Jump to content

Reet

Members
 View Profile  See their activity

  • Posts

    10

  • Joined

  • Last visited

 Content Type 

Everything posted by Reet

  1. Reet

    Thank you very much for your support, patience and time, Sir. I really appreciate it!

  2. Reet
    Done. Checkup.txt Results of screen317's Security Check version 0.99.73 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Firewall Disabled! Microsoft Security Essentials (On Access scanning disabled!) Error obtaining update status for antivirus! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 25 Adobe Flash Player 11.8.800.94 Adobe Reader XI Mozilla Firefox 22.0 Firefox out of Date! Google Chrome 28.0.1500.95 Google Chrome 29.0.1547.57 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  3. Reet
    I'm sorry sir, but both the links of 'Security Check' are not working.
  4. Reet
    Quick Scan complete....... No malicious software was detected. Here's the report: Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.09.01.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 ikraj :: IKRAJ-PC [administrator] Protection: Disabled 9/1/2013 11:32:49 PM mbam-log-2013-09-01 (23-32-49).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 227388 Time elapsed: 3 minute(s), 53 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  5. Reet
    Reboot done. Oh, and Security Alert stopped showing up . Here's the log file after the Clean process: AdwCleaner[s0] # AdwCleaner v3.001 - Report created 01/09/2013 at 23:22:12 # Updated 24/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : ikraj - IKRAJ-PC # Running from : C:\Users\ikraj\Downloads\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\apn Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\BetterSoft Folder Deleted : C:\ProgramData\InstallMate Folder Deleted : C:\ProgramData\SoftSafe Folder Deleted : C:\Users\ikraj\AppData\Local\Ilivid Folder Deleted : C:\Users\ikraj\AppData\Local\Wondershare Folder Deleted : C:\Users\ikraj\AppData\LocalLow\Conduit Folder Deleted : C:\Users\ikraj\AppData\LocalLow\Toolbar4 Folder Deleted : C:\Users\ikraj\AppData\Roaming\Systweak Folder Deleted : C:\Users\ikraj\AppData\Roaming\yourfiledownloader File Deleted : C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\Extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi File Deleted : C:\windows\System32\roboot64.exe File Deleted : C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\searchplugins\Web Search.xml File Deleted : C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\\invalidprefs.js File Deleted : C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com] Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\Directory\shell\SPEEDbitVideoConverter Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\SBConvert.SBConvert Key Deleted : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3 Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS Key Deleted : HKCU\Software\5c55da8cbc3ab845 Key Deleted : HKLM\SOFTWARE\5c55da8cbc3ab845 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0329E7D6-6F54-462D-93F6-F5C3118BADF2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{92A9ACF4-9333-43AE-9698-DB283326F87F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0329E7D6-6F54-462D-93F6-F5C3118BADF2} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92A9ACF4-9333-43AE-9698-DB283326F87F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0329E7D6-6F54-462D-93F6-F5C3118BADF2} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{92A9ACF4-9333-43AE-9698-DB283326F87F} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\systweak Key Deleted : HKCU\Software\YourFileDownloader Key Deleted : HKCU\Software\AppDataLow\SProtector Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\PIP Key Deleted : HKLM\Software\SP Global Key Deleted : HKLM\Software\SProtector Key Deleted : HKLM\Software\YourFileDownloader Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v22.0 (en-US) [ File : C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\prefs.js ] Line Deleted : user_pref("extensions.delta.admin", false); Line Deleted : user_pref("extensions.delta.aflt", "babsst"); Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Line Deleted : user_pref("extensions.delta.autoRvrt", "false"); Line Deleted : user_pref("extensions.delta.dfltLng", "en"); Line Deleted : user_pref("extensions.delta.excTlbr", false); Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true); Line Deleted : user_pref("extensions.delta.id", "7c4e86d400000000000000ff8564c706"); Line Deleted : user_pref("extensions.delta.instlDay", "15878"); Line Deleted : user_pref("extensions.delta.instlRef", "sst"); Line Deleted : user_pref("extensions.delta.newTab", false); Line Deleted : user_pref("extensions.delta.prdct", "delta"); Line Deleted : user_pref("extensions.delta.prtnrId", "delta"); Line Deleted : user_pref("extensions.delta.rvrt", "false"); Line Deleted : user_pref("extensions.delta.smplGrp", "none"); Line Deleted : user_pref("extensions.delta.tlbrId", "base"); Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", ""); Line Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5"); Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.520:36:27"); Line Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5"); Line Deleted : user_pref("extensions.delta_i.babExt", ""); Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=120007&tt=180613_ndt2&tsp=4921"); Line Deleted : user_pref("extensions.delta_i.srcExt", "ss"); -\\ Google Chrome v29.0.1547.57 [ File : C:\Users\ikraj\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [11269 octets] - [01/09/2013 23:00:43] AdwCleaner[R1].txt - [11330 octets] - [01/09/2013 23:09:03] AdwCleaner[s0].txt - [11363 octets] - [01/09/2013 23:22:12] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [11424 octets] ##########
