found : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}Key Found : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}Key Found : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}Key Found : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}Key Found : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}Key Found : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendjKey Found : HKLM\Software\IminentKey Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCSProduct Found : Google Update Helper ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Google Chrome v29.0.1547.62 [ File : C:\Users\DSE\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2691 octets] - [02/09/2013 22:20:10] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2751 octets] ##########
  4. koalaboy14
    alrighty. sorry for the delay. ive been working/had other commitments. i have run combofix and the log is as follows ComboFix 13-08-31.01 - DSE 01/09/2013 12:52:33.1.4 - x86Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3063.1314 [GMT 10:00]Running from: c:\users\DSE\Downloads\ComboFix.exeAV: Trend Micro Titanium Maximum Security *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}SP: Trend Micro Titanium Maximum Security *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((( Files Created from 2013-08-01 to 2013-09-01 )))))))))))))))))))))))))))))))..2013-09-01 02:41 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{03F46B29-359A-49DD-AB1E-11D519F33F0E}\mpengine.dll2013-08-30 06:29 . 2013-08-30 06:29 -------- d-----w- c:\programdata\Recovery2013-08-30 02:53 . 2013-08-30 02:53 -------- d-----w- C:\FRST2013-08-29 12:57 . 2013-08-29 12:57 -------- d-----w- c:\programdata\Malwarebytes2013-08-29 12:57 . 2013-08-30 22:53 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-08-14 15:27 . 2013-08-14 15:30 -------- d-----w- c:\windows\system32\MRT2013-08-14 10:18 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll2013-08-14 10:18 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll2013-08-14 10:18 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll2013-08-14 10:18 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll2013-08-14 10:18 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll2013-08-14 10:18 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe2013-08-14 10:18 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe2013-08-14 10:18 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll2013-08-14 10:18 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys2013-08-14 10:18 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL2013-08-14 10:18 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll2013-08-14 10:17 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys2013-08-02 13:02 . 2013-08-24 11:30 -------- d-----w- c:\users\DSE\AppData\Roaming\vlc2013-08-02 13:01 . 2013-08-02 13:01 -------- d-----w- c:\program files\VideoLAN...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-09-01 02:45 . 2013-01-06 13:15 181808 ----a-w- c:\windows\RegBootClean.exe2013-08-02 05:25 . 2012-08-07 07:17 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-08-02 05:25 . 2011-12-13 22:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-07-22 13:27 . 2013-07-22 13:27 22064 ----a-w- c:\windows\DCEBoot.exe2013-06-22 09:53 . 2013-06-22 09:53 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe2013-06-22 09:53 . 2013-06-22 09:53 185344 ----a-w- c:\windows\system32\elshyph.dll2013-06-22 09:53 . 2013-06-22 09:53 158720 ----a-w- c:\windows\system32\msls31.dll2013-06-22 09:53 . 2013-06-22 09:53 523264 ----a-w- c:\windows\system32\vbscript.dll2013-06-22 09:53 . 2013-06-22 09:53 150528 ----a-w- c:\windows\system32\iexpress.exe2013-06-22 09:53 . 2013-06-22 09:53 138752 ----a-w- c:\windows\system32\wextract.exe2013-06-22 09:53 . 2013-06-22 09:53 137216 ----a-w- c:\windows\system32\ieUnatt.exe2013-06-22 09:53 . 2013-06-22 09:53 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe2013-06-22 09:53 . 2013-06-22 09:53 48640 ----a-w- c:\windows\system32\mshtmler.dll2013-06-22 09:53 . 2013-06-22 09:53 38400 ----a-w- c:\windows\system32\imgutil.dll2013-06-22 09:53 . 2013-06-22 09:53 12800 ----a-w- c:\windows\system32\mshta.exe2013-06-22 09:53 . 2013-06-22 09:53 110592 ----a-w- c:\windows\system32\IEAdvpack.dll2013-06-22 09:53 . 2013-06-22 09:53 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll2013-06-22 09:53 . 2013-06-22 09:53 61952 ----a-w- c:\windows\system32\tdc.ocx2013-06-22 09:53 . 2013-06-22 09:53 361984 ----a-w- c:\windows\system32\html.iec2013-06-22 09:53 . 2013-06-22 09:53 23040 ----a-w- c:\windows\system32\licmgr10.dll2013-06-22 09:53 . 2013-06-22 09:53 1441280 ----a-w- c:\windows\system32\inetcpl.cpl2013-06-05 03:05 . 2013-07-10 03:56 2347520 ----a-w- c:\windows\system32\win32k.sys2013-06-04 04:53 . 2013-07-10 03:56 509440 ----a-w- c:\windows\system32\qedit.