Jump to content

wereallmadhere

Members
  • Posts

    13
  • Joined

  • Last visited

Reputation

0 Neutral
  1. aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software Run date: 2014-09-13 14:33:43 ----------------------------- 14:33:43.652 OS Version: Windows x64 6.1.7601 Service Pack 1 14:33:43.652 Number of processors: 2 586 0x2505 14:33:43.652 ComputerName: 8VIRUS8-EXE UserName: Owner 14:33:45.165 Initialize success 14:33:45.274 VM: initialized successfully 14:33:45.290 VM: Intel CPU virtualization not supported 14:34:25.132 AVAST engine defs: 14091301 14:34:43.759 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 14:34:43.759 Disk 0 Vendor: TOSHIBA_ GJ00 Size: 305245MB BusType: 3 14:34:43.899 Disk 0 MBR read successfully 14:34:43.915 Disk 0 MBR scan 14:34:44.039 Disk 0 Windows 7 default MBR code 14:34:44.055 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048 14:34:44.086 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328 14:34:44.086 Disk 0 Boot: NTFS code=1 14:34:44.117 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 289783 MB offset 31664128 14:34:44.320 Disk 0 scanning C:\Windows\system32\drivers 14:35:04.631 Service scanning 14:36:02.742 Modules scanning 14:36:02.757 Disk 0 trace - called modules: 14:36:02.773 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 14:36:02.788 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045d9760] 14:36:02.788 3 CLASSPNP.SYS[fffff88001b9e43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004478050] 14:36:04.442 AVAST engine scan C:\Windows 14:36:11.836 AVAST engine scan C:\Windows\system32 14:43:34.438 AVAST engine scan C:\Windows\system32\drivers 14:44:02.118 AVAST engine scan C:\Users\Owner 14:51:09.595 File: C:\Users\Owner\COMPUTER\installs\install\FlashPlayerPro.exe **INFECTED** Win32:Adware-gen [Adw] 15:20:34.493 AVAST engine scan C:\ProgramData 15:46:34.397 Scan finished successfully 15:47:07.527 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat" 15:47:07.608 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"
  2. because my professor said android does not recognize jdk7 so we have to develop our app in 6, cant adjust the variable because it doesnt exist,attch 1 also and dont know if this is related but google will only spellcheck not correct if i click on it except every once in a while
  3. ok, but even if I restore it I still can not for some reason download the jdk 6 it says it exists then it says it cant find it. I need to take off whatever is preventing me from completing this assignment or add if that be the case. I will post this then add some screenshots to further illustrate the issue. Here is what I need to do maybe that will help you to understand what I am trying to say about the computer not functioning properly. Install Java6. Download, verify the checksum and unpack the Android bundle. Start your emulator and play with some keyboard shortcuts for your emulator: Practice switching between landscape and portrait modes. Does Alt-Enter work on your machine?Some quiz questions assume you've read the Android Emulator Keyboard Commands page​Create your own app and experiment with Eclipse. Time to play: Create your own app for a friend that includes a cute or interesting photo and some text (a title or name for your image).Use your image dimensions (width x height—remember each pixel will require 4 bytes) to calculate the memory requirements of your image.Create string resources.Keep playing with relative layout to create different layouts. Challenge: Try a layout inside a layout! Learn how to align your image(s) and text to the parent's center and sides (e.g., layout_alignParentTop) and also relative to each other (e.g., layout_below). Play with qualifiers: Create different layouts for landscape and portrait modes. My secret is not for your phone! Can you create an app that only displays some special secret text on certain specific device sizes? Test them using different display configurations.Add ScrollView to your app layouts. Note smaller content can be stretched using ScrollView's fillViewport option so that your inner content fills the entire ScrollView area.Test and continue to develop your app. Test it with different screen sizes and densities.Export a signed version of your app. (See the next video on how to install it.)Test ILLIAC and look for bugs:Download Awesome-ILLIAC1-BeforeTesting.zip (9913496 bytes) - this is the entire project not just the apk.It has at least one bug (i.e. problem) that you can find if you test carefully enough.Before importing this project, uncompress (extract) the zip file into a local directory. This will make a directory called "Awesome2a"Use File Menu "Import>Android>Existing Android Code Into Workspace" and select the "Awesome2a" directory you just made.You may need to restart Eclipse or right (control-) click on the project and select Android Tools> Fix Project Properties. You may need to change the project's Java compiler settings if you only have JDK1.7 installed.Remove your app from the emulator or phone.Upload your APK to a website (Lawrence used Box and Coursera but see the discussion forum to find out which file sharing websites other students recommend in your country).Install your own APK by downloading it from the website.here is the must have due in 9 days Submission ChecklistsCheck that you've completed all of the above steps and then gather the following materials to have ready to upload at the link below: App #1 Submission ChecklistThe portrait xml layout file and your landscape xml layout file.The 4 screenshot png files (see specifications of each, above).The signed apk file.Write at least 1 sentence about why you chose each person.A few notes about your development experience. For example, what was the hardest part of this assignment or the part that required the most time? App #2 Submission ChecklistThe signed apk file.A screenshot of your app.Briefly answer the following 4 questions:What does your app do?Why did you decided to build the app?What do you remember most about your development experience? For example, what was the hardest part of this assignment or the part that required the most time?What would you like to do next to your app?Optionally, you may post some code to receive feedback from your peers on your code. No need to post an entire file. If you're particularly pleased with some code you have written, include it! The code snippet does not need to be large, just share the experience of what you managed to create.