  6. Reet
    Okay..... So here's the content of the log file AdwCleaner[R0].txt I'm going to reboot now and will post the contents of the next log after reboot. AdwCleaner[R0].txt # AdwCleaner v3.001 - Report created 01/09/2013 at 23:00:43 # Updated 24/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : ikraj - IKRAJ-PC # Running from : C:\Users\ikraj\Downloads\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\\invalidprefs.js File Found : C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\Extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi File Found : C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\searchplugins\Web Search.xml File Found : C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\user.js File Found : C:\windows\System32\roboot64.exe Folder Found C:\ProgramData\apn Folder Found C:\ProgramData\Babylon Folder Found C:\ProgramData\BetterSoft Folder Found C:\ProgramData\InstallMate Folder Found C:\ProgramData\SoftSafe Folder Found C:\Users\ikraj\AppData\Local\Ilivid Folder Found C:\Users\ikraj\AppData\Local\Wondershare Folder Found C:\Users\ikraj\AppData\LocalLow\Conduit Folder Found C:\Users\ikraj\AppData\LocalLow\Toolbar4 Folder Found C:\Users\ikraj\AppData\Roaming\Systweak Folder Found C:\Users\ikraj\AppData\Roaming\yourfiledownloader ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\5c55da8cbc3ab845 Key Found : HKCU\Software\APN PIP Key Found : HKCU\Software\AppDataLow\SProtector Key Found : HKCU\Software\ilivid Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0329E7D6-6F54-462D-93F6-F5C3118BADF2} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{92A9ACF4-9333-43AE-9698-DB283326F87F} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0329E7D6-6F54-462D-93F6-F5C3118BADF2} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92A9ACF4-9333-43AE-9698-DB283326F87F} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Found : HKCU\Software\systweak Key Found : HKCU\Software\YourFileDownloader Key Found : [x64] HKCU\Software\APN PIP Key Found : [x64] HKCU\Software\ilivid Key Found : [x64] HKCU\Software\systweak Key Found : [x64] HKCU\Software\YourFileDownloader Key Found : HKLM\SOFTWARE\5c55da8cbc3ab845 Key Found : HKLM\Software\Babylon Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Key Found : HKLM\SOFTWARE\Classes\CLSID\{0329E7D6-6F54-462D-93F6-F5C3118BADF2} Key Found : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E} Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C} Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} Key Found : HKLM\SOFTWARE\Classes\CLSID\{92A9ACF4-9333-43AE-9698-DB283326F87F} Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0} Key Found : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F} Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0} Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B} Key Found : HKLM\SOFTWARE\Classes\Directory\shell\SPEEDbitVideoConverter Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003} Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328} Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403} Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\SBConvert.SBConvert Key Found : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3 Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1 Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Found : HKLM\Software\DataMngr Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\Software\PIP Key Found : HKLM\Software\SP Global Key Found : HKLM\Software\SProtector Key Found : HKLM\Software\YourFileDownloader Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com] Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v22.0 (en-US) [ File : C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\prefs.js ] Line Found : user_pref("extensions.delta.admin", false); Line Found : user_pref("extensions.delta.aflt", "babsst"); Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Line Found : user_pref("extensions.delta.autoRvrt", "false"); Line Found : user_pref("extensions.delta.dfltLng", "en"); Line Found : user_pref("extensions.delta.excTlbr", false); Line Found : user_pref("extensions.delta.ffxUnstlRst", true); Line Found : user_pref("extensions.delta.id", "7c4e86d400000000000000ff8564c706"); Line Found : user_pref("extensions.delta.instlDay", "15878"); Line Found : user_pref("extensions.delta.instlRef", "sst"); Line Found : user_pref("extensions.delta.newTab", false); Line Found : user_pref("extensions.delta.prdct", "delta"); Line Found : user_pref("extensions.delta.prtnrId", "delta"); Line Found : user_pref("extensions.delta.rvrt", "false"); Line Found : user_pref("extensions.delta.smplGrp", "none"); Line Found : user_pref("extensions.delta.tlbrId", "base"); Line Found : user_pref("extensions.delta.tlbrSrchUrl", ""); Line Found : user_pref("extensions.delta.vrsn", "1.8.21.5"); Line Found : user_pref("extensions.delta.vrsnTs", "1.8.21.520:36:27"); Line Found : user_pref("extensions.delta.vrsni", "1.8.21.5"); Line Found : user_pref("extensions.delta_i.babExt", ""); Line Found : user_pref("extensions.delta_i.babTrack", "affID=120007&tt=180613_ndt2&tsp=4921"); Line Found : user_pref("extensions.delta_i.srcExt", "ss"); -\\ Google Chrome v29.0.1547.57 [ File : C:\Users\ikraj\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [11091 octets] - [01/09/2013 23:00:43] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11152 octets] ##########
  7. Reet
    I think I'm having a problem here somewhere. I keep getting the message in the picture attached whenever I open any website after running ComboFix.