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-04-21 321328]"HPADVISOR"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-03-29 39408]"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" [2012-02-02 3035968]"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-06-07 958392]"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-07 21432].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-15 1549608]"HPCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 567864]"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104]"NortonOnlineBackupReminder"="c:\program files\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2011-03-10 495708]"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-01 59240]"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-09 49208]"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-06-07 3521464]"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2013-05-29 1374328]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-02 252848]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2013-02-04 132920].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]"DCERegBootClean"="c:\windows\RegBootClean.exe" [2013-09-01 181808].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-5 795936].[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 29472]R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-18 83168]R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-10-21 198656]R3 GamesAppService;GamesAppService;c:\program files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-03-10 230400]R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-18 181344]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-04 1343400]R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]S0 TMEBC;TMEBC;c:\windows\system32\DRIVERS\TMEBC32.sys [2012-08-24 38328]S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2012-12-21 76648]S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_1f4e5527ca660a3d\aestsrv.exe [2011-03-10 81920]S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-13 125056]S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-21 116136]S3 tmeevw;tmeevw;c:\windows\system32\DRIVERS\tmeevw.sys [2012-12-07 83256]S3 tmnciesc;tmnciesc;c:\windows\system32\DRIVERS\tmnciesc.sys [2012-07-06 171064]..[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]2009-08-20 21:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe.[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-08-29 23:15 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-07 05:25].2013-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-29 13:21].2013-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-29 13:21].2013-08-23 c:\windows\Tasks\HPCeeScheduleForDSE-PC$.job- c:\program files\hewlett-packard\hp ceement\HPCEE.exe [2010-09-13 12:15].2013-08-29 c:\windows\Tasks\HPCeeScheduleForDSE.job- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 12:15]..------- Supplementary Scan -------.uStart Page = about:blankmStart Page = about:blankIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.htmlIE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htmTCP: DhcpNameServer = 192.168.0.1TCP: Interfaces\{2FE3F9F0-7F2D-4B93-A0F0-182795DD2EF0}: NameServer = 211.29.132.12 61.88.88.88.- - - - ORPHANS REMOVED - - - -.HKCU-Run-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exeAddRemove-LSI Soft Modem - c:\windows\agrsmdelAddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exeAddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exeAddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exeAddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exeAddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exeAddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exeAddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exeAddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exeAddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exeAddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exeAddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exeAddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exeAddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exeAddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exeAddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exeAddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exeAddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exeAddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exeAddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'Explorer.exe'(6708)c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll.Completion time: 2013-09-01 13:08:01ComboFix-quarantined-files.txt 2013-09-01 03:08.Pre-Run: 177,856,663,552 bytes freePost-Run: 177,860,472,832 bytes free.- - End Of File - - AE5489B5E405B8C79D6834389DAD99EB92679D54185287390D1A1919D2C3E79B
  5. koalaboy14
    ok ran the scan again and its still saying no malware found no cleanup required. Did u want me to post any logs?
