Jump to content

Artea

Members
  • Posts

    14
  • Joined

  • Last visited

Everything posted by Artea

  1. Allright, I followed all those steps. Thank again for all your help.
  2. Thanks for your incredibly quick and helpful instructions.

  3. Results of screen317's Security Check version 0.99.74 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 25 Java version out of Date! Adobe Flash Player 11.9.900.117 Adobe Reader XI Mozilla Firefox (24.0) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 5% ````````````````````End of Log``````````````````````
  4. I followed your suggestion about changing the shortcut target line and it worked. No sight of dosearches anywhere. I did it before running fixlist.though. Anyway, here's Fixlog.txt: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013 Ran by A at 2013-10-14 00:13:42 Run:1 Running from C:\Users\A\Downloads\Farbar Recovery Scan Tool Boot Mode: Normal ============================================== Content of fixlist: ***************** FF SelectedSearchEngine: dosearches FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.dosearche...1&ts=1381671888 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.dosearche...1&ts=1381671888 ***************** Firefox SelectedSearchEngine deleted successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. ==== End of Fixlog ====
  5. Ah, here it is. It doesn't show if you use the simple reply option. Addition.txt
  6. I have FireFox and Internet Explorer, and both are affected. I can't seem to find the option for attaching a file (for Addition.txt). Could you tell me where it is? Here's FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013 Ran by A (administrator) on A-PC on 13-10-2013 21:47:50 Running from C:\Users\A\Downloads\Farbar Recovery Scan Tool Windows 7 Home Premium Service Pack 1 (X64) OS Language: Dutch Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (LAN Messenger) C:\Users\A\Desktop\lmc-1.2.35-win32\lmc.exe (Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (Microsoft Corporation) C:\Windows\system32\taskmgr.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.) HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation) HKCU\...\Run: [uTorrent] - C:\Users\A\AppData\Roaming\uTorrent\uTorrent.exe [1130576 2013-08-12] (BitTorrent Inc.) HKCU\...\Run: [LAN Messenger] - C:\Users\A\Desktop\lmc-1.2.35-win32\lmc.exe [1721344 2012-07-24] (LAN Messenger) HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=sc&from=smt&uid=WDCXWD5000BEVT-22A0RT0_WD-WX81A31L9791L9791&ts=1381671888 SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default FF SelectedSearchEngine: dosearches FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\searchplugins\dictionarycom.xml FF SearchPlugin: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\searchplugins\imdb.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bolcom-nl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\marktplaats-nl.xml FF Extension: United States English Spellchecker - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\Extensions\en-US@dictionaries.addons.mozilla.org FF Extension: WOT - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF Extension: DownloadHelper - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: adblockpopups - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\Extensions\adblockpopups@jessehakanen.net.xpi FF Extension: TFToolbarX - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\Extensions\TFToolbarX@torrent-finder.xpi FF Extension: No Name - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\Extensions\{76C80A11-FAD4-406c-8246-F5ED4F9367B5}.xpi FF Extension: No Name - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: No Name - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=sc&from=smt&uid=WDCXWD5000BEVT-22A0RT0_WD-WX81A31L9791L9791&ts=1381671888 ==================== Services (Whitelisted) ================= S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) S4 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [867712 2011-01-05] (Acer Incorporated) S4 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated) S4 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated) S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation) S4 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-29] (NewTech Infosystems, Inc.) ==================== Drivers (Whitelisted) ==================== R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-13] (Disc Soft Ltd) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-08-12] (Duplex Secure Ltd.) U3 aa8vwgys; C:\Windows\System32\Drivers\aa8vwgys.sys [0 ] (Advanced Micro Devices) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [x] S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-13 21:15 - 2013-10-13 21:47 - 00000000 ____D C:\Users\A\Downloads\Farbar Recovery Scan Tool 2013-10-13 21:15 - 2013-10-13 21:15 - 00000000 ____D C:\FRST 2013-10-13 20:01 - 2013-10-13 20:05 - 00000000 ____D C:\AdwCleaner 2013-10-13 20:01 - 2013-10-13 20:01 - 01048960 _____ C:\Users\A\Desktop\AdwCleaner.exe 2013-10-13 19:26 - 2013-10-13 19:26 - 00002724 _____ C:\Users\A\Desktop\RKreport[0]_S_10132013_192606.txt 2013-10-13 19:19 - 2013-10-13 19:19 - 00009266 _____ C:\Users\A\Desktop\attach.txt 2013-10-13 19:19 - 2013-10-13 19:18 - 00019580 _____ C:\Users\A\Desktop\dds.txt 2013-10-13 19:15 - 2013-10-13 19:15 - 03985920 _____ C:\Users\A\Desktop\RogueKillerX64.exe 2013-10-13 19:15 - 2013-10-13 19:15 - 00688992 ____R (Swearware) C:\Users\A\Desktop\dds.scr 2013-10-13 19:04 - 2013-10-13 19:04 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2013-10-13 19:04 - 2013-10-13 19:04 - 00001922 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2013-10-13 19:04 - 2013-10-13 19:04 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2013-10-13 18:13 - 2013-10-13 18:51 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-13 18:07 - 2013-10-13 18:51 - 00000000 ____D C:\Users\A\Desktop\mbar 2013-10-13 18:07 - 2013-10-13 18:07 - 12576792 _____ (Malwarebytes Corp.) C:\Users\A\Downloads\mbar-1.07.0.1007.exe 2013-10-13 18:07 - 2013-10-13 18:07 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-10-13 17:06 - 2013-10-13 17:10 - 00000000 ____D C:\Users\A\Desktop\RK_Quarantine 2013-10-13 16:43 - 2013-10-13 16:43 - 00000000 ____D C:\Users\A\AppData\Roaming\Malwarebytes 2013-10-13 16:42 - 2013-10-13 16:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\A\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-13 16:42 - 2013-10-13 16:42 - 00001081 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-13 16:42 - 2013-10-13 16:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-13 16:42 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-13 16:01 - 2013-10-13 16:01 - 00000000 _____ C:\autoexec.bat 2013-10-13 16:00 - 2013-10-13 16:43 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-10-13 15:33 - 2013-10-13 20:18 - 00005514 _____ C:\Windows\PFRO.log 2013-10-13 15:15 - 2013-10-13 15:15 - 00000000 ____D C:\Users\A\AppData\Roaming\InstallShield 2013-10-13 15:15 - 2013-10-13 15:15 - 00000000 ____D C:\ProgramData\InstallShield 2013-10-13 15:06 - 2013-10-13 15:06 - 00000000 ____D C:\Users\A\AppData\Local\Apps\2.0 2013-10-13 10:05 - 2013-10-13 15:33 - 00045444 _____ C:\Windows\WindowsUpdate.log 2013-10-13 01:11 - 2013-10-13 15:24 - 00000000 ____D C:\Users\A\Downloads\Mage.Knight.Apocalypse.Proper-Razor1911 2013-10-13 01:00 - 2013-10-13 21:41 - 00000896 _____ C:\Windows\setupact.log 2013-10-13 01:00 - 2013-10-13 01:00 - 00000000 _____ C:\Windows\setuperr.log 2013-10-12 15:55 - 2013-10-12 15:55 - 00053348 _____ C:\Users\A\Desktop\cc_20131012_155553.reg 2013-10-11 14:47 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-11 14:47 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-11 14:47 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-11 14:47 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-11 14:47 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-11 14:47 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-10-11 14:47 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-11 09:26 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-11 09:26 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-11 09:26 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-11 09:26 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-11 09:26 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-11 09:26 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-11 09:26 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-10-11 09:26 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-10-11 09:26 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-10-11 09:26 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-10-11 09:26 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-10-11 09:26 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-10-11 09:26 