  8. Reet
    Done. Here's the ComboFix.txt file: ComboFix.txt
  9. Reet
    Done. No threats were found during cleanup and thus, no reboot was done. I have attached the mbar-lod.txt and system-log.txt files. mbar-log-2013-09-01 (20-52-38).txt system-log.txt
  10. Reet
    Thank you for your help. This is the report created by RogueKiller: RogueKiller V8.6.7 _x64_ [Aug 28 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : ikraj [Admin rights] Mode : Scan -- Date : 09/01/2013 19:03:25 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [sHELL][sUSP PATH] HKCU\[...]\Windows : load (C:\Users\ikraj\LOCALS~1\Temp\ccuhux.cmd [x]) -> FOUND [sHELL][sUSP PATH] HKUS\[...]\Windows : load (C:\Users\ikraj\LOCALS~1\Temp\ccuhux.cmd [x]) -> FOUND [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD5000BPVT-75HXZT3 +++++ --- User --- [MBR] a9c11ca4a33c3689a071bf867f5513f6 [bSP] 4d97140e8ffb6382e1b0e824bd0f36f6 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 20000 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41166848 | Size: 456838 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_09012013_190325.txt >>
  11. Reet
    I recently installed Malwarebytes antivirus and detected 2 virus Trojan.Ransom and PUM.UserWLoad which are appearing again and again even after trying to delete them using Malwarebytes. These never showed up while scanning using Microsoft Security Essentials which I have been using for a long time. Also, my system has showed decreased performance during startup from quite some time. So, I decided to post here and followed instructions given in : http://forums.malwarebytes.org//index.php?showtopic=9573 DDS.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2 Run by ikraj at 16:51:31 on 2013-09-01 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4004.1544 [GMT 5.5:30] . AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\windows\system32\svchost.exe -k GPSvcGroup C:\windows\system32\svchost.exe -k NetworkService C:\windows\system32\WLANExt.exe C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\IDT\WDM\AESTSr64.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe C:\Program Files\DellTPad\Apoint.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe c:\oracle\product\10.2.0\db_2\bin\ORACLE.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe C:\Program Files (x86)\BlueStacks\HD-Service.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\BlueStacks\HD-Network.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\windows\system32\SearchIndexer.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe C:\windows\system32\svchost.exe -k bthsvcs c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:tabs mStart Page = about:blank uWindows: Load = C:\Users\ikraj\LOCALS~1\Temp\ccuhux.cmd mWinlogon: Userinit = userinit.exe, TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file> uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [Yahoo Messenger] <no file> mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent uPolicies-Explorer: NoDriveTypeAutoRun = dword:0 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{070D6C00-7F62-4CE3-9CB2-4C0908D193FA} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{3F9E232C-F3EC-48C3-BB68-D2EED1A9DAEE} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{3F9E232C-F3EC-48C3-BB68-D2EED1A9DAEE}\34F6D60757475627 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{3F9E232C-F3EC-48C3-BB68-D2EED1A9DAEE}\4505D2C494E4B4F5346343342373 : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: RadioRipper.ShellExecuteHook - {93f261fc-7dce-4268-9edb-4c94f8afb899} - mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mStart Page = about:blank x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Java\jre6\bin\jp2ssv.dll x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file> x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" x64-Run: [AthBtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\ FF - prefs.js: browser.startup.homepage - about:home FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-08-25 20:18; {c50ca3c4-5656-43c2-a061-13e717f73fc8}; C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi FF - ExtSQL: 2013-08-25 20:18; vdpure@link64; C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\extensions\vdpure@link64.xpi FF - ExtSQL: 2013-08-25 20:18; netvideohunter@netvideohunter.com; C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\extensions\netvideohunter@netvideohunter.com FF - ExtSQL: 2013-08-25 