  4. RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Owner [Admin rights] Mode : Scan -- Date : 01/02/2014 20:19:22 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3265GSX +++++ --- User --- [MBR] 71454e3c2dba103cdd9f814f50bb3b70 [bSP] d3d28d39b2cbbac16cdf5e94e92fd019 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 289783 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_01022014_201922.txt >> sorry my pc keeps crashing as i am trying to run it. and it won't run in safe mode. *banging head into wall* why oh why did I pick programming instead of something simple like history of yarn
  5. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: Run by Owner at 19:46:44 on 2014-01-02 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2807.1301 [GMT -6:00] . AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\svchost.exe -k apphost C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k iissvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Elantech\ETDCtrl.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe C:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler64.exe C:\Program Files (x86)\Malwarebytes Secure Backup\SUpdateNotifier.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe C:\Program Files (x86)\Launch Manager\LMworker.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\taskeng.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file> EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file> uRun: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] "C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window uRun: [bDAB3CD44D7D45EEC58DB422F61BD03E74CADA2F._service_run] "C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun: [sOSUAUI] "C:\Program Files (x86)\Malwarebytes Secure Backup\sosuploadagent.exe" -showui mRun: [sMessaging] C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe uPolicies-Explorer: NoDrives = dword:0 uPolicies-Explorer: NoResolveTrack = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:28 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: MemCheckBoxInRunDlg = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.1.254 TCP: Interfaces\{6F799CB9-9022-429F-8C10-D85C7D7C73BA} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{9C237FA0-76EA-456E-B480-ED4F4533D5A8} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{9C237FA0-76EA-456E-B480-ED4F4533D5A8}\24F4445323D27657563747 : DHCPNameServer = 192.168.3.1 TCP: Interfaces\{9C237FA0-76EA-456E-B480-ED4F4533D5A8}\342514A595026425F474350223 : DHCPNameServer = 10.0.0.1 TCP: Interfaces\{9C237FA0-76EA-456E-B480-ED4F4533D5A8}\45D2D4F62696C656022427F616462616E6460393 : DHCPNameServer = 192.168.0.1 192.168.0.1 TCP: Interfaces\{9C237FA0-76EA-456E-B480-ED4F4533D5A8}\A657C696167237022696374727F6 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{9C237FA0-76EA-456E-B480-ED4F4533D5A8}\C696E6B6379737F5355435F513835393 : DHCPNameServer = 209.253.113.2 209.253.113.10 TCP: Interfaces\{9C237FA0-76EA-456E-B480-ED4F4533D5A8}\D4564786745756374775966496 : DHCPNameServer = 4.2.2.2 8.8.8.8 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240] R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-5-3 321104] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2011-7-13 867712] R2 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2011-1-17 39528] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-3 13336] R2 Live Updater Service;Live Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2011-5-3 244624] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-8 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-8 701512] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 134944] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2010-6-28 255744] R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-3-8 144672] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-10-17 39056] R2 RealPlayer Desktop Service;RealPlayer Desktop Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2013-11-25 1418336] R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2013-10-25 29320] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-5-3 135560] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-5-3 56344] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-5-3 158976] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-5-3 287232] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-5-15 384040] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-7-8 25928] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-3 2320920] S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-7-14 266240] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-8-25 57840] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448] S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-11-5 31800] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-5-3 243712] S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-8-30 16152] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-23 1255736] . =============== Created Last 30 ================ . 2014-01-03 01:38:15 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9893568B-654E-4A5F-8E04-567C6A40CFBB}\mpengine.dll 2013-12-31 09:45:07 10315576 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-12-31 09:04:09 -------- d-sh--w- C:\$RECYCLE.BIN 2013-12-31 08:55:54 98816 ----a-w- C:\Windows\sed.exe 2013-12-31 08:55:54 256000 ----a-w- C:\Windows\PEV.exe 2013-12-31 08:55:54 208896 ----a-w- C:\Windows\MBR.exe 2013-12-31 08:55:49 -------- d-s---w- C:\1thunderkat 2013-12-29 11:07:22 -------- d-----w- C:\Program Files\NetBeans 7.4 2013-12-29 11:07:09 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2013-12-29 11:04:16 -------- d-----w- C:\Users\Owner\.nbi 2013-12-12 09:32:04 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe 2013-12-12 09:32:04 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 2013-12-12 09:32:04 12625920 ----a-w- C:\Windows\System32\wmploc.DLL 2013-12-12 09:32:03 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL 2013-12-12 02:19:18 335360 ----a-w- C:\Windows\System32\msieftp.dll 2013-12-12 02:19:18 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll 2013-12-12 02:19:17 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-12-12 02:19:06 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2013-12-12 02:19:06 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-12-12 02:19:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-12-12 02:19:05 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-12-12 02:19:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-12-12 02:19:03 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-12-12 02:18:47 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys 2013-12-12 02:18:47 202752 ----a-w- C:\Windows\System32\scrrun.dll 2013-12-12 02:18:47 156160 ----a-w- C:\Windows\System32\cscript.exe 2013-12-12 02:18:47 150016 ----a-w- C:\Windows\System32\wshom.ocx 2013-12-12 02:18:47 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx 2013-12-12 02:18:47 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys 2013-12-12 02:18:46 168960 ----a-w- C:\Windows\System32\wscript.exe 2013-12-12 02:18:46 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll 2013-12-12 02:18:46 141824 ----a-w- C:\Windows\SysWow64\wscript.exe 2013-12-12 02:18:46 126976 ----a-w- C:\Windows\SysWow64\cscript.exe 2013-12-08 12:50:34 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5CDB58B8-EA5C-45AD-A6DE-632D029782EE}\gapaengine.dll . ==================== Find3M ==================== . 2013-11-25 09:43:33 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe 2013-10-25 06:19:22 2241536 ----a-w- C:\Windows\System32\wininet.dll 2013-10-25 06:17:57 3959808 ----a-w- C:\Windows\System32\jscript9.dll 2013-10-25 06:17:52 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-10-25 06:17:52 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-10-25 04:45:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-10-25 04:43:42 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-10-25 04:43:38 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-10-25 04:43:38 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-10-25 04:07:48 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-10-25 03:41:01 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll 2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL 2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll 2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL 2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll 2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll . ============= FINISH: 19:47:32.71 ===============