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-10-11 09:26 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-11 09:26 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-11 09:26 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-10-11 09:26 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-11 09:26 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-11 09:26 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-11 09:26 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-11 09:26 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-11 09:26 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-11 09:26 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-11 09:26 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-10-11 09:26 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-10-11 09:26 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-11 09:26 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-10-11 09:26 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-11 09:26 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-10-11 09:26 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-11 09:26 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-10-11 00:44 - 2013-10-11 09:45 - 00000000 ____D C:\Users\A\Downloads\The Sandman 2013-10-10 23:07 - 2013-10-10 23:07 - 00000752 _____ C:\Users\Public\Desktop\Glare.lnk 2013-10-10 23:05 - 2013-10-10 23:58 - 00000000 ____D C:\Program Files (x86)\Glare 2013-10-10 08:33 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-10-10 08:33 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-10 08:33 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2013-10-10 08:33 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2013-10-10 08:33 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-10-10 08:33 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-10-10 08:33 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2013-10-10 08:33 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-10-10 08:33 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2013-10-10 08:33 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-10 08:33 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-10 08:33 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-10-10 08:33 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2013-10-10 08:33 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-10-10 08:33 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2013-10-10 08:33 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-10-10 08:33 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-10-10 08:33 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-10-10 08:33 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-10-10 08:33 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-10 08:33 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2013-10-10 08:33 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-10 08:33 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 08:33 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 08:33 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2013-10-10 08:33 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2013-10-10 08:33 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys 2013-10-10 08:33 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2013-10-10 08:33 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-10 08:33 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2013-10-10 08:33 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2013-10-10 08:33 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2013-10-10 08:33 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2013-10-10 08:33 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2013-10-10 08:33 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-10-10 08:33 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-10 08:33 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-10 08:33 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2013-10-10 08:33 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-10-10 08:33 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2013-10-10 08:33 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-10 08:33 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2013-10-10 08:33 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2013-10-10 08:33 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2013-10-10 08:33 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-10 08:33 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-10-10 08:33 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2013-10-09 18:13 - 2013-10-11 20:23 - 00000000 ____D C:\Users\A\Downloads\Archer - Season 1 - 4 iTunes 2013-10-08 19:31 - 2013-10-13 20:09 - 00000000 ____D C:\Users\A\Downloads\Games 2013-10-08 12:19 - 2013-10-08 12:20 - 00000000 ____D C:\Users\A\Downloads\Cibrail 2011 2013-10-07 12:17 - 2013-10-07 12:17 - 00000000 ____D C:\Users\A\Downloads\2008 Beatific Vision (USA) 2013-10-06 18:14 - 2013-10-06 18:15 - 00000141 _____ C:\Users\A\Desktop\Boete.txt 2013-10-06 15:32 - 2013-10-06 16:14 - 00000000 ____D C:\Users\A\Downloads\Before.I.Forget.2007.DVDRip.XviD-WRD 2013-10-05 13:55 - 2013-10-05 13:55 - 00001910 _____ C:\Users\A\Desktop\Portal.lnk 2013-10-05 13:42 - 2013-10-05 13:42 - 00000000 ____D C:\Program Files (x86)\Valve 2013-10-03 20:01 - 2013-10-04 12:21 - 00000000 ____D C:\Users\A\Downloads\Beatific Vision 2013-10-03 17:27 - 2013-10-03 17:29 - 00000000 ____D C:\Users\A\Downloads\You Belong to Me 2013-10-03 16:47 - 2013-10-04 18:59 - 00000336 _____ C:\Users\A\Desktop\No seeds.txt 2013-10-03 12:20 - 2013-10-03 12:20 - 00000000 ____D C:\Users\A\AppData\Roaming\SNS 2013-10-02 17:35 - 2013-10-03 12:22 - 00000000 ____D C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antichamber 2013-10-01 11:49 - 2013-10-01 11:49 - 00000000 ____D C:\Users\A\AppData\Local\Ubisoft Game Launcher 2013-09-24 14:04 - 2013-09-24 14:04 - 00000000 ____D C:\Users\A\Downloads\2006 Contadora Is For Lovers (USA-PAN) 2013-09-23 19:47 - 2002-05-21 08:37 - 00131072 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\eax.dll 2013-09-23 09:22 - 2013-09-23 21:23 - 00000000 ____D C:\Users\A\Documents\Dolphin Emulator 2013-09-23 09:17 - 2013-09-23 09:18 - 00000000 ____D C:\Program Files\Dolphin 4.0 2013-09-23 00:34 - 2013-09-23 00:35 - 00000000 ____D C:\Users\A\AppData\Local\Windows Live Writer 2013-09-23 00:34 - 2013-09-23 00:34 - 00000000 ____D C:\Users\A\AppData\Roaming\Windows Live Writer 2013-09-21 20:39 - 2013-09-21 20:39 - 00000000 ____D C:\Users\A\Downloads\2007 Skull & Bones (USA) 2013-09-21 19:30 - 2013-09-22 00:15 - 00000000 ____D C:\Users\A\AppData\Roaming\runic games 2013-09-20 16:05 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2013-09-19 08:49 - 2013-09-19 13:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-15 22:40 - 2013-09-15 22:40 - 00000000 ____D C:\Program Files (x86)\Solveig Multimedia 2013-09-14 02:04 - 2013-09-16 14:09 - 00000000 ____D C:\Program Files (x86)\Video Web Camera 2013-09-14 01:46 - 2013-09-14 01:46 - 00000000 ____D C:\Users\A\AppData\Local\CyberLink 2013-09-14 01:41 - 2013-09-14 01:41 - 00000032 _____ C:\ProgramData\Temp.log 2013-09-13 00:58 - 2013-09-13 01:01 - 00000120 _____ C:\Windows\wininit.ini ==================== One Month Modified Files and Folders ======= 2013-10-13 21:47 - 2013-10-13 21:15 - 00000000 ____D C:\Users\A\Downloads\Farbar Recovery Scan Tool 2013-10-13 21:45 - 2013-08-11 22:15 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-13 21:43 - 2013-08-12 04:06 - 00000000 ____D C:\Users\A\AppData\Roaming\uTorrent 2013-10-13 21:41 - 2013-10-13 01:00 - 00000896 _____ C:\Windows\setupact.log 2013-10-13 21:41 - 2009-07-14 07:08 - 00032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-10-13 21:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-13 21:15 - 2013-10-13 21:15 - 00000000 ____D C:\FRST 2013-10-13 21:08 - 2013-08-12 18:43 - 00000000 ____D C:\Users\A\AppData\Local\CrashDumps 2013-10-13 20:26 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-13 20:26 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-13 20:18 - 2013-10-13 15:33 - 00005514 _____ C:\Windows\PFRO.log 2013-10-13 20:09 - 2013-10-08 19:31 - 00000000 ____D C:\Users\A\Downloads\Games 2013-10-13 20:09 - 2013-08-11 23:13 - 00000000 ____D C:\Users\A\Downloads\JDownloader 2013-10-13 20:05 - 2013-10-13 20:01 - 00000000 ____D C:\AdwCleaner 2013-10-13 20:01 - 2013-10-13 20:01 - 01048960 _____ C:\Users\A\Desktop\AdwCleaner.exe 2013-10-13 20:00 - 2013-08-11 22:45 - 00000000 ____D C:\Users\A\AppData\Roaming\vlc 2013-10-13 19:26 - 2013-10-13 19:26 - 00002724 _____ C:\Users\A\Desktop\RKreport[0]_S_10132013_192606.txt 2013-10-13 19:19 - 2013-10-13 19:19 - 00009266 _____ C:\Users\A\Desktop\attach.txt 2013-10-13 19:18 - 2013-10-13 19:19 - 00019580 _____ C:\Users\A\Desktop\dds.txt 2013-10-13 19:15 - 2013-10-13 