20:18; anttoolbar@ant.com; C:\Users\ikraj\AppData\Roaming\Mozilla\Firefox\Profiles\wx786rc1.default\extensions\anttoolbar@ant.com . ---- FIREFOX POLICIES ---- FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 7c4e86d400000000000000ff8564c706 FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15878 FF - user.js: extensions.delta.vrsn - 1.8.21.5 FF - user.js: extensions.delta.vrsni - 1.8.21.5 FF - user.js: extensions.delta.vrsnTs - 1.8.21.520:36:27 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=120007&tt=180613_ndt2&tsp=4921 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-6-18 247216] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2013-7-12 283200] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-5-21 89600] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2012-3-9 107648] R2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-8-7 393032] R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-8-7 70984] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-8-7 199176] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-21 13336] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-1 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-1 701512] R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-26 2823000] R2 OracleServiceORCL;OracleServiceORCL;c:\oracle\product\10.2.0\db_2\bin\ORACLE.EXE ORCL --> c:\oracle\product\10.2.0\db_2\bin\ORACLE.EXE ORCL [?] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-5-21 1695040] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-5-21 2656280] R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [2012-3-9 159360] R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2012-5-21 77824] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2012-3-9 30848] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2012-5-21 176096] R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2012-5-21 317440] R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-9-1 25928] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-19 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576] S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2012-3-9 36480] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2012-3-9 340096] S3 btath_avdt;Atheros Bluetooth AVDT Service;C:\windows\System32\drivers\btath_avdt.sys [2012-3-9 111232] S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2012-3-9 168064] S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2012-3-9 68736] S3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2012-3-9 281472] S3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2012-3-9 551552] S3 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2013-1-20 139616] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-2-6 19456] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-5-21 250984] S3 taphss6;Anchorfree HSS VPN Adapter;C:\windows\System32\drivers\taphss6.sys [2013-4-25 42184] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-2-6 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-2-6 30208] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] S3 VBoxUSB;VirtualBox USB;C:\windows\System32\drivers\VBoxUSB.sys [2011-12-19 117040] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2013-1-29 1255736] S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-8-7 384840] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2008-8-15 47128] S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080] S4 OracleJobSchedulerORCL;OracleJobSchedulerORCL;c:\oracle\product\10.2.0\db_2\Bin\extjob.exe ORCL --> c:\oracle\product\10.2.0\db_2\Bin\extjob.exe ORCL [?] S4 OracleOraDb10g_home1TNSListener;OracleOraDb10g_home1TNSListener;C:\oracle\product\10.2.0\db_2\BIN\TNSLSNR --> C:\oracle\product\10.2.0\db_2\BIN\TNSLSNR [?] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-8-15 369688] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== File Associations =============== . FileExt: .vbe: VBEFile="C:\windows\System32\CScript.exe" "%1" %* [default=Open2] FileExt: .vbs: VBSFile="C:\windows\System32\CScript.exe" "%1" %* [default=Open2] FileExt: .js: JSFile=C:\windows\System32\CScript.exe "%1" %* [default=Open2] FileExt: .jse: JSEFile=C:\windows\System32\CScript.exe "%1" %* [default=Open2] FileExt: .wsf: WSFFile="C:\windows\System32\CScript.exe" "%1" %* [default=Open2] . =============== Created Last 30 ================ . 