  6. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 9/24/2011 9:00:00 AM System Uptime: 1/2/2014 7:26:14 PM (0 hours ago) . Motherboard: Gateway | | NV55C Processor: Intel® Pentium® CPU P6100 @ 2.00GHz | CPU | 1999/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 283 GiB total, 149.885 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP340: 12/26/2013 6:05:32 AM - Scheduled Checkpoint RP341: 12/26/2013 6:50:50 AM - Installed Java SE Development Kit 6 Update 45 (64-bit) RP342: 12/26/2013 6:52:13 AM - Installed Java 6 Update 45 (64-bit) RP343: 12/26/2013 7:23:14 AM - Removed Java SE Development Kit 6 Update 45 (64-bit) RP344: 12/26/2013 7:28:13 AM - Installed Java SE Development Kit 6 Update 45 (64-bit) RP345: 12/27/2013 4:53:15 AM - Removed Apple Application Support RP346: 12/27/2013 4:56:08 AM - Removed Apple Software Update RP347: 12/27/2013 4:56:38 AM - Removed QuickTime RP348: 12/27/2013 4:57:35 AM - Removed Prezi Desktop. RP350: 12/31/2013 3:44:28 AM - Windows Update . ==== Installed Programs ====================== . 64 Bit HP CIO Components Installer Acrobat.com Adobe AIR Adobe Reader XI (11.0.05) Audacity 2.0.4 Backup Manager Basic Best Buy pc app Broadcom Gigabit NetLink Controller Brother MFL-Pro Suite MFC-J430W D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Defraggler ESET Online Scanner v3 ETDWare PS/2-x64 7.0.6.5_WHQL Galerie de photos Gateway MyBackup Gateway Power Management Gateway Recovery Management Gateway Registration Gateway Updater Google Chrome Google Drive Google Update Helper Grammarly HP Customer Participation Program 13.0 HP Update HPSSupply Identity Card Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Management Engine Components Intel® Rapid Storage Technology Java 7 Update 45 (64-bit) Java SE Development Kit 7 Update 45 (64-bit) Java 6 Update 45 (64-bit) Java SE Development Kit 6 Update 45 (64-bit) Junk Mail filter update Launch Manager Malwarebytes Anti-Malware version 1.75.0.1300 Malwarebytes Secure Backup MarketResearch Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Movie Maker MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Express 10 Nero Express 10 Help (CHM) Nero Multimedia Suite 10 Essentials Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nuance PaperPort 12 Nuance PDF Viewer Plus PaperPort Image Printer 64-bit Photo Common Photo Gallery Picasa Web Albums Live Publisher RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Cloud Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader RealUpgrade 1.1 Recuva Revo Uninstaller 1.95 Revo Uninstaller Pro 3.0.7 Scansoft PDF Professional Screenshot Captor 4.7.2 Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) Shop for HP Supplies Tweaking.com - Windows Repair (All in One) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition UpdateService Video Web Camera Welcome Center Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 12/31/2013 3:31:55 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 12/31/2013 3:14:37 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.165.787.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 12/31/2013 3:14:37 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 12/31/2013 3:04:18 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 12/31/2013 3:04:18 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 12/31/2013 3:04:14 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 12/31/2013 3:04:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 12/31/2013 3:03:59 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr Wanarpv6 12/31/2013 3:03:53 AM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error: A device attached to the system is not functioning. 12/31/2013 2:55:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} 12/28/2013 11:49:52 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer HILLARY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{9C237FA0-76EA-456E-B480-ED4F4533D5A8}. The master browser is stopping or an election is being forced. 12/26/2013 5:58:43 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:. 1/2/2014 7:29:27 PM, Error: Service Control Manager [7003] - The Intel® Management & Security Application User Notification Service service depends the following service: LMS. This service might not be installed. . ==== End Of File ===========================
  7. ok here is my hijackthis log PLEASE HELP QUICKLY my app is 20% of my grade!!!! Logfile of Trend Micro HijackThis v2.0.4Scan saved at 3:37:29 AM, on 12/31/2013Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Unable to get Internet Explorer version!Boot mode: Normal Running processes:C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\ProgramData\FLEXnet\Connect\11\ISUSPM.exeC:\Program Files (x86)\Launch Manager\LManager.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exeC:\Program Files (x86)\Real\RealPlayer\Update\realsched.exeC:\Users\Owner\Downloads\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLLO4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exeO4 - HKLM\..\Run: [sOSUAUI] "C:\Program Files (x86)\Malwarebytes Secure Backup\sosuploadagent.exe" -showuiO4 - HKLM\..\Run: [sMessaging] C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exeO4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osbootO4 - HKCU\..\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] "C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-windowO4 - HKCU\..\Run: [bDAB3CD44D7D45EEC58DB422F61BD03E74CADA2F._service_run] "C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe" --type=serviceO4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -schedulerO4 - HKCU\..\Run: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exeO9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exeO23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GREGsvc.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exeO23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exeO23 - Service: RealPlayer Desktop Service - RealNetworks, Inc. - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exeO23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 9812 bytes
  8. so far so good. how can i put mbar on my droid? I cant find it in google play.
  9. All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-3612959242-1118106964-4219854335-1000\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found. Prefs.js: S", "" removed from browser.search.defaultenginename,S Prefs.js: "" removed from browser.search.defaultthis.engineName Prefs.js: "" removed from browser.search.defaulturl Prefs.js: "" removed from browser.search.order.1 Prefs.js: S", "" removed from browser.search.order.1,S Prefs.js: S", "" removed from browser.search.selectedEngine,S File C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.0_0 not found. File C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.2_0 not found. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\_locales\en folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\_locales folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\templates\precompiled folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\templates folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\lib\vendor\tipTip folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\lib\vendor\moment\lang folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\lib\vendor\moment folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\lib\vendor\bootstrap folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\lib\vendor\apprise folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\lib\vendor folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\lib folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\js folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\includes folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\sprite_images\sprite folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\sprite_images folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\panel\tutorial\sprite_images\sprite folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\panel\tutorial\sprite_images folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\panel\tutorial folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\panel\tracker\sprite folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\panel\tracker folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\panel\settings\sprite folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\panel\settings folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\panel\header\sprite folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\panel\header folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\panel\footer\sprite folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\panel\footer folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\panel folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\help folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images\click2play folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\images folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\data folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\css folder moved successfully. C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0 folder moved successfully. C:\Users\Owner\AppData\Roaming\Easy BitTorrent Client folder moved successfully. C:\Users\Owner\AppData\Roaming\qBittorrent folder moved successfully. C:\Users\Owner\AppData\Roaming\uTorrent\share folder moved successfully. C:\Users\Owner\AppData\Roaming\uTorrent\dlimagecache folder moved successfully. C:\Users\Owner\AppData\Roaming\uTorrent folder moved successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\Owner\Desktop\cmd.bat deleted successfully. C:\Users\Owner\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56502 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Owner ->Temp folder emptied: 8642890 bytes ->Temporary Internet Files folder emptied: 53460 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 6469672 bytes ->Google Chrome cache emptied: 345979870 bytes ->Flash cache emptied: 511 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 592874 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95470 bytes RecycleBin emptied: 485190838 bytes Total Files Cleaned = 808.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 11112013_192926 Files\Folders moved on Reboot... C:\Users\Owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot. File\Folder C:\Windows\temp\TMP00000003CA191EA761B6BABA not found! PendingFileRenameOperations files... Registry entries deleted on Reboot...