19:15 - 03985920 _____ C:\Users\A\Desktop\RogueKillerX64.exe 2013-10-13 19:15 - 2013-10-13 19:15 - 00688992 ____R (Swearware) C:\Users\A\Desktop\dds.scr 2013-10-13 19:15 - 2013-08-11 18:07 - 00000000 ____D C:\Users\A 2013-10-13 19:07 - 2013-08-12 01:07 - 00699554 _____ C:\Windows\system32\perfh013.dat 2013-10-13 19:07 - 2013-08-12 01:07 - 00132570 _____ C:\Windows\system32\perfc013.dat 2013-10-13 19:07 - 2009-07-14 07:13 - 01543080 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-13 19:04 - 2013-10-13 19:04 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2013-10-13 19:04 - 2013-10-13 19:04 - 00001922 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2013-10-13 19:04 - 2013-10-13 19:04 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2013-10-13 18:51 - 2013-10-13 18:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-13 18:51 - 2013-10-13 18:07 - 00000000 ____D C:\Users\A\Desktop\mbar 2013-10-13 18:07 - 2013-10-13 18:07 - 12576792 _____ (Malwarebytes Corp.) C:\Users\A\Downloads\mbar-1.07.0.1007.exe 2013-10-13 18:07 - 2013-10-13 18:07 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-10-13 17:10 - 2013-10-13 17:06 - 00000000 ____D C:\Users\A\Desktop\RK_Quarantine 2013-10-13 16:47 - 2013-08-11 23:00 - 00000000 ____D C:\Users\A\Desktop\Games 2013-10-13 16:43 - 2013-10-13 16:43 - 00000000 ____D C:\Users\A\AppData\Roaming\Malwarebytes 2013-10-13 16:43 - 2013-10-13 16:00 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-10-13 16:42 - 2013-10-13 16:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\A\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-13 16:42 - 2013-10-13 16:42 - 00001081 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-13 16:42 - 2013-10-13 16:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-13 16:01 - 2013-10-13 16:01 - 00000000 _____ C:\autoexec.bat 2013-10-13 15:44 - 2013-08-11 18:07 - 00001741 _____ C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-10-13 15:33 - 2013-10-13 10:05 - 00045444 _____ C:\Windows\WindowsUpdate.log 2013-10-13 15:24 - 2013-10-13 01:11 - 00000000 ____D C:\Users\A\Downloads\Mage.Knight.Apocalypse.Proper-Razor1911 2013-10-13 15:16 - 2011-04-14 15:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-13 15:15 - 2013-10-13 15:15 - 00000000 ____D C:\Users\A\AppData\Roaming\InstallShield 2013-10-13 15:15 - 2013-10-13 15:15 - 00000000 ____D C:\ProgramData\InstallShield 2013-10-13 15:06 - 2013-10-13 15:06 - 00000000 ____D C:\Users\A\AppData\Local\Apps\2.0 2013-10-13 14:45 - 2013-08-12 01:28 - 00000000 ____D C:\Users\A\AppData\Roaming\DAEMON Tools Lite 2013-10-13 10:36 - 2013-08-11 22:56 - 00000805 _____ C:\Users\A\Desktop\Download.txt 2013-10-13 01:35 - 2013-08-30 11:49 - 00000000 ____D C:\Program Files (x86)\JDownloader v2.0 2013-10-13 01:00 - 2013-10-13 01:00 - 00000000 _____ C:\Windows\setuperr.log 2013-10-12 15:55 - 2013-10-12 15:55 - 00053348 _____ C:\Users\A\Desktop\cc_20131012_155553.reg 2013-10-12 15:55 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther 2013-10-12 15:24 - 2013-08-22 20:42 - 00000000 ____D C:\GOG games 2013-10-11 20:23 - 2013-10-09 18:13 - 00000000 ____D C:\Users\A\Downloads\Archer - Season 1 - 4 iTunes 2013-10-11 14:48 - 2013-08-11 23:58 - 00001912 _____ C:\Windows\epplauncher.mif 2013-10-11 14:48 - 2013-08-11 23:55 - 00000000 ____D C:\Program Files\Microsoft Security Client 2013-10-11 14:48 - 2013-08-11 23:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2013-10-11 14:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-10-11 13:53 - 2009-07-14 06:45 - 00420448 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-11 13:52 - 2013-08-12 00:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-11 13:52 - 2013-08-12 00:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-11 09:45 - 2013-10-11 00:44 - 00000000 ____D C:\Users\A\Downloads\The Sandman 2013-10-11 09:29 - 2013-08-14 22:47 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-10-11 01:15 - 2013-08-11 20:19 - 00000000 ____D C:\Windows\system32\MRT 2013-10-11 01:15 - 2013-08-11 19:20 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-10-10 23:58 - 2013-10-10 23:05 - 00000000 ____D C:\Program Files (x86)\Glare 2013-10-10 23:07 - 2013-10-10 23:07 - 00000752 _____ C:\Users\Public\Desktop\Glare.lnk 2013-10-10 17:14 - 2013-08-13 20:34 - 00000000 ____D C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-10-10 14:24 - 2013-08-12 01:42 - 00000000 ____D C:\Users\A\Downloads\TV 2013-10-09 08:45 - 2013-08-11 22:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-09 08:45 - 2013-08-11 22:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-09 08:45 - 2013-08-11 22:15 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-10-08 20:39 - 2013-08-22 21:41 - 00000000 ____D C:\Users\A\Downloads\I Want Your Love 2013-10-08 15:36 - 2013-08-12 00:54 - 00000000 ____D C:\Program Files (x86)\SpeedFan 2013-10-08 12:20 - 2013-10-08 12:19 - 00000000 ____D C:\Users\A\Downloads\Cibrail 2011 2013-10-07 12:17 - 2013-10-07 12:17 - 00000000 ____D C:\Users\A\Downloads\2008 Beatific Vision (USA) 2013-10-06 18:15 - 2013-10-06 18:14 - 00000141 _____ C:\Users\A\Desktop\Boete.txt 2013-10-06 16:14 - 2013-10-06 15:32 - 00000000 ____D C:\Users\A\Downloads\Before.I.Forget.2007.DVDRip.XviD-WRD 2013-10-06 01:46 - 2013-08-11 22:40 - 00000000 ____D C:\Users\A\Documents\Werk 2013-10-05 13:55 - 2013-10-05 13:55 - 00001910 _____ C:\Users\A\Desktop\Portal.lnk 2013-10-05 13:42 - 2013-10-05 13:42 - 00000000 ____D C:\Program Files (x86)\Valve 2013-10-05 01:31 - 2013-08-12 03:33 - 00000000 ____D C:\Users\A\AppData\Roaming\avidemux 2013-10-04 18:59 - 2013-10-03 16:47 - 00000336 _____ C:\Users\A\Desktop\No seeds.txt 2013-10-04 14:54 - 2013-08-22 17:20 - 00000000 ____D C:\Users\A\Downloads\1. New G 2013-10-04 12:21 - 2013-10-03 20:01 - 00000000 ____D C:\Users\A\Downloads\Beatific Vision 2013-10-03 20:38 - 2013-08-25 18:45 - 00000000 ____D C:\Users\A\AppData\Local\SKIDROW 2013-10-03 17:29 - 2013-10-03 17:27 - 00000000 ____D C:\Users\A\Downloads\You Belong to Me 2013-10-03 12:22 - 2013-10-02 17:35 - 00000000 ____D C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antichamber 2013-10-03 12:20 - 2013-10-03 12:20 - 00000000 ____D C:\Users\A\AppData\Roaming\SNS 2013-10-01 13:15 - 2013-08-16 01:12 - 00000000 ____D C:\Users\A\Documents\Received Files 2013-10-01 11:49 - 2013-10-01 11:49 - 00000000 ____D C:\Users\A\AppData\Local\Ubisoft Game Launcher 2013-10-01 11:49 - 2013-08-31 12:51 - 00000000 ____D C:\ProgramData\Orbit 2013-09-30 15:59 - 2013-08-26 23:16 - 00000000 ____D C:\Users\A\.gimp-2.8 2013-09-24 14:04 - 2013-09-24 14:04 - 00000000 ____D C:\Users\A\Downloads\2006 Contadora Is For Lovers (USA-PAN) 2013-09-23 21:23 - 2013-09-23 09:22 - 00000000 ____D C:\Users\A\Documents\Dolphin Emulator 2013-09-23 09:18 - 2013-09-23 09:17 - 00000000 ____D C:\Program Files\Dolphin 4.0 2013-09-23 01:28 - 2013-10-11 09:26 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-23 01:28 - 2013-10-11 09:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-23 01:27 - 2013-10-11 09:26 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-23 01:27 - 2013-10-11 09:26 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-23 01:27 - 2013-10-11 09:26 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-23 01:27 - 2013-10-11 09:26 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-23 01:27 - 2013-10-11 09:26 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-23 01:27 - 2013-10-11 09:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-23 01:27 - 2013-10-11 09:26 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-23 01:27 - 2013-10-11 09:26 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-23 01:27 - 2013-10-11 09:26 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-23 01:27 - 2013-10-11 09:26 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-23 01:27 - 2013-10-11 09:26 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-23 00:55 - 2013-10-11 09:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-23 00:55 - 2013-10-11 09:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-23 00:55 - 2013-10-11 09:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-23 00:54 - 2013-10-11 09:26 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-23 00:54 - 2013-10-11 09:26 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-23 00:54 - 2013-10-11 09:26 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-23 00:54 - 2013-10-11 09:26 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-23 00:54 - 2013-10-11 09:26 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-23 00:54 - 2013-10-11 09:26 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-23 00:54 - 2013-10-11 09:26 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-23 00:54 - 2013-10-11 09:26 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-23 00:54 - 2013-10-11 09:26 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-23 