2013-09-01 11:07:32 -------- d-----w- C:\Users\ikraj\AppData\Roaming\Malwarebytes 2013-09-01 11:07:15 -------- d-----w- C:\ProgramData\Malwarebytes 2013-09-01 11:07:11 25928 ----a-w- C:\windows\System32\drivers\mbam.sys 2013-09-01 11:07:10 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-01 06:17:30 9515512 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B33C0935-9507-4199-81D3-AC04CB62E4DE}\mpengine.dll 2013-08-31 14:20:52 -------- d-----w- C:\TEMP 2013-08-31 03:14:02 9515512 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-08-28 15:51:38 -------- d-----w- C:\windows\PCHEALTH 2013-08-28 15:51:38 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client 2013-08-28 15:16:32 -------- d-----w- C:\ProgramData\Virtualized Applications 2013-08-24 02:45:24 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery 2013-08-22 13:31:27 941720 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-08-22 13:31:25 941720 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{74659BC2-736C-4AAB-9743-14EDBD6BF5C5}\gapaengine.dll 2013-08-19 18:50:20 0 ----a-w- C:\windows\SysWow64\sho2CF1.tmp 2013-08-19 18:11:18 -------- d-----w- C:\windows\pss 2013-08-18 14:23:23 -------- d-----w- C:\Program Files (x86)\BlueStacks 2013-08-18 14:21:12 240778 ----a-w- C:\ProgramData\1376835580.bdinstall.bin 2013-08-18 14:19:12 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2013-08-18 14:19:06 -------- d-----w- C:\Program Files\Microsoft Security Client 2013-08-18 13:58:19 -------- d-----w- C:\ProgramData\BlueStacks 2013-08-15 06:44:59 775256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-08-15 03:36:42 1472512 ----a-w- C:\windows\System32\crypt32.dll 2013-08-15 03:36:41 224256 ----a-w- C:\windows\System32\wintrust.dll 2013-08-15 03:36:41 184320 ----a-w- C:\windows\System32\cryptsvc.dll 2013-08-15 03:36:41 175104 ----a-w- C:\windows\SysWow64\wintrust.dll 2013-08-15 03:36:41 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll 2013-08-15 03:36:41 139776 ----a-w- C:\windows\System32\cryptnet.dll 2013-08-15 03:36:41 1166848 ----a-w- C:\windows\SysWow64\crypt32.dll 2013-08-15 03:36:41 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll 2013-08-15 03:31:30 2048 ----a-w- C:\windows\SysWow64\tzres.dll 2013-08-15 03:31:30 2048 ----a-w- C:\windows\System32\tzres.dll 2013-08-15 03:26:17 1888768 ----a-w- C:\windows\System32\WMVDECOD.DLL 2013-08-15 03:26:17 1620992 ----a-w- C:\windows\SysWow64\WMVDECOD.DLL 2013-08-15 03:26:16 663552 ----a-w- C:\windows\SysWow64\rpcrt4.dll 2013-08-15 03:26:16 1217024 ----a-w- C:\windows\System32\rpcrt4.dll 2013-08-15 03:25:13 3968960 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2013-08-15 03:25:13 3913664 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2013-08-15 03:25:12 5550528 ----a-w- C:\windows\System32\ntoskrnl.exe 2013-08-15 03:25:12 1732032 ----a-w- C:\windows\System32\ntdll.dll 2013-08-15 03:25:11 243712 ----a-w- C:\windows\System32\wow64.dll 2013-08-15 03:25:11 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll 2013-08-15 03:25:10 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll 2013-08-15 03:25:09 5120 ----a-w- C:\windows\SysWow64\wow32.dll 2013-08-15 03:25:08 7680 ----a-w- C:\windows\SysWow64\instnm.exe 2013-08-15 03:25:08 25600 ----a-w- C:\windows\SysWow64\setup16.exe 2013-08-15 03:25:08 2048 ----a-w- C:\windows\SysWow64\user.exe 2013-08-15 03:23:53 39936 ----a-w- C:\windows\System32\drivers\tssecsrv.sys 2013-08-15 03:23:52 1910208 ----a-w- C:\windows\System32\drivers\tcpip.sys 2013-08-13 16:01:16 -------- d-----w- C:\Users\ikraj\AppData\Roaming\OpenOffice 2013-08-13 15:59:00 -------- d-----w- C:\Program Files (x86)\OpenOffice 4 2013-08-13 12:26:07 45056 ----a-r- C:\Users\ikraj\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe 2013-08-12 19:44:33 1827289 ----a-w- C:\ProgramData\1376316825.bdinstall.bin 2013-08-12 16:32:02 -------- d-----w- C:\ProgramData\BDLogging 2013-08-12 16:31:55 511328 ----a-w- C:\windows\capicom.dll 2013-08-12 11:30:11 299039 ----a-w- C:\ProgramData\1376306057.bdinstall.bin 2013-08-12 11:30:10 -------- d-----w- C:\Program Files\Bitdefender 2013-08-12 11:15:40 -------- d-----w- C:\Users\ikraj\AppData\Roaming\QuickScan 2013-08-12 10:45:52 279238 ----a-w- C:\ProgramData\1376304285.bdinstall.bin 2013-08-12 10:40:02 -------- d-----w- C:\Program Files\Common Files\Bitdefender 2013-08-09 03:55:37 -------- d-----w- C:\Users\ikraj\AppData\Roaming\Visan 2013-08-08 15:02:52 -------- d-----w- C:\ProgramData\Visan 2013-08-08 15:02:52 -------- d-----w- C:\ProgramData\HP Photo Creations 2013-08-08 15:02:52 -------- d-----w- C:\Program Files (x86)\HP Photo Creations 