  6. koalaboy14
    i just chhecked to see where the scan was p to. apparently there was no malware fond by the scan. however i am re scanning now to see whether it finds anything else
  7. koalaboy14
    Ahah! Excellent! my laptop has booted normally. Thank you MrC you're a champion. Here is the fix log as requested Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-08-2013Ran by SYSTEM at 2013-08-29 22:51:33 Run:1Running from H:\Boot Mode: Recovery ============================================== Content of fixlist:*****************HKU\DSE\...\Winlogon: [shell] explorer.exe,C:\Users\DSE\AppData\Roaming\cache.dat [ 2013-08-25] () C:\Users\DSE\AppData\Roaming\cache.datC:\Users\DSE\AppData\Roaming\cache.iniC:\Users\DSE\AppData\Local\Temp\gsctmlviidrubmpel.exe ***************** HKU\DSE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.C:\Users\DSE\AppData\Roaming\cache.dat => Moved successfully.C:\Users\DSE\AppData\Roaming\cache.ini => Moved successfully.C:\Users\DSE\AppData\Local\Temp\gsctmlviidrubmpel.exe => Moved successfully. ==== End of Fixlog ==== I have MBAR scanning at the moment. I'm not sure how long it will take to scan as i have a lot of files on my laptop. As soon as the scan is done (assuming i havent fallen asleep (its like 1130pm here)) i will post the logs as requestedthank yo again Mr Charlie
  8. koalaboy14
    Hey, i posted before but accidentally replied to myself (probably should have read the pinned thread) anyway... I seem to have encountered the Australian media authority/interpol Ukash ransomware on my hp pavillion running windows 7 home premium 32bit. The virus doesn't allow me to access my laptop with safemode or safemode with command prompt or safemode with networking or even in normal mode. However I've downloaded and run a scan with FSRT and have the log below. not really sure where to go from here Thank you in advance KB Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-08-2013Ran by SYSTEM on 29-08-2013 18:53:10Running from H:\Windows 7 Home Premium (X86) OS Language: English(US)Internet Explorer Version 10Boot Mode: Recovery The current controlset is ControlSet001ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1549608 2009-08-14] (Synaptics Incorporated)HKLM\...\Run: [HPCam_Menu] - c:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)HKLM\...\Run: [smartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [567864 2009-08-25] ()HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)HKLM\...\Run: [NortonOnlineBackupReminder] - C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)HKLM\...\Run: [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2011-03-10] (IDT, Inc.)HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-01] (Apple Inc.)HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-09] (Hewlett-Packard)HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3521464 2012-06-07] (Samsung Electronics Co., Ltd.)HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1374328 2013-05-29] (Trend Micro Inc.)HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-02] (Sun Microsystems, Inc.)HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [132920 2013-02-04] (Trend Micro Inc.)HKU\DSE\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [ 2009-08-20] (Hewlett-Packard Company)HKU\DSE\...\Run: [msnmsgr] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe [ 2009-07-26] (Microsoft Corporation)HKU\DSE\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [ 2010-04-20] (BitTorrent, Inc.)HKU\DSE\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2009-09-29] (Hewlett-Packard)HKU\DSE\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2011-03-29] (Google Inc.)HKU\DSE\...\Run: [MobileDocuments] - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [ 2012-02-22] (Apple Inc.)HKU\DSE\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files\DAEMON Tools Pro\DTAgent.exe [ 2012-02-02] (DT Soft Ltd)HKU\DSE\...\Run: [KiesHelper] - C:\Program Files\Samsung\Kies\KiesHelper.exe [ 2012-06-07] (Samsung)HKU\DSE\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [x]HKU\DSE\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [ 2012-06-07] ()HKU\DSE\...