  10. OTL logfile created on: 11/7/2013 12:27:01 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16721) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.74 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 59.08% Memory free 5.48 Gb Paging File | 3.64 Gb Available in Paging File | 66.41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 282.99 Gb Total Space | 166.69 Gb Free Space | 58.90% Space Free | Partition Type: NTFS Computer Name: 8VIRUS8-EXE | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/11/07 10:47:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe PRC - [2013/11/04 03:14:26 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Users\Owner\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler.exe PRC - [2013/10/28 02:36:14 | 000,471,840 | ---- | M] (Glarysoft Ltd) -- C:\Program Files (x86)\Glary Utilities 3\Integrator.exe PRC - [2013/09/14 12:45:18 | 007,941,304 | ---- | M] (DonationCoder) -- C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe PRC - [2013/05/11 04:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2011/04/22 10:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe PRC - [2011/01/17 20:52:26 | 000,039,528 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe PRC - [2010/08/10 03:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2010/08/10 03:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010/08/10 03:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2010/06/28 16:23:18 | 000,258,304 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe PRC - [2010/06/28 16:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe PRC - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2010/04/13 10:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010/04/13 10:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe PRC - [2010/03/05 19:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe PRC - [2009/05/05 15:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe ========== Modules (No Company Name) ========== MOD - [2013/10/28 02:37:48 | 000,080,160 | ---- | M] () -- C:\Program Files (x86)\Glary Utilities 3\zlib1.dll MOD - [2013/10/10 02:44:08 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e1d6482355cf83afab1904ee0cd72168\System.Windows.Forms.ni.dll MOD - [2013/10/10 02:43:48 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\01e2b3170ba115d1c719f0eab8510323\WindowsBase.ni.dll MOD - [2013/10/10 02:43:43 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aafdc594aaeb62d1ebfbb827aa9f059b\System.Configuration.ni.dll MOD - [2013/10/08 18:02:43 | 000,415,184 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll MOD - [2013/10/08 18:02:41 | 004,055,504 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll MOD - [2013/10/08 18:01:47 | 001,604,560 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll MOD - [2013/09/12 02:01:52 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6b3be3ca03fcac86340195d721d4dd2d\System.Runtime.Remoting.ni.dll MOD - [2013/08/18 03:41:36 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f5cff49f1a827754ae2ba6d951b12a07\System.Drawing.ni.dll MOD - [2013/08/18 03:41:11 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cea6226854fbf75dc05bd2fb98357e81\System.Xml.ni.dll MOD - [2013/08/18 03:40:42 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\4802a2f7b7a69969a7cec274030aa373\System.ni.dll MOD - [2013/07/10 02:36:07 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll MOD - [2013/07/08 11:39:20 | 004,591,616 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libGLESv2.dll MOD - [2013/07/08 11:39:20 | 000,112,128 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libEGL.dll MOD - [2010/06/28 16:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll MOD - [2009/05/20 00:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll ========== Services (SafeList) ========== SRV:64bit: - [2013/08/12 13:11:04 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2013/08/12 13:11:04 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2011/04/22 10:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe -- (Live Updater Service) SRV:64bit: - [2011/01/05 16:23:58 | 000,867,712 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2013/08/23 09:23:31 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/05/11 04:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/06/05 14:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc) SRV - [2012/05/13 18:47:07 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/01/17 20:52:26 | 000,039,528 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe -- (GREGService) SRV - [2010/11/20 21:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2010/11/20 21:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2010/11/20 21:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2010/08/10 03:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010/06/28 16:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010/04/13 10:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/17 22:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP) SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/08/31 08:01:14 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon) DRV:64bit: - [2013/06/18 20:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2013/02/05 21:06:06 | 000,057,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 08:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012/08/23 08:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/12/15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/09/21 19:47:10 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010/07/19 18:10:40 | 010,603,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010/06/21 03:45:56 | 000,287,232 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010/05/15 06:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2010/05/11 04:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010/04/13 10:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/04/13 04:15:04 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2010/02/26 17:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt) DRV:64bit: - [2009/09/16 23:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 18:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/05 17:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009/05/05 17:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AGWTDF&pc=MAGW&src=IE-SearchBox IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3612959242-1118106964-4219854335-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=U027&ocid=U027DHP&dt=081113 IE - HKU\S-1-5-21-3612959242-1118106964-4219854335-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3612959242-1118106964-4219854335-1000\..