2013-08-08 15:02:13 -------- d-----w- C:\Users\ikraj\AppData\Roaming\HpUpdate 2013-08-08 15:01:05 -------- d-----w- C:\Program Files (x86)\HP 2013-08-08 14:59:23 -------- d-----w- C:\Program Files\HP 2013-08-08 14:57:26 -------- d-----w- C:\Users\ikraj\AppData\Local\HP 2013-08-07 16:07:02 -------- d-----w- C:\Users\ikraj\AppData\Local\Microsoft_Corporation 2013-08-07 15:59:58 50200 ----a-w- C:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll 2013-08-07 15:59:52 79896 ----a-w- C:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll 2013-08-07 15:56:45 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2013-08-07 15:55:28 -------- d-----w- C:\windows\SysWow64\1033 2013-08-07 15:55:28 -------- d-----w- C:\windows\System32\1033 2013-08-07 15:55:28 -------- d-----w- C:\Program Files\Microsoft SQL Server 2013-08-07 15:45:13 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server 2013-08-07 15:33:35 -------- d-----w- C:\Java 2013-08-05 18:22:08 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll . ==================== Find3M ==================== . 2013-08-07 15:35:25 455680 ----a-w- C:\windows\System32\deployJava1.dll 2013-08-05 18:21:54 867240 ----a-w- C:\windows\SysWow64\npDeployJava1.dll 2013-08-05 18:21:54 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll 2013-08-05 12:25:33 1093032 ----a-w- C:\windows\System32\npDeployJava1.dll 2013-07-30 17:20:31 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-07-30 17:20:31 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-07-26 05:13:37 2241024 ----a-w- C:\windows\System32\wininet.dll 2013-07-26 05:12:08 3958784 ----a-w- C:\windows\System32\jscript9.dll 2013-07-26 05:12:04 136704 ----a-w- C:\windows\System32\iesysprep.dll 2013-07-26 05:12:03 67072 ----a-w- C:\windows\System32\iesetup.dll 2013-07-26 03:35:08 2706432 ----a-w- C:\windows\System32\mshtml.tlb 2013-07-26 03:13:24 1767936 ----a-w- C:\windows\SysWow64\wininet.dll 2013-07-26 03:12:04 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll 2013-07-26 03:12:00 61440 ----a-w- C:\windows\SysWow64\iesetup.dll 2013-07-26 03:12:00 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll 2013-07-26 02:49:14 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb 2013-07-26 02:39:38 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe 2013-07-26 01:59:38 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe 2013-07-12 13:22:30 283200 ----a-w- C:\windows\System32\drivers\dtsoftbus01.sys 2013-07-12 13:06:04 564824 ----a-w- C:\windows\System32\drivers\sptd.sys 2013-07-12 12:09:35 98304 ----a-w- C:\windows\SysWow64\CmdLineExt.dll 2013-07-09 04:45:07 44032 ----a-w- C:\windows\apppatch\acwow64.dll 2013-06-18 16:20:08 247216 ----a-w- C:\windows\System32\drivers\MpFilter.sys 2013-06-18 16:20:08 139616 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys 2013-06-05 03:34:27 3153920 ----a-w- C:\windows\System32\win32k.sys 2013-06-04 06:00:13 624128 ----a-w- C:\windows\System32\qedit.dll 2013-06-04 04:53:07 509440 ----a-w- C:\windows\SysWow64\qedit.dll . ============= FINISH: 16:55:05.57 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 11/27/2012 5:58:06 AM System Uptime: 9/1/2013 4:33:10 PM (0 hours ago) . Motherboard: Dell Inc. | | 01HXXJ Processor: Intel® Core i3-2370M CPU @ 2.40GHz | CPU 1 | 792/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 446 GiB total, 165.148 GiB free. D: is CDROM () E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Description: Dell Wireless 1703 Bluetooth Device ID: USB\VID_0CF3&PID_E004\ALASKA_DAY_2006 Manufacturer: Atheros Communications Name: Dell Wireless 1703 Bluetooth PNP Device ID: USB\VID_0CF3&PID_E004\ALASKA_DAY_2006 Service: BTHUSB . ==== System Restore Points =================== . RP216: 8/22/2013 6:59:08 PM - Windows Update RP217: 8/26/2013 5:00:33 PM - Windows Update RP218: 8/28/2013 9:11:55 PM - Removed Microsoft Office Click-to-Run 2010 RP219: 8/28/2013 10:49:14 PM - Windows Update RP220: 9/1/2013 11:45:17 AM - Windows Update . ==== Installed Programs ====================== . Accidental Damage Services Agreement Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.03) Advanced Audio FX Engine Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Bluetooth Suite (64) Banctec Service Agreement Blio BlueStacks App Player BlueStacks Notification Center Bonjour calibre Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Complete Care Business Service Agreement Consumer In-Home Service Agreement D3DX10 DAEMON Tools