\Winlogon: [shell] explorer.exe,C:\Users\DSE\AppData\Roaming\cache.dat [ 2013-08-25] () <==== ATTENTION ========================== Services (Whitelisted) ================= S2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-27] (LSI Corporation)S2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_1f4e5527ca660a3d\STacSV.exe [229458 2011-03-10] (IDT, Inc.)S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [x] ==================== Drivers (Whitelisted) ==================== S0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)S0 sptd; C:\Windows\System32\Drivers\sptd.sys [473656 2012-03-08] (Duplex Secure Ltd.)S1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [96248 2012-12-21] (Trend Micro Inc.)S0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [258976 2012-12-21] (Trend Micro Inc.)S0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC32.sys [38328 2012-08-24] (Trend Micro Inc.)S3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [83256 2012-12-07] (Trend Micro Inc.)S1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [76648 2012-12-21] (Trend Micro Inc.)S3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [171064 2012-07-05] (Trend Micro Inc.)S1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [92304 2012-05-02] (Trend Micro Inc.)S2 TMAgent; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-25 00:13 - 2013-08-28 23:40 - 00000004 _____ C:\Users\DSE\AppData\Roaming\cache.ini2013-08-25 00:08 - 2013-08-25 00:07 - 00062976 _____ C:\Users\DSE\AppData\Roaming\cache.dat2013-08-14 07:27 - 2013-08-14 07:27 - 00000000 ____D C:\Windows\System32\MRT2013-08-14 07:19 - 2013-07-25 19:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll2013-08-14 07:19 - 2013-07-25 19:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll2013-08-14 07:19 - 2013-07-25 19:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe2013-08-14 07:19 - 2013-07-25 19:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll2013-08-14 07:19 - 2013-07-25 19:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll2013-08-14 07:19 - 2013-07-25 19:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll2013-08-14 07:19 - 2013-07-25 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll2013-08-14 07:19 - 2013-07-25 19:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll2013-08-14 07:19 - 2013-07-25 19:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll2013-08-14 07:19 - 2013-07-25 19:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll2013-08-14 07:19 - 2013-07-25 19:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll2013-08-14 07:19 - 2013-07-25 19:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll2013-08-14 07:19 - 2013-07-25 19:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll2013-08-14 07:19 - 2013-07-25 19:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll2013-08-14 07:19 - 2013-07-25 18:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb2013-08-14 07:19 - 2013-07-25 17:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe2013-08-14 02:18 - 2013-07-25 00:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL2013-08-14 02:18 - 2013-07-18 17:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll2013-08-14 02:18 - 2013-07-08 21:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe2013-08-14 02:18 - 2013-07-08 21:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe2013-08-14 02:18 - 2013-07-08 20:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll2013-08-14 02:18 - 2013-07-08 20:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll2013-08-14 02:18 - 2013-07-08 20:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll2013-08-14 02:18 - 2013-07-08 20:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll2013-08-14 02:18 - 2013-07-08 20:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll2013-08-14 02:18 - 2013-07-08 20:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll2013-08-14 02:18 - 2013-07-05 21:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys2013-08-14 02:17 - 2013-06-14 19:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys2013-08-11 23:36 - 2013-08-11 23:39 - 00096768 ___SH C:\Users\DSE\Downloads\Thumbs.db2013-08-06 00:16 - 2013-08-06 00:52 - 00000000 ____D C:\Users\DSE\Downloads\adventure time season 42013-08-02 05:02 - 2013-08-24 03:30 - 00000000 ____D C:\Users\DSE\AppData\Roaming\vlc2013-08-02 05:02 - 2013-08-02 05:02 - 00000984 _____ C:\Users\Public\Desktop\VLC media player.lnk2013-08-02 05:01 - 2013-08-02 05:01 - 00000000 ____D C:\Program Files\VideoLAN2013-08-02 04:58 - 2013-08-02 05:00 - 23003252 _____ C:\Users\DSE\Downloads\vlc-2.0.8-win32.exe2013-08-02 01:07 - 2013-08-02 01:53 - 00006144 _____ C:\Users\DSE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2013-08-02 01:01 - 2013-08-02 04:56 - 00000000 ____D C:\Users\DSE\Downloads\Adventure Time Season 3 Complete ==================== One Month Modified Files and Folders ======= 2013-08-29 00:05 - 2009-07-13 20:34 - 00023248 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-08-29 00:05 - 2009-07-13 20:34 - 00023248 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-08-29 00:01 - 2009-12-25 01:27 - 02088213 _____ C:\Windows\WindowsUpdate.log2013-08-28 23:57 - 2009-07-13 20:39 - 00114704 _____ C:\Windows\setupact.log2013-08-28 23:43 - 2012-05-13 18:16 - 00000258 __RSH C:\ProgramData\ntuser.pol2013-08-28 23:40 - 2013-08-25 00:13 - 00000004 _____ C:\Users\DSE\AppData\Roaming\cache.ini2013-08-28 23:40 - 2010-04-20 17:02 - 00000000 ____D C:\Users\DSE\AppData\Roaming\uTorrent2013-08-28 