00:54 - 2013-10-11 09:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-23 00:54 - 2013-10-11 09:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-23 00:35 - 2013-09-23 00:34 - 00000000 ____D C:\Users\A\AppData\Local\Windows Live Writer 2013-09-23 00:35 - 2013-08-11 18:07 - 00000000 ____D C:\Users\A\AppData\Local\Windows Live 2013-09-23 00:34 - 2013-09-23 00:34 - 00000000 ____D C:\Users\A\AppData\Roaming\Windows Live Writer 2013-09-22 00:15 - 2013-09-21 19:30 - 00000000 ____D C:\Users\A\AppData\Roaming\runic games 2013-09-21 20:39 - 2013-09-21 20:39 - 00000000 ____D C:\Users\A\Downloads\2007 Skull & Bones (USA) 2013-09-21 05:38 - 2013-10-11 09:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-21 05:30 - 2013-10-11 09:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-21 04:48 - 2013-10-11 09:26 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-21 04:39 - 2013-10-11 09:26 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-20 08:21 - 2013-08-11 21:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-19 13:00 - 2013-09-19 08:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-19 13:00 - 2013-08-11 21:50 - 00000000 ____D C:\Users\A\AppData\Local\Mozilla 2013-09-16 14:09 - 2013-09-14 02:04 - 00000000 ____D C:\Program Files (x86)\Video Web Camera 2013-09-15 22:40 - 2013-09-15 22:40 - 00000000 ____D C:\Program Files (x86)\Solveig Multimedia 2013-09-14 03:10 - 2013-10-10 08:33 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-09-14 01:51 - 2013-08-11 18:07 - 00000000 ___RD C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-14 01:50 - 2011-04-14 15:54 - 00000000 ____D C:\Program Files\Packard Bell 2013-09-14 01:46 - 2013-09-14 01:46 - 00000000 ____D C:\Users\A\AppData\Local\CyberLink 2013-09-14 01:41 - 2013-09-14 01:41 - 00000032 _____ C:\ProgramData\Temp.log 2013-09-14 01:38 - 2013-08-14 23:01 - 00000000 ____D C:\Users\A\Documents\Youcam 2013-09-13 12:46 - 2013-08-25 13:56 - 00000396 _____ C:\Windows\SIERRA.INI 2013-09-13 01:01 - 2013-09-13 00:58 - 00000120 _____ C:\Windows\wininit.ini Some content of TEMP: ==================== C:\Users\A\AppData\Local\Temp\ntdll_dump.dll C:\Users\A\AppData\Local\Temp\Quarantine.exe C:\Users\A\AppData\Local\Temp\SHSetup.exe C:\Users\A\AppData\Local\Temp\_is83B0.exe C:\Users\A\AppData\Local\Temp\_is8C28.exe C:\Users\A\AppData\Local\Temp\_is9C20.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-11 14:22 ==================== End Of Log ============================
  7. Unfortunately, the problem still remains unchanged. Here's the Adwcleaner log: # AdwCleaner v3.007 - Report created 13/10/2013 at 20:05:34 # Updated 09/10/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : A - A-PC # Running from : C:\Users\A\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16720 -\\ Mozilla Firefox v24.0 (nl) [ File : C:\Users\A\AppDAtA\RoAming\MozillA\Firefox\Profiles\0a6ubgx9.default\prefs.js ] ************************* AdwCleaner[R1].txt - [812 octets] - [13/10/2013 20:01:48] AdwCleaner[R2].txt - [871 octets] - [13/10/2013 20:04:19] AdwCleaner[s1].txt - [795 octets] - [13/10/2013 20:05:34] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [854 octets] ########## And here's the Malwarebytes log: Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.10.13.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16721 A :: A-PC [administrator] Protection: Disabled 13-10-2013 20:09:07 MBAM-log-2013-10-13 (20-17-05).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 206470 Time elapsed: 7 minute(s), 32 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 4 C:\Users\A\AppData\Local\Temp\bitool.dll (PUP.Optional.Somoto) -> No action taken. C:\Users\A\AppData\Local\Temp\nsw2168.tmp (PUP.Optional.Somoto.A) -> No action taken. C:\Users\A\Local Settings\Temporary Internet Files\Content.IE5\FLY77SIC\BiTool[1].dll (PUP.Optional.Somoto) -> No action taken. C:\Users\A\Local Settings\Temporary Internet Files\Content.IE5\KRHSDVOS\bi_downloader[1].exe (PUP.Optional.Somoto.A) -> No action taken. (end)
  8. Here is dds.txt: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.25.2 Run by A at 19:17:30 on 2013-10-13 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6139.4289 [GMT 2:00] . AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Users\A\Desktop\lmc-1.2.35-win32\lmc.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskmgr.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [uTorrent] "C:\Users\A\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED uRun: [LAN Messenger] C:\Users\A\Desktop\lmc-1.2.35-win32\lmc.exe uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{2AAEDA3E-4E60-4670-A15B-6BB70D7DABF5} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\ FF - prefs.js: browser.search.selectedEngine - dosearches FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-10-13 283064] R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472] R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-4-14 321104] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 139616] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-4-14 135560] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-5-15 384040] R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-13 25928] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-11 19456] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-4-14 246376] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-11 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-8-11 30208] S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-8-11 1255736] S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-29 241152] S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-3-28 361984] S4 ePowerSvc;Acer ePower Service;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2013-8-11 867712] S4 GREGService;GREGService;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-1-8 23584] S4 Live Updater Service;Live Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2013-9-14 255376] S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-13 418376] S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-13 701512] S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080] S4 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-6-29 255744] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2013-10-13 17:04:42 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2013-10-13 17:04:31 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite 2013-10-13 16:13:01 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-13 16:12:58 116440 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2013-10-13 16:07:56 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2013-10-13 14:43:10 -------- d-----w- C:\Users\A\AppData\Roaming\Malwarebytes 2013-10-13 14:42:41 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-10-13 14:42:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-13 14:00:43 -------- d-----w- C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-10-13 14:00:40 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2013-10-13 13:20:24 9694160 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0560774C-1D04-4531-B7BB-15052DE45746}\mpengine.dll 2013-10-13 13:06:55 -------- d-----w- C:\Users\A\AppData\Local\Apps 2013-10-11 12:47:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-10-11 12:47:49 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-10-11 12:47:49 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-10-11 12:47:49 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-10-11 12:47:48 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-10-11 12:47:48 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-10-11 12:47:48 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-10-11 12:04:17 9694160 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-10-10 21:05:12 -------- d-----w- C:\Program Files (x86)\Glare 2013-10-08 10:16:55 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll 2013-10-08 10:16:55 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll 2013-10-08 10:16:55 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll 2013-10-08 10:16:54 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll 2013-10-05 11:42:36 -------- d-----w- C:\Program Files (x86)\Valve 2013-10-03 10:20:35 -------- d-----w- C:\Users\A\AppData\Roaming\SNS 2013-10-01 09:49:52 -------- d-----w- C:\Users\A\AppData\Local\Ubisoft Game Launcher 2013-09-23 17:47:59 131072 ----a-w- C:\Windows\SysWow64\eax.dll 2013-09-23 07:17:56 -------- d-----w- C:\Program Files\Dolphin 4.0 2013-09-22 22:34:51 -------- d-----w- C:\Users\A\AppData\Roaming\Windows Live Writer 2013-09-22 22:34:51 -------- d-----w- C:\Users\A\AppData\Local\Windows Live Writer 2013-09-21 17:30:35 -------- d-----w- C:\Users\A\AppData\Roaming\runic games 2013-09-20 14:05:25 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll 2013-09-15 20:40:31 -------- d-----w- C:\Program Files (x86)\Solveig Multimedia 2013-09-15 20:40:31 -------- d-----w- C:\Program Files (x86)\Common Files\Solveig Multimedia 2013-09-14 00:04:02 -------- d-----w- C:\Program Files (x86)\Video Web Camera 2013-09-13 23:46:14 -------- d-----w- C:\Users\A\AppData\Local\CyberLink . ==================== Find3M ==================== . 