\SearchScopes\E167169070014B21BF94DDA857FC43B8: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=341&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3505341010654342&q={searchTerms} IE - HKU\S-1-5-21-3612959242-1118106964-4219854335-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename,S: S", "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.order.1,S: S", "" FF - prefs.js..browser.search.order.3: "Bing " FF - prefs.js..browser.search.selectedEngine,S: S", "" FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: secureLogin%40blueimp.net:1.0.3 FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.9.618 FF - prefs.js..extensions.enabledAddons: autofillForms%40blueimp.net:0.9.9.0 FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131008 FF - prefs.js..extensions.enabledAddons: client%40anonymox.net:2.1.1 FF - prefs.js..extensions.enabledAddons: idme%40abine.com:1.27.318 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=U027DF&PC=U027&dt=081113&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\autodesk.com/Autodesk123DShapes: C:\Users\Owner\AppData\Local\Autodesk\123DPlugins\Autodesk 123D Shapes321.0.121\npAutodesk123DShapes32.dll (Autodesk) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/28 03:37:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions [2013/11/05 04:58:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions [2013/08/10 23:35:08 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2013/10/18 06:55:15 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013/09/21 22:19:54 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\donottrackplus@abine.com [2013/10/27 10:23:36 | 000,000,000 | ---D | M] (MaskMe) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\idme@abine.com [2013/11/05 04:58:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\staged [2013/08/24 05:16:44 | 000,128,676 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\adblockpopups@jessehakanen.net.xpi [2013/09/21 22:19:54 | 000,149,045 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\autofillForms@blueimp.net.xpi [2013/10/18 06:55:18 | 000,355,782 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\client@anonymox.net.xpi [2013/11/05 04:58:17 | 001,333,292 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\firefox@ghostery.com.xpi [2013/09/21 22:19:52 | 000,083,379 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\secureLogin@blueimp.net.xpi [2013/10/18 06:53:23 | 000,049,720 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\sortbookmarks@bouanto.xpi [2013/11/05 04:58:08 | 000,534,765 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013/10/18 06:53:45 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013/08/11 00:15:08 | 000,002,402 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0ffi4ubb.default-1373273126037\searchplugins\bingp.xml [2013/10/18 07:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/10/18 07:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013/10/18 07:43:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com/ CHR - Extension: APA Format Citation Generator = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdhpmnfhdpooglfjfobdbhcahkdbgcd\3.2_0\ CHR - Extension: Beatlab = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\alnfdikmbdfgkcbdodjcbmedanjinmkk\1.0.1_0\ CHR - Extension: academic-publications.com = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aokpkekafcaifmkgijfagenngookcpod\2.0_0\ CHR - Extension: WOT = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.2.1_0\ CHR - Extension: Audiotool = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk\1.1_0\ CHR - Extension: Netcraft Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmejphbfclcpmpohkggcjeibfilpamia\1.3.2_0\ CHR - Extension: Facebook = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\ CHR - Extension: Weebly - Website Builder = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb\1.0.5_0\ CHR - Extension: MaskMe = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.35.335_0\ CHR - Extension: Facebook Theme Creator = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecnnffhckagcpoimngfooggeilkhlnnh\2.1.3_0\ CHR - Extension: DoNotTrackMe = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd\3.0.1005_0\ CHR - Extension: Wishpond Contest for Pinterest = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffooapllmnbkomkknlmbkcocknhchbin\2.0.6_0\ CHR - Extension: Sketch Wizard = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgcipaapohgnempegffkhmhbdloaoec\3.9_0\ CHR - Extension: Magisto = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk\1.2.11471_0\ CHR - Extension: LastPass = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.0_0\ CHR - Extension: LastPass = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.2_0\ CHR - Extension: Pinkdar = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhedpddcijkhnbdcojcemkmgmakafgfp\1.0_0\ CHR - Extension: Pearltrees = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjcccdngnaailhnoflbeficiokgcfaah\1.0.23_0\ CHR - Extension: Google Play Music = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.2_0\ CHR - Extension: Website Templates & Free Website Builder = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilpkanomfdiomnhchjmckdnfgjofkmnk\1.0.1_0\ CHR - Extension: Easy Essays = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippabcfpniimkomfeidkcfffmjahcgln\0.0.0.1_0\ CHR - Extension: OER Commons = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmacjdjgmmlaclcgeddepjkkeoojepm\0.3_0\ CHR - Extension: AudioSauna = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae\0.404_0\ CHR - Extension: Until AM for Chrome = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl\0.6.10_0\ CHR - Extension: Ghostery = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\ CHR - Extension: Harvard Referencing = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnbmlbimbgkpnhmfgcmooaedkjnbhbim\1.1_0\ CHR - Extension: deviantART muro = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\namljbfbglehfnlonjmebceimaalofei\1.0_0\ CHR - Extension: Google Wallet = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\ CHR - Extension: Reference.com = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooffafbjcjgjinobbfdgkefebeiodngk\1.5.1_0\ CHR - Extension: ClassDojo = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbinoojbbajacmkigmfnkclhgjnglpon\1.1_0\ CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013/11/04 10:18:55 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [backupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [sMessaging] C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe (Malwarebytes Secure Backup) O4 - HKLM..\Run: [sOSUAUI] C:\Program Files (x86)\Malwarebytes Secure Backup\sosuploadagent.exe (Malwarebytes Secure Backup) O4 - HKU\S-1-5-21-3612959242-1118106964-4219854335-1000..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3612959242-1118106964-4219854335-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3612959242-1118106964-4219854335-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKU\S-1-5-21-3612959242-1118106964-4219854335-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-3612959242-1118106964-4219854335-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F799CB9-9022-429F-8C10-D85C7D7C73BA}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C237FA0-76EA-456E-B480-ED4F4533D5A8}: DhcpNameServer = 192.168.1.254 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/11/07 11:19:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL (1).exe [2013/11/07 10:47:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe [2013/11/06 07:24:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\RK_Quarantine [2013/11/05 05:46:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\VS Revo Group [2013/11/05 05:46:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro [2013/11/05 05:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group [2013/11/05 05:46:02 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys [2013/11/05 05:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2013/11/05 05:39:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2013/11/05 05:36:53 | 001,033,335 | ---- | C] (Thisisu) -- C:\Users\Owner\Desktop\JRT_NEW.exe [2013/11/04 10:20:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/11/04 10:20:53 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013/11/04 07:48:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\com.prezi.PreziDesktop [2013/11/04 07:46:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Prezi Desktop 4 [2013/11/04 07:02:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\desktop