23:39 - 2010-02-02 16:36 - 00000000 ____D C:\Users\DSE\AppData\Roaming\HpUpdate2013-08-28 23:35 - 2010-02-17 00:48 - 00000000 ____D C:\Users\DSE\Tracing2013-08-28 23:34 - 2010-04-23 15:33 - 00000000 ____D C:\Users\DSE\AppData\Local\CrashDumps2013-08-25 00:07 - 2013-08-25 00:08 - 00062976 _____ C:\Users\DSE\AppData\Roaming\cache.dat2013-08-24 03:30 - 2013-08-02 05:02 - 00000000 ____D C:\Users\DSE\AppData\Roaming\vlc2013-08-24 03:30 - 2012-10-29 05:29 - 00000000 ____D C:\Users\DSE\Downloads\Archer Season 12013-08-23 15:18 - 2011-03-29 05:23 - 00002089 _____ C:\Users\Public\Desktop\Google Chrome.lnk2013-08-22 21:19 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\NDF2013-08-22 14:16 - 2011-11-24 13:15 - 00000000 _____ C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt2013-08-22 14:16 - 2010-03-01 22:59 - 00000052 _____ C:\Windows\System32\DOErrors.log2013-08-15 06:40 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\rescache2013-08-15 05:35 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET2013-08-14 07:30 - 2013-08-14 07:27 - 00000000 ____D C:\Windows\System32\MRT2013-08-14 07:27 - 2012-09-25 05:48 - 75778376 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe2013-08-14 07:24 - 2009-09-06 15:02 - 00747890 _____ C:\Windows\System32\PerfStringBackup.INI2013-08-11 23:39 - 2013-08-11 23:36 - 00096768 ___SH C:\Users\DSE\Downloads\Thumbs.db2013-08-11 23:36 - 2012-04-01 22:28 - 00000000 ____D C:\Users\DSE\Downloads\Game.of.Thrones.S02E01.HDTV.x264-ASAP [PublicHD.ORG]2013-08-07 14:23 - 2012-07-16 23:22 - 00000000 ____D C:\Users\DSE\Downloads\Bones - Season 12013-08-06 00:52 - 2013-08-06 00:16 - 00000000 ____D C:\Users\DSE\Downloads\adventure time season 42013-08-05 00:23 - 2013-07-14 03:55 - 00000000 ____D C:\Users\DSE\Downloads\Archer.2009.S04E01-13.720p.WEB-DL.x264.AAC2013-08-02 05:02 - 2013-08-02 05:02 - 00000984 _____ C:\Users\Public\Desktop\VLC media player.lnk2013-08-02 05:01 - 2013-08-02 05:01 - 00000000 ____D C:\Program Files\VideoLAN2013-08-02 05:00 - 2013-08-02 04:58 - 23003252 _____ C:\Users\DSE\Downloads\vlc-2.0.8-win32.exe2013-08-02 04:56 - 2013-08-02 01:01 - 00000000 ____D C:\Users\DSE\Downloads\Adventure Time Season 3 Complete2013-08-02 01:53 - 2013-08-02 01:07 - 00006144 _____ C:\Users\DSE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2013-08-01 22:20 - 2011-03-29 05:21 - 00000000 ____D C:\Program Files\Google2013-08-01 21:53 - 2010-05-10 18:41 - 00000000 ____D C:\Users\DSE\AppData\Local\Adobe2013-08-01 21:25 - 2012-08-06 23:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe2013-08-01 21:25 - 2011-12-13 14:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl Files to move or delete:====================C:\Users\DSE\iTunesSetup.exeC:\Users\DSE\AppData\Roaming\cache.datC:\Users\DSE\AppData\Roaming\cache.iniC:\Users\DSE\AppData\Local\Temp\gsctmlviidrubmpel.exeC:\Users\DSE\AppData\Local\Temp\SCC.dllC:\Users\DSE\AppData\Local\Temp\TsuFCA74EC2.dllC:\Users\DSE\AppData\Local\Temp\{B47A25A5-5E9B-4CCF-AE24-16B96F990753}\Custom.dllC:\Users\DSE\AppData\Local\Temp\{B47A25A5-5E9B-4CCF-AE24-16B96F990753}\Setup.exeC:\Users\DSE\AppData\Local\Temp\{B47A25A5-5E9B-4CCF-AE24-16B96F990753}\_Setup.dllC:\Users\DSE\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dllC:\Users\DSE\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legitC:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OKHKLM\...\exefile\DefaultIcon: %1 => OKHKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-07-25 22:26:20Restore point made on: 2013-08-01 21:27:49Restore point made on: 2013-08-05 23:16:28Restore point made on: 2013-08-11 23:47:20Restore point made on: 2013-08-14 07:18:43Restore point made on: 2013-08-21 22:46:40Restore point made on: 2013-08-28 23:36:07 ==================== Memory info =========================== Percentage of memory in use: 15%Total physical RAM: 4022.87 MBAvailable physical RAM: 3392.39 MBTotal Pagefile: 4021.14 MBAvailable Pagefile: 3392.64 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1936.21 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:453.75 GB) (Free:166.13 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive e: (RECOVERY) (Fixed) (Total:11.71 GB) (Free:1.95 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32Drive h: (HITMANPRO) (Removable) (Total:0.95 GB) (Free:0.95 GB) FAT32Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFSDrive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 466 GB) (Disk ID: 88DB4E50)Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=454 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ========================================================Disk: 1 (Size: 983 MB) (Disk ID: D3F20374)Partition 1: (Active) - (Size=981 MB) - (Type=0B) LastRegBack: 2013-08-22 00:13 ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.