2013-10-09 06:45:49 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-09 06:45:49 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll 2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll 2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll 2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll 2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll 2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll 2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll 2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll 2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll 2013-08-25 13:23:53 21840 ----atw- C:\Windows\SysWow64\SIntfNT.dll 2013-08-25 13:23:53 17212 ----atw- C:\Windows\SysWow64\SIntf32.dll 2013-08-25 13:23:53 12067 ----atw- C:\Windows\SysWow64\SIntf16.dll 2013-08-24 13:12:12 0 ----a-w- C:\Windows\ativpsrm.bin 2013-08-13 21:57:05 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2013-08-13 21:57:05 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2013-08-13 21:57:04 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2013-08-13 21:57:04 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll 2013-08-11 23:28:26 564824 ----a-w- C:\Windows\System32\drivers\sptd.sys 2013-08-11 23:06:20 2560 ----a-w- C:\Windows\SysWow64\drivers\nl-NL\qwavedrv.sys.mui 2013-08-11 23:06:09 5632 ----a-w- C:\Windows\SysWow64\drivers\nl-NL\ndiscap.sys.mui 2013-08-11 23:06:04 50688 ----a-w- C:\Windows\SysWow64\drivers\nl-NL\tcpip.sys.mui 2013-08-11 23:06:01 26624 ----a-w- C:\Windows\SysWow64\drivers\nl-NL\bfe.dll.mui 2013-08-11 23:06:01 16896 ----a-w- C:\Windows\SysWow64\drivers\nl-NL\pacer.sys.mui 2013-08-11 23:05:52 2560 ----a-w- C:\Windows\SysWow64\drivers\nl-NL\scfilter.sys.mui 2013-08-11 20:43:35 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-08-11 20:43:33 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-08-11 20:43:33 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-08-11 17:49:27 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-08-07 02:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys 2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe 2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe 2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2013-08-01 12:09:36 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-07-20 10:33:12 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll 2013-07-20 10:33:08 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll . ============= FINISH: 19:18:23,68 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 11-8-2013 18:07:34 System Uptime: 13-10-2013 18:58:06 (1 hours ago) . Motherboard: Packard Bell | | SJV52_DN Processor: AMD Phenom II N970 Quad-Core Processor | Socket S1G4 | 2200/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 448 GiB total, 46,535 GiB free. D: is CDROM () E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . ???? ??? Windows Live ???? Windows Live ????? Windows Live ?????? ??????? ?? Windows Live ???????? ?????????? Windows Live ?????????? Windows Live ??????????? ?? Windows Live 7-Zip 9.20 (x64 edition) Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.04) AMD Accelerated Video Transcoding AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD VISION Engine Control Center Anachronox µTorrent Avidemux 2.5 Backup Manager Basic Broadcom Gigabit NetLink Controller Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner D3DX10 DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dolphin 4.0 Driver Sweeper versie 3.2.0 ETDWare PS/2-x64 7.0.6.5_WHQL Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galeria fotografii uslugi Windows Live Galeria fotogràfica del Windows Live Galerie de photos Windows Live Galerie foto Windows Live Galería fotográfica de Windows Live GIMP 2.8.0 Glare Identity Card Java 7 Update 25 Java Auto Updater JDownloader 2 Junk Mail filter update Launch Manager Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft Application Error Reporting Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_CRT_x86 Mozilla Firefox 24.0 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Express 10 Nero Express 10 Help (CHM) Nero Multimedia Suite 10 Essentials Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update OpenAL Packard Bell MyBackup Packard Bell Power Management Packard Bell Recovery Management Packard Bell Registration Packard Bell ScreenSaver Packard Bell Social Networks Packard Bell Updater Papers, Please Planescape Torment Poczta uslugi Windows Live Podstawowe programy Windows Live Pošta Windows Live Raccolta foto di Windows Live Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader resident evil 4 S?????? f?t???af??? t?? Windows Live Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SolveigMM AVI Trimmer SpeedFan (remove only) SPEEDLINK Strike 2 Gamepad Spelunky Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Thief GOLD Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition Video Web Camera VLC media player 2.0.8 Welcome Center Windows Live Windows Live ??? Windows Live ???? Windows Live Argazki Galeria Windows Live Communications Platform Windows Live Essentials Windows Live Fotótár Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotogaléria Windows Live Fotograf Galerisi Windows Live Galeria de Fotos Windows Live Galerija fotografija Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Parçalar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennustyökalu Windows Liven sähköposti Windows Liven valokuvavalikoima . ==== End Of File =========================== RogueKiller: RogueKiller V8.7.2 _x64_ [Oct 3 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ besturingssysteem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Gestart vanuit : Normale modus Gebruiker : A [Administrator rechten] Modus : Scan -- Datum : 10/13/2013 19:26:06 | ARK || FAK || MBR | ¤¤¤ Kwaadaardige processen : 0 ¤¤¤ ¤¤¤ Register verwijzingen : 13 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : LAN Messenger (C:\Users\A\Desktop\lmc-1.2.35-win32\lmc.exe [-]) -> gevonden [RUN][sUSP PATH] HKUS\S-1-5-21-4274040924-4012289211-355380576-1000\[...]\Run : LAN Messenger (C:\Users\A\Desktop\lmc-1.2.35-win32\lmc.exe [-]) -> gevonden [sHELL][sUSP PATH] HKLM\[...]\Wow6432Node\[...]\Windows : load (C:\Users\A\AppData\Roaming\Microsoft\Windows\taskmgr.exe [x]) -> gevonden [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> gevonden [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> gevonden [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> gevonden [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> gevonden [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> gevonden [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> gevonden [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> gevonden [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> gevonden [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> gevonden [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden ¤¤¤ geplande taken : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ webbrowsers : 0 ¤¤¤ ¤¤¤ Speciale Files / Folders: ¤¤¤ ¤¤¤ Driver : [Niet geladen 0x0] ¤¤¤ ¤¤¤ Externe Hives: ¤¤¤ ¤¤¤ Infectie : ¤¤¤ ¤¤¤ HOSTS Bestand: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Controle: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standaardschijfstations) - WDC WD5000BEVT-22A0RT0 ATA Device +++++ --- User --- [MBR] c6c0bb79f9bd6874fcda83f24441b42c [bSP] e9f2f4e0b3163b0e42be5db825e35c50 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 18432 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 37750784 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 37955584 | Size: 458406 Mo User = LL1 ... OK! User = LL2 ... OK! Gereed : << RKreport[0]_S_10132013_192606.txt >>
  9. Earlier today I installed the latest version of Daemon Tools Lite (virtual driver software), a programme I have been using for years. During the installation, it asked me to install third-party software, to which I declined. But despite that, I found it had still installed some. I uninstalled all of it, but one problem still remained. My browser (both FireFox and Internet Explorer kept redirecting me to a website called www.dosearches.com). At first it was set as the homepage. After I had changed it, it still redirected me to it whenever I started the browser. When opening a new tab, it would automatically go there as well. I have tried a few malware removal tools, some of which did detect the source and removed it, only to find nothing had changed. Any help would be greatly appreciated.