clutter [2013/11/04 03:05:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Facebook [2013/11/03 11:23:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\DonationCoder [2013/11/03 11:23:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\DonationCoder [2013/11/03 11:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor [2013/11/03 11:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScreenshotCaptor [2013/11/03 11:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DonationCoder [2013/11/01 04:18:17 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft [2013/10/24 18:29:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Hillary Marek_files [2013/10/19 02:22:30 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013/10/19 02:18:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2 [2013/10/18 07:43:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/10/15 12:48:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\school [2013/10/12 21:59:42 | 000,117,024 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe [2013/10/12 21:59:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\GlarySoft [2013/10/12 21:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 3 [2013/10/12 21:59:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 3 [2013/10/10 02:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva [2013/10/10 02:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva [2013/10/08 22:15:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileHippo.com [2013/10/08 22:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler [2013/10/08 22:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/11/07 12:19:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3612959242-1118106964-4219854335-1000UA.job [2013/11/07 11:47:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/11/07 11:19:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL (1).exe [2013/11/07 10:47:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe [2013/11/07 08:47:02 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/11/07 08:13:09 | 000,763,076 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/11/07 08:13:09 | 000,640,986 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/11/07 08:13:09 | 000,110,534 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/11/07 08:11:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/11/07 04:17:16 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3612959242-1118106964-4219854335-1000Core.job [2013/11/06 14:21:01 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\Malwarebytes Secure Backup - hillarymarek@gmail.com.job [2013/11/06 07:26:35 | 004,012,032 | ---- | M] () -- C:\Users\Owner\Desktop\RogueKillerX64.exe [2013/11/06 02:49:23 | 000,080,301 | ---- | M] () -- C:\Users\Owner\Desktop\hijackthis.png [2013/11/05 13:54:11 | 000,016,976 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/11/05 13:54:11 | 000,016,976 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/11/05 13:51:00 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 3.job [2013/11/05 13:49:43 | 000,000,490 | ---- | M] () -- C:\Windows\tasks\Online Backup Update Notifier.job [2013/11/05 13:46:42 | 2207,281,152 | -HS- | M] () -- C:\hiberfil.sys [2013/11/05 11:02:28 | 000,079,268 | ---- | M] () -- C:\Users\Owner\Desktop\generated (1).pdf [2013/11/05 10:59:25 | 000,064,877 | ---- | M] () -- C:\Users\Owner\Desktop\generated.pdf [2013/11/05 05:46:05 | 000,001,108 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk [2013/11/05 05:46:05 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2013/11/05 05:39:02 | 000,001,275 | ---- | M] () -- C:\Users\Owner\Desktop\Revo Uninstaller.lnk [2013/11/04 10:18:55 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013/11/04 04:05:23 | 000,032,213 | ---- | M] () -- C:\Users\Owner\fullwindow000.png [2013/11/03 11:23:17 | 000,000,058 | ---- | M] () -- C:\Windows\SysWow64\DonationCoder_ScreenshotCaptor_InstallInfo.dat [2013/11/03 11:23:17 | 000,000,058 | ---- | M] () -- C:\Users\Owner\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat [2013/10/31 23:21:02 | 000,001,115 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 3.lnk [2013/10/19 02:21:43 | 000,370,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/10/19 02:20:06 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2013/10/18 23:26:57 | 000,031,978 | ---- | M] () -- C:\Users\Owner\Documents\cc_20131019_002639.reg [2013/10/15 18:47:28 | 001,033,335 | ---- | M] (Thisisu) -- C:\Users\Owner\Desktop\JRT_NEW.exe [2013/10/11 22:50:54 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif [2013/10/08 19:46:34 | 000,117,024 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/11/06 07:26:31 | 004,012,032 | ---- | C] () -- C:\Users\Owner\Desktop\RogueKillerX64.exe [2013/11/06 02:49:23 | 000,080,301 | ---- | C] () -- C:\Users\Owner\Desktop\hijackthis.png [2013/11/05 11:02:27 | 000,079,268 | ---- | C] () -- C:\Users\Owner\Desktop\generated (1).pdf [2013/11/05 10:59:24 | 000,064,877 | ---- | C] () -- C:\Users\Owner\Desktop\generated.pdf [2013/11/05 05:46:05 | 000,001,108 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk [2013/11/05 05:46:05 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2013/11/05 05:39:02 | 000,001,275 | ---- | C] () -- C:\Users\Owner\Desktop\Revo Uninstaller.lnk [2013/11/04 07:47:20 | 000,001,990 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prezi Desktop.lnk [2013/11/04 04:05:23 | 000,032,213 | ---- | C] () -- C:\Users\Owner\fullwindow000.png [2013/11/04 03:14:32 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3612959242-1118106964-4219854335-1000UA.job [2013/11/04 03:14:31 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3612959242-1118106964-4219854335-1000Core.job [2013/11/03 11:23:17 | 000,000,058 | ---- | C] () -- C:\Windows\SysWow64\DonationCoder_ScreenshotCaptor_InstallInfo.dat [2013/11/03 11:23:17 | 000,000,058 | ---- | C] () -- C:\Users\Owner\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat [2013/10/18 23:26:46 | 000,031,978 | ---- | C] () -- C:\Users\Owner\Documents\cc_20131019_002639.reg [2013/10/12 21:59:42 | 000,001,115 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 3.lnk [2013/10/12 21:59:40 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 3.job [2013/10/12 21:59:38 | 000,001,111 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 3.lnk [2013/09/29 17:12:17 | 000,005,326 | ---- | C] () -- C:\Users\Owner\avatar_4480595_b_1363628765.jpg [2013/09/25 03:14:56 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-8VIRUS8-EXE-Microsoft-Windows-7-Home-Premium-(64-bit).dat [2013/09/14 08:46:46 | 000,016,660 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\UserTile.png [2013/08/31 07:21:26 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013/08/31 07:21:26 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013/08/31 07:21:26 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013/08/31 07:21:26 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013/08/31 07:21:26 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013/07/14 10:00:07 | 000,000,245 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2013/07/14 10:00:07 | 000,000,064 | ---- | C] () -- C:\Windows\brpcfx.ini [2013/07/14 09:58:19 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2013/07/14 09:53:39 | 000,003,302 | ---- | C] () -- C:\Windows\BRPARAM.INI [2013/06/21 03:17:02 | 000,007,602 | ---- | C] () -- C:\Users\Owner\AppData\Local\resmon.resmoncfg [2013/06/06 09:08:58 | 000,001,023 | ---- | C] () -- C:\Users\Owner\random icons - Shortcut.lnk [2012/01/10 21:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2012/01/10 21:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2012/01/10 21:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2012/01/10 20:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll ========== ZeroAccess Check ========== [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/11/04 09:51:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Audacity [2013/11/04 07:49:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\com.prezi.PreziDesktop [2013/07/14 14:15:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ControlCenter4 [2013/11/03 11:23:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DonationCoder [2013/08/25 00:03:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Easy BitTorrent Client [2013/10/12 21:59:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GlarySoft [2013/09/17 11:46:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nuance [2013/07/05 08:41:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Oracle [2013/02/28 03:34:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\player [2013/08/25 00:03:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\qBittorrent [2013/08/12 08:03:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SlimCleaner [2013/08/31 18:45:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent [2013/08/08 02:38:48 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Zeon ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34 < End of report > ================================================= oTL Extras logfile created on: 11/7/2013 12:27:01 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16721) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.74 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 59.08% Memory free 5.48 Gb Paging File | 3.64 Gb Available in Paging File | 66.41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 282.99 Gb Total Space | 166.69 Gb Free Space | 58.90% Space Free | Partition Type: NTFS Computer Name: 8VIRUS8-EXE | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{005D9981-AA8F-463D-A29D-E112ADC60771}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{0C114CE6-93EA-4CD5-A5A1-66ADAFA37D89}" = rport=137 | protocol=17 | dir=out | app=system | "{0EC56140-0EBD-43E5-BED8-ADD7B3FB1FEE}" = rport=445 | protocol=6 | dir=out | app=system | "{1AC645EA-92D9-4CEF-A6C6-DE92D217F348}" = lport=138 | protocol=17 | dir=in | app=system | "{1AD7E5FC-1A7B-4A91-8057-9339C826CF7E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2E7F637D-F40A-47AE-BAE5-DE6B2F30C225}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2EF427B5-6E01-4D28-A8F6-392D8D70ACE0}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{38F07D27-D574-443D-BA58-0BE02BAF1A41}" = lport=445 | protocol=6 | dir=in | app=system | "{39F012D2-3A9E-489A-85E0-D2A597C20E84}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{3EE6436D-1387-44F8-B0FB-D4F505DEC768}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{41959996-E6CC-49BE-864D-D8BCD6EB110C}" = lport=2869 | protocol=6 | dir=in | app=system | "{451CEDF8-718E-4AC4-A109-1288637FF944}" = lport=139 | protocol=6 | dir=in | app=system | "{495E36BA-E77C-489E-B5EB-A8D3E16FD063}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{63F14864-95CE-479F-BCBD-AC8CA98CB222}" = lport=137 | protocol=17 | dir=in | app=system | "{73B0D10F-A422-44AF-8960-9DF529DE8977}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8894106D-9B11-4F19-939A-90AB3C6DFB41}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{8ADCD510-29F3-4828-9044-B890D8CF2425}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{8CFAAE7D-6CBD-4142-A5BA-DB8B4CB0B100}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8ED4E5BC-D505-4468-9677-EF78CB8F3B46}" = rport=139 | protocol=6 | dir=out | app=system | "{903456A3-D922-4446-97DD-51ABE26A907B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{90DE953B-0312-4BB4-A246-C17ACBF24343}" = rport=10243 | protocol=6 | dir=out | app=system | "{91043062-AB1E-4FD5-B8EC-47131A5DB5CE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A0C0DF2E-CDE1-4BC0-9156-A36D959E35B1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{B27AD4DF-47E5-42C0-AF85-C53C162D7741}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{B99ADA06-7F1B-45E0-97CF-111F9757A78F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BD97E861-882A-42AB-BF64-B3D0F6E8B81C}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner | "{C03636A9-F735-42CA-A910-F80A17A3CB36}" = rport=138 | protocol=17 | dir=out | app=system | "{C7656AE4-0A84-4FD1-84D7-13AAEAAFF1CE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D5ACAE56-4574-43E2-944C-B1ACDBB7C138}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D79C9E9E-56B4-4E1D-A4D1-BB6F54A2A4AF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D94FC9A2-738E-43D3-91A0-0CD4300161F5}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{DA94EEE5-6748-4479-9C67-497A7F6C8E3F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DB8CD08D-5622-4F67-BBB6-DA85371CF3EE}" = lport=10243 | protocol=6 | dir=in | app=system | "{FD732560-8E6D-4A99-9AFC-00553C805A53}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0EAC01A0-6F58-4A41-A947-B9ED7D1B729C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{28F0EEDC-509F-4653-89F8-0CDFCC413534}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{39A24A6F-0C80-4972-9AF7-6FCBBC8E7522}" = dir=in | app=d:\setup\hpznui40.exe | "{3C0E8742-8087-4234-9AED-CFA1CFD6A4DF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{3D2E325D-2923-4544-B014-E543678C2FBD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3D3E68EE-BC58-4BCD-B58D-985ED374C922}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{3FFF8D99-1C89-428A-AE00-B0A452890EEF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{46D58221-8CA4-4344-AD9E-39BA6B4C4F16}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4932090C-617F-4BC6-86B0-8B1150EC822B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4F1918D7-7BF0-49D5-B19E-083EF2B7EE18}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{5787427A-BB96-488D-8575-3243E20E6181}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{58709A4C-7BC8-4E3E-879A-8832E38514CA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{587BE05C-CEDD-47B4-920C-939F5E74C935}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{666F2A1F-5903-47B3-8E68-52B01246FF95}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{716597EA-4093-4C7A-B3DD-86051D8F36A9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{77700508-DDAE-4665-A8F1-736F0C30250E}" = dir=in | app=c:\users\owner\appdata\local\microsoft\skydrive\skydrive.exe | "{7A50CC67-62A2-4B97-B076-CCA39299BEE9}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{831FD34D-3B53-47EE-A44D-4BF562471CD4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8F8DA828-9213-4487-84F4-0F786C42D39B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{91D7B381-C88E-4569-ADA8-EC934E6D1DC0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | "{96C8C5F3-C987-4FE4-801B-B42002520379}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{9EC9404D-EFDD-4B82-AE42-19C535CD80FD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A4562E1F-5067-42AC-99BE-BEA45275841F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{AFCE27D0-07C0-4D1E-BAEC-41FE06F7B7CB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B95709CA-728D-49EB-8FC5-3DA8DFDB8C82}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | "{C00D63DA-44E6-467A-8287-C81A8FD73603}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{C3ECE241-1CF0-4429-9218-E717212388F1}" = protocol=6 | dir=out | app=system | "{C53DD801-7C61-4A76-9171-624C57993C6B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{F137A96B-256C-476C-B696-B0ED9C10AD9D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{2FD0FA0A-7A21-4C4A-B268-1142B54E035E}" = Windows