Lite Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Digital Delivery Dell Edoc Viewer Dell Getting Started Guide Dell Home Systems Service Agreement Dell MusicStage Dell PhotoStage Dell Product Registration Dell Stage Dell Stage Remote Dell Touchpad Dell VideoStage Dell Webcam Central Dell WLAN and Bluetooth Client Installation Google Chrome Google Update Helper High-Definition Video Playback Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) HP Deskjet 1050 J410 series Basic Device Software HP Deskjet 1050 J410 series Help HP Photo Creations HP Update IDT Audio Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology iTunes Java 7 Update 25 Java Auto Updater Java 6 Update 20 (64-bit) Junk Mail filter update Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Management Studio Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 Policies Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files (English) Microsoft SQL Server Compact 3.5 SP1 English Microsoft SQL Server Compact 3.5 SP1 Query Tools English Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual Studio Tools for Applications 2.0 - ENU Mozilla Firefox 22.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 My Dell Need for Speed™ Most Wanted Nero 10 Movie ThemePack Basic Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero Update OpenOffice 4.0.0 OptimizerPro Oracle Data Provider for .NET Help Picasa 3 PlayReady PC Runtime x86 Premium Service Agreement QualxServ Service Agreement Quickset64 RadioRipper 1.1d BETA5 Realtek Ethernet Controller Driver Realtek USB 2.0 Card Reader Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Skype™ 6.5 Sql Server Customer Experience Improvement Program swMSM SyncUP Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) Visual Studio 2008 x64 Redistributables VLC media player 2.0.1 Winamp Winamp Detector Plug-in Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yahoo! Messenger YTD Video Downloader 4.2.2 Zinio Reader 4 . ==== Event Viewer Messages From Past Week ======== . 9/1/2013 11:04:55 AM, Error: Service Control Manager [7023] - The BlueStacks Android Service service terminated with the following error: An exception occurred in the service when handling the control request. 9/1/2013 1:07:16 AM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control. 8/31/2013 12:47:53 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user ikraj-PC\ikraj SID (S-1-5-21-3168067149-2790629548-2258167488-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 8/31/2013 12:47:51 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user ikraj-PC\ikraj SID (S-1-5-21-3168067149-2790629548-2258167488-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 8/30/2013 5:29:16 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.157.612.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9800.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 8/30/2013 5:29:16 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.157.612.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9800.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 8/30/2013 4:38:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service. 8/30/2013 4:38:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 8/30/2013 4:37:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service. 8/30/2013 4:09:53 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.157.612.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9800.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 8/30/2013 11:47:02 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR4. 8/30/2013 11:11:39 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2. 8/30/2013 11:05:17 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004 8/30/2013 10:58:52 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.157.612.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9800.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 8/28/2013 3:38:24 PM, Error: Service Control Manager [7022] - The Server service hung on starting. 8/27/2013 4:38:49 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect. 8/27/2013 4:38:49 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. 8/27/2013 4:38:49 PM, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/27/2013 11:21:16 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. 8/26/2013 12:19:12 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.157.344.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9800.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.