  10. Sorry for the double post, but it's been a while. Was that the last step? If so, thanks a lot for your help.
  11. I'll keep them. I've been using them for years without any problems. adwCleaner: SecurityCheck: It says Windows Security Center is not running, which is indeed inaccurate.
  12. ComboFix 13-09-04.04 - A 05-09-2013 10:00:20.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6139.4932 [GMT 2:00] Gestart vanuit: c:\users\A\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\A\AppData\Roaming\Microsoft\Windows\taskmgr.exe c:\users\A\AppData\Roaming\Mining\coin-miner.exe c:\windows\wininit.ini . . (((((((((((((((((((( Bestanden Gemaakt van 2013-08-05 to 2013-09-05 )))))))))))))))))))))))))))))) . . 2013-09-05 08:06 . 2013-09-05 08:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-09-05 06:08 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CB4129DB-86BF-4C9F-93F3-EFF0CFADF04A}\mpengine.dll 2013-09-05 06:06 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-09-04 22:03 . 2013-09-04 22:28 -------- d-----w- C:\Outlast 2013-09-03 20:10 . 2013-09-03 20:12 -------- d-----w- c:\program files (x86)\Brothers - A Tale of Two Sons 2013-09-02 08:53 . 2013-09-02 08:53 -------- d-----w- c:\program files (x86)\GOG.com 2013-08-31 10:54 . 2013-09-03 20:14 -------- d--h--w- c:\windows\msdownld.tmp 2013-08-31 10:51 . 2013-08-31 10:51 -------- d-----w- c:\programdata\Orbit 2013-08-31 08:52 . 2013-08-19 22:46 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4645214E-B603-4E0C-A8C6-ACFF32325B9C}\mpengine.dll 2013-08-31 07:50 . 2013-08-31 07:50 -------- d-----w- c:\windows\ERUNT 2013-08-30 09:49 . 2013-09-04 21:38 -------- d-----w- c:\program files (x86)\JDownloader v2.0 2013-08-30 09:36 . 2013-08-30 09:36 -------- d-----w- c:\windows\Sun 2013-08-29 02:30 . 2013-08-29 02:30 -------- d--h--w- c:\windows\PIF 2013-08-27 07:45 . 2013-08-27 07:45 -------- d-----w- c:\program files (x86)\Internet Download Manager 2013-08-26 21:15 . 2013-08-26 21:16 -------- d-----w- c:\program files\GIMP 2 2013-08-26 15:55 . 2013-08-26 16:03 -------- d-----w- C:\Diablo 2013-08-26 15:55 . 2013-08-26 15:55 86528 ----a-w- c:\windows\bnetunin.exe 2013-08-26 15:55 . 2013-08-26 15:55 61440 ----a-w- c:\windows\diabunin.exe 2013-08-25 21:43 . 2013-08-31 22:51 -------- d-----w- c:\program files (x86)\CAPCOM 2013-08-25 21:43 . 2005-04-03 21:00 63488 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe 2013-08-25 21:42 . 2005-04-03 21:02 753664 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll 2013-08-25 21:42 . 2005-04-03 21:02 69714 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll 2013-08-25 21:42 . 2005-04-03 21:01 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll 2013-08-25 21:42 . 2005-04-03 21:00 184320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll 2013-08-25 21:42 . 2005-04-03 20:59 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe 2013-08-25 21:42 . 2013-08-25 21:42 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll 2013-08-25 21:42 . 2013-08-25 21:42 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll 2013-08-25 13:43 . 2013-08-25 13:43 -------- d-----w- c:\windows\_ISTMP1.DIR 2013-08-25 13:20 . 2013-08-25 13:23 21840 ----atw- c:\windows\SysWow64\SIntfNT.dll 2013-08-25 13:20 . 2013-08-25 13:23 17212 ----atw- c:\windows\SysWow64\SIntf32.dll 2013-08-25 13:20 . 2013-08-25 13:23 12067 ----atw- c:\windows\SysWow64\SIntf16.dll 2013-08-25 11:57 . 2013-08-25 11:57 -------- d-----w- c:\windows\solcache 2013-08-25 08:52 . 2000-01-04 04:39 212992 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll 2013-08-24 13:20 . 2013-08-24 13:20 -------- d-----w- c:\programdata\ATI 2013-08-24 13:12 . 2013-08-24 13:12 0 ----a-w- c:\windows\ativpsrm.bin 2013-08-24 13:10 . 2013-08-24 13:10 -------- d-----w- c:\program files (x86)\AMD AVT 2013-08-24 13:09 . 2013-08-24 13:09 -------- d-----w- c:\program files\Common Files\ATI Technologies 2013-08-24 13:09 . 2013-08-24 13:09 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies 2013-08-24 13:08 . 2013-08-24 13:10 -------- d-----w- c:\programdata\AMD 2013-08-24 13:07 . 2013-08-24 13:07 -------- d-----w- c:\program files (x86)\ATI Technologies 2013-08-24 13:07 . 2013-08-24 13:07 -------- d-----w- c:\program files\ATI 2013-08-24 13:07 . 2013-08-24 13:09 -------- d-----w- c:\program files\ATI Technologies 2013-08-24 12:50 . 2013-08-24 12:50 -------- d-----w- c:\program files (x86)\Phyxion.net 2013-08-22 21:42 . 2013-08-22 21:41 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AF055D44-AF50-4B61-9CF0-88C077D411AD}\gapaengine.dll 2013-08-22 18:42 . 2013-09-04 23:06 -------- d-----w- C:\GOG games 2013-08-21 17:24 . 2013-08-21 18:38 -------- d-----w- c:\programdata\Package Cache 2013-08-14 21:08 . 2013-07-26 05:13 2241024 ----a-w- c:\windows\system32\wininet.dll 2013-08-14 21:08 . 2013-07-26 05:12 15405056 ----a-w- c:\windows\system32\ieframe.dll 2013-08-14 21:08 . 2013-07-26 05:12 19239424 ----a-w- c:\windows\system32\mshtml.dll 2013-08-14 21:01 . 2013-08-14 21:01 -------- d-----w- c:\programdata\CyberLink 2013-08-14 20:51 . 2013-08-14 20:51 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services 2013-08-14 20:50 . 2013-08-14 20:50 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework 2013-08-14 20:48 . 2013-08-14 20:48 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8 2013-08-14 20:48 . 2013-08-14 20:48 -------- d-----w- c:\program files\Microsoft Office 2013-08-14 20:48 . 2013-08-14 20:48 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services 2013-08-14 20:47 . 2013-08-27 23:20 -------- d-----w- c:\programdata\Microsoft Help 2013-08-14 20:47 . 2013-08-14 20:47 -------- d-----r- C:\MSOCache 2013-08-14 11:08 . 2013-08-14 11:08 -------- d-----w- c:\programdata\Steam 2013-08-13 21:57 . 2013-08-13 21:57 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2013-08-13 21:57 . 2013-08-13 21:57 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2013-08-13 21:57 . 2013-08-13 21:57 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2013-08-13 21:57 . 2013-08-13 21:57 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2013-08-13 21:57 . 2013-08-13 21:57 -------- d-----w- c:\program files (x86)\OpenAL 2013-08-13 16:51 . 2013-08-13 16:55 -------- d-----w- c:\program files (x86)\NAMCO BANDAI Games 2013-08-13 16:50 . 2008-10-15 04:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll 2013-08-13 16:50 . 2008-10-15 04:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll 2013-08-13 16:50 . 2008-10-15 04:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll 2013-08-13 16:50 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll 2013-08-13 16:50 . 2008-10-15 04:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll 2013-08-13 09:47 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe 2013-08-13 00:50 . 2013-08-13 00:50 -------- d-----w- c:\windows\USB Vibration 2013-08-13 00:50 . 2013-08-13 00:50 270468 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll 2013-08-13 00:50 . 2013-08-13 00:50 159876 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll 2013-08-13 00:50 . 2002-08-05 08:46 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll 2013-08-13 00:50 . 2002-08-02 01:10 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe 2013-08-13 00:50 . 2002-08-02 00:20 634880 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll 2013-08-13 00:50 . 2002-08-02 00:20 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll 2013-08-13 00:50 . 2002-08-02 00:20 151552 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll 2013-08-13 00:50 . 2013-08-13 00:50 -------- d-----w- c:\program files (x86)\USB Vibration 2013-08-12 04:19 . 2013-08-12 04:19 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin 2013-08-12 01:27 . 2013-08-12 01:28 -------- d-----w- c:\program files\Avidemux 2.5 2013-08-11 23:52 . 2013-08-11 23:52 -------- d-----w- c:\windows\SysWow64\syncdb 2013-08-11 23:36 . 2013-08-11 23:36 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2013-08-11 23:28 . 2013-08-11 23:28 564824 ----a-w- c:\windows\system32\drivers\sptd.sys 2013-08-11 23:28 . 2013-08-11 23:36 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite 2013-08-11 23:23 . 2013-08-11 23:22 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-08-11 23:23 . 2013-08-12 10:06 -------- d-----w- c:\programdata\DAEMON Tools Lite 2013-08-11 23:20 . 2006-02-03 06:43 3830992 ----a-w- c:\windows\system32\d3dx9_29.dll 2013-08-11 23:20 . 2006-02-03 06:42 355536 ----a-w- c:\windows\system32\xactengine2_0.dll 2013-08-11 23:20 . 2006-02-03 06:41 16592 ----a-w- c:\windows\system32\x3daudio1_0.dll 2013-08-11 23:20 . 2005-12-05 16:09 3815120 ----a-w- c:\windows\system32\d3dx9_28.dll 2013-08-11 23:20 . 2005-07-22 17:59 3807440 ----a-w- c:\windows\system32\d3dx9_27.dll 2013-08-11 23:18 . 2013-08-11 23:18 -------- d-----w- c:\program files\CCleaner 2013-08-11 23:07 . 2013-08-11 23:07 -------- d-----w- c:\windows\SysWow64\nl 2013-08-11 23:07 . 2013-08-11 23:07 -------- d-----w- c:\windows\SysWow64\0413 2013-08-11 23:07 . 2013-08-11 23:07 -------- d-----w- c:\windows\nl-NL 2013-08-11 23:07 . 2013-08-11 23:07 -------- d-----w- c:\windows\SysWow64\XPSViewer 2013-08-11 23:07 . 2013-08-11 23:07 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\nl-NL 2013-08-11 23:07 . 2013-08-11 23:07 -------- d-----w- c:\windows\SysWow64\drivers\nl-NL 2013-08-11 23:07 . 2013-08-11 23:07 -------- d-----w- c:\windows\system32\nl 2013-08-11 23:07 . 2013-08-11 23:07 -------- d-----w- c:\windows\system32\drivers\UMDF\nl-NL 2013-08-11 23:07 . 2013-08-11 23:07 -------- d-----w- c:\windows\system32\0413 2013-08-11 23:07 . 2013-08-11 18:26 -------- d-----w- c:\windows\SysWow64\wbem\nl-NL 2013-08-11 23:07 . 2013-08-11 18:26 -------- d-----w- c:\windows\system32\drivers\nl-NL 2013-08-11 23:07 . 2013-08-11 18:26 -------- d-----w- c:\windows\system32\wbem\nl-NL 2013-08-11 23:06 . 2013-08-11 23:06 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\nl-NL\LXKPTPRC.DLL.mui 2013-08-11 23:00 . 2013-08-11 23:00 -------- d-----w- c:\windows\NAPP_Dism_Log 2013-08-11 22:54 . 2013-09-04 21:15 -------- d-----w- c:\program files (x86)\SpeedFan 2013-08-11 22:28 . 2013-08-11 22:28 -------- d-----w- c:\program files\Microsoft Silverlight 2013-08-11 22:28 . 2013-08-11 22:28 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2013-08-11 21:55 . 2013-08-11 23:01 -------- d-----w- c:\program files (x86)\Microsoft Security Client 2013-08-11 21:55 . 2013-08-11 23:08 -------- d-----w- c:\program files\Microsoft Security Client 2013-08-11 20:47 . 2013-08-11 20:47 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-08-11 20:46 . 2013-08-11 20:46 17018248 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2013-08-11 20:46 . 2013-08-11 20:43 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-08-11 20:45 . 2013-08-11 20:43 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-08-11 20:44 . 2013-08-11 20:43 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-08-11 20:43 . 2013-08-11 20:43 -------- d-----w- c:\program files (x86)\Java 2013-08-11 20:27 . 2013-08-11 20:27 -------- d-----w- c:\program files (x86)\VideoLAN 2013-08-11 20:15 . 2013-08-11 20:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-08-11 20:15 . 2013-08-11 20:50 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-08-11 20:15 . 2013-08-11 20:15 -------- d-----w- c:\windows\system32\Macromed 2013-08-11 20:06 . 2005-05-26 13:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll 2013-08-11 20:06 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll 2013-08-11 20:06 . 2005-03-18 15:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-11 23:06 . 2013-08-11 23:06 2560 ----a-w- c:\windows\SysWow64\drivers\nl-NL\qwavedrv.sys.mui 2013-08-11 23:06 . 2013-08-11 23:06 5632 ----a-w- c:\windows\SysWow64\drivers\nl-NL\ndiscap.sys.mui 2013-08-11 23:06 . 2013-08-11 23:06 50688 ----a-w- c:\windows\SysWow64\drivers\nl-NL\tcpip.sys.mui 2013-08-11 23:06 . 2013-08-11 23:06 26624 ----a-w- c:\windows\SysWow64\drivers\nl-NL\bfe.dll.mui 2013-08-11 23:06 . 2013-08-11 23:06 16896 ----a-w- c:\windows\SysWow64\drivers\nl-NL\pacer.sys.mui 2013-08-11 23:05 . 2013-08-11 23:05 2560 ----a-w- c:\windows\SysWow64\drivers\nl-NL\scfilter.sys.mui 2013-08-11 16:08 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-08-07 02:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-07-09 04:45 . 2013-08-14 10:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-06-18 19:50 . 2013-06-18 19:50 247216 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2013-06-18 19:50 . 2012-03-20 18:44 139616 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2013-06-09 17:53 . 2013-06-09 17:53 83024 ----a-w- c:\windows\SysWow64\mfcm110u.dll 2013-06-09 17:53 . 2013-06-09 17:53 83016 ----a-w- c:\windows\SysWow64\mfcm110.dll 2013-06-09 17:53 . 2013-06-09 17:53 74832 ----a-w- c:\windows\SysWow64\mfc110fra.dll 2013-06-09 17:53 . 2013-06-09 17:53 74832 ----a-w- c:\windows\SysWow64\mfc110deu.dll 2013-06-09 17:53 . 2013-06-09 17:53 73808 ----a-w- c:\windows\SysWow64\mfc110esn.dll 2013-06-09 17:53 . 2013-06-09 17:53 72784 ----a-w- c:\windows\SysWow64\mfc110ita.dll 2013-06-09 17:53 . 2013-06-09 17:53 70736 ----a-w- c:\windows\SysWow64\mfc110rus.dll 2013-06-09 17:53 . 2013-06-09 17:53 65104 ----a-w- c:\windows\SysWow64\mfc110enu.dll 2013-06-09 17:53 . 2013-06-09 17:53 53840 ----a-w- c:\windows\SysWow64\mfc110jpn.dll 2013-06-09 17:53 . 2013-06-09 17:53 53328 ----a-w- c:\windows\SysWow64\mfc110kor.dll 2013-06-09 17:53 . 2013-06-09 17:53 46160 ----a-w- c:\windows\SysWow64\mfc110cht.dll 2013-06-09 17:53 . 2013-06-09 17:53 46160 ----a-w- c:\windows\SysWow64\mfc110chs.dll 2013-06-09 17:53 . 2013-06-09 17:53 4456520 ----a-w- c:\windows\SysWow64\mfc110u.dll 2013-06-09 17:53 . 2013-06-09 17:53 4421192 ----a-w- c:\windows\SysWow64\mfc110.dll 2013-06-09 17:53 . 2013-06-09 17:53 164424 ----a-w- c:\windows\SysWow64\atl110.dll 2013-06-09 13:59 . 2013-06-09 13:59 90192 ----a-w- c:\windows\system32\mfcm110u.dll 2013-06-09 13:59 . 2013-06-09 13:59 90184 ----a-w- c:\windows\system32\mfcm110.dll 2013-06-09 13:59 . 2013-06-09 13:59 74832 ----a-w- c:\windows\system32\mfc110fra.dll 2013-06-09 13:59 . 2013-06-09 13:59 74832 ----a-w- c:\windows\system32\mfc110deu.dll 2013-06-09 13:59 . 2013-06-09 13:59 73808 ----a-w- c:\windows\system32\mfc110esn.dll 2013-06-09 13:59 . 2013-06-09 13:59 72784 ----a-w- c:\windows\system32\mfc110ita.dll 2013-06-09 13:59 . 2013-06-09 13:59 70736 ----a-w- c:\windows\system32\mfc110rus.dll 2013-06-09 13:59 . 2013-06-09 13:59 65104 ----a-w- c:\windows\system32\mfc110enu.dll 2013-06-09 13:59 . 2013-06-09 13:59 5619784 ----a-w- c:\windows\system32\mfc110u.dll 2013-06-09 13:59 . 2013-06-09 13:59 5592648 ----a-w- c:\windows\system32\mfc110.dll 2013-06-09 13:59 . 2013-06-09 13:59 53840 ----a-w- c:\windows\system32\mfc110jpn.dll 2013-06-09 13:59 . 2013-06-09 13:59 53328 ----a-w- c:\windows\system32\mfc110kor.dll 2013-06-09 13:59 . 2013-06-09 13:59 46160 ----a-w- c:\windows\system32\mfc110cht.dll 2013-06-09 13:59 . 2013-06-09 13:59 46160 ----a-w- c:\windows\system32\mfc110chs.dll 2013-06-09 13:59 . 2013-06-09 13:59 192584 ----a-w- c:\windows\system32\atl110.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\users\A\AppData\Roaming\uTorrent\uTorrent.exe" [2013-08-12 1130576] "LAN Messenger"="c:\users\A\Desktop\lmc-1.2.35-win32\lmc.exe" [2012-07-24 1721344] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x] R4 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x] R4 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x] R4 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x] R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x] R4 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x] R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2013-09-05 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-11 20:50] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 1356240] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\ FF - prefs.js: browser.search.selectedEngine - Dictionary.com FF - ExtSQL: 2013-08-11 22:03; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-08-11 22:04; adblockpopups@jessehakanen.net; c:\users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\extensions\adblockpopups@jessehakanen.net.xpi FF - ExtSQL: 2013-08-11 22:05; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF - ExtSQL: 2013-08-11 22:07; {76C80A11-FAD4-406c-8246-F5ED4F9367B5}; c:\users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\extensions\{76C80A11-FAD4-406c-8246-F5ED4F9367B5}.xpi FF - ExtSQL: 2013-08-11 22:08; {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}; c:\users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi FF - ExtSQL: 2013-08-11 22:10; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - ExtSQL: 2013-08-11 22:12; TFToolbarX@torrent-finder; c:\users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\extensions\TFToolbarX@torrent-finder.xpi FF - ExtSQL: 2013-08-11 22:12; en-US@dictionaries.addons.mozilla.org; c:\users\A\AppData\Roaming\Mozilla\Firefox\Profiles\0a6ubgx9.default\extensions\en-US@dictionaries.addons.mozilla.org . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe AddRemove-GOGPACKPAPERSPLEASE_is1 - c:\gog games\Papers AddRemove-{37C14146-B1C0-0988-BEC3-E2A874ABE7C4} - c:\progra~3\INSTAL~1\{9A27C~1\Setup.exe AddRemove-{3A1B9A4B-FE1F-BE71-7CA5-6E95994E9E0F} - c:\progra~3\INSTAL~1\{BC53E~1\Setup.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-09-05 10:08:52 ComboFix-quarantined-files.txt 2013-09-05 08:08 . Pre-Run: 76.493.029.376 bytes beschikbaar Post-Run: 76.437.958.656 bytes beschikbaar . - - End Of File - - BCC79E4878A918AA426CB8FFB7079861 A36C5E4F47E84449FF07ED3517B43A31
  13. Thanks for the quick reply. Here's dds.txt: And here's aswMBR.txt: attach.txt
  14. Earlier today, my computer suddenly became very sluggish. I checked the task manager to see that the processor was being utilized for 100%. I noticed a programme called coin-miner.exe, which is apparently a Trojan I closed it and after that the computer behaved normally again. I also noticed another .exe consisting of a half a dozen numbers, which I also closed. After that I ran AdwCleaner and JRT and deleted the files/registry entries in question. Unfortunately, I didn't keep the logs. Coin-miner (or the other .exe_ hasn't appeared since. But I still want to make sure it's permanently gone. Is there any programme I can run and post the log for advice/analysis? I am using Microsoft Security Essentials, by the way. Thanks in advance.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.