Live Family Safety "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.7 "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}" = PaperPort Image Printer 64-bit "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D26D58C-3464-4C03-BB61-5695F984EFEF}" = Microsoft Security Client "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer "Defraggler" = Defraggler "Elantech" = ETDWare PS/2-x64 7.0.6.5_WHQL "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "Recuva" = Recuva "Shop for HP Supplies" = Shop for HP Supplies [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0046AD41-374C-43B8-8C75-13C149391CCA}" = Malwarebytes Secure Backup "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera "{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform "{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional "{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery "{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}" = Movie Maker "{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions "{119A44B5-6237-4D56-8424-5DAE70ED3F4E}" = Windows Live UX Platform Language Pack "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{192A227B-A8C8-4C6D-B939-21FAEB007E1E}" = Google Drive "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM) "{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10 "{3DB0448D-AD82-4923-B305-D001E521A964}" = Gateway Power Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer "{5B7F33B3-C72C-4408-8AF9-B855775F51DB}" = Picasa Web Albums Live Publisher "{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials "{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}" = Nero Multimedia Suite 10 Essentials "{6389F199-1D6C-4974-9557-693F9DD48736}" = Windows Live Writer Resources "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE "{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12 "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7881716A-5DA3-4B3F-A3CC-E63676E5CF78}" = Windows Live Messenger "{7C6F0282-3DCD-4A80-95AC-BB298E821C44}" = Windows Live Writer "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management "{7FAE73A4-F0BC-4B65-81CF-52C417383407}" = Prezi Desktop "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89870E0D-9602-41F8-9E83-14F6849346A4}" = Windows Live Mail "{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}" = Photo Gallery "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C6D5C94-386A-4DE7-B99F-523D3F167B9A}" = Windows Live Messenger "{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}" = Brother MFL-Pro Suite MFC-J430W "{A52DB080-D445-49EB-90D2-03B9CD794511}" = Photo Common "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer "{AAF91344-2808-4D6B-9242-FBE5AF79D60A}" = Windows Live Family Safety "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) "{AEFAF1CC-9688-402B-A3E3-7E8F2043874C}" = Windows Live Writer "{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger "{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}" = Movie Maker "{BBFCB394-78EB-45D4-BAC6-809AB1DF5F83}" = Windows Live Mail "{BD12145E-DA08-4D09-91FE-C8D3E8A2D17F}" = Windows Live Family Safety "{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM) "{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail "{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}" = Photo Common "{DE7D8CF9-9C52-4BE0-B3E0-D4F116C524A8}" = Windows Live "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Gateway Updater "{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver "{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}" = Galerie de photos "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM) "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10 "{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app "{FFCF82EC-895F-4AC8-925E-3412FE25EF62}" = Windows Live Writer Resources "Adobe AIR" = Adobe AIR "Audacity_is1" = Audacity 2.0.4 "ESET Online Scanner" = ESET Online Scanner v3 "Gateway Registration" = Gateway Registration "Gateway Welcome Center" = Welcome Center "Glary Utilities 3" = Glary Utilities 3.9.4 "Identity Card" = Identity Card "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Video Web Camera "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Gateway MyBackup "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.SingleImage" = Microsoft Office Home and Student 2010 "Revo Uninstaller" = Revo Uninstaller 1.95 "ScreenshotCaptor_is1" = Screenshot Captor 4.7.2 "Tweaking.com - Simple System Tweaker" = Tweaking.com - Simple System Tweaker "Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One) "WinLiveSuite" = Windows Live Essentials ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3612959242-1118106964-4219854335-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "SkyDriveSetup.exe" = Microsoft SkyDrive ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 10/27/2013 2:51:21 AM | Computer Name = 8virus8-exe | Source = SideBySide | ID = 16842832 Description = Activation context generation failed for "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 10/29/2013 2:11:21 PM | Computer Name = 8virus8-exe | Source = SideBySide | ID = 16842832 Description = Activation context generation failed for "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 11/1/2013 11:59:32 PM | Computer Name = 8virus8-exe | Source = SideBySide | ID = 16842832 Description = Activation context generation failed for "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 11/4/2013 12:10:55 PM | Computer Name = 8virus8-exe | Source = VSS | ID = 18 Description = Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started during Safe Mode. The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c, This service cannot be started in Safe Mode ] Operation: Instantiating VSS server Error - 11/4/2013 12:10:55 PM | Computer Name = 8virus8-exe | Source = VSS | ID = 8193 Description = Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007043c, This service cannot be started in Safe Mode . Operation: Instantiating VSS server Error - 11/4/2013 12:10:55 PM | Computer Name = 8virus8-exe | Source = System Restore | ID = 8193 Description = Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x8007043c). Error - 11/4/2013 7:59:49 PM | Computer Name = 8virus8-exe | Source = SideBySide | ID = 16842832 Description = Activation context generation failed for "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 11/5/2013 1:49:23 PM | Computer Name = 8virus8-exe | Source = Chrome | ID = 1 Description = Error - 11/6/2013 6:37:58 AM | Computer Name = 8virus8-exe | Source = SideBySide | ID = 16842832 Description = Activation context generation failed for "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 11/7/2013 10:48:11 AM | Computer Name = 8virus8-exe | Source = SideBySide | ID = 16842832 Description = Activation context generation failed for "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. [ System Events ] Error - 11/4/2013 6:37:17 PM | Computer Name = 8virus8-exe | Source = DCOM | ID = 10010 Description = Error - 11/4/2013 6:53:28 PM | Computer Name = 8virus8-exe | Source = Service Control Manager | ID = 7003 Description = The Intel® Management & Security Application User Notification Service service depends the following service: LMS. This service might not be installed. Error - 11/5/2013 1:26:42 AM | Computer Name = 8virus8-exe | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. Error - 11/5/2013 1:37:06 AM | Computer Name = 8virus8-exe | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. Error - 11/5/2013 1:37:52 AM | Computer Name = 8virus8-exe | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. Error - 11/5/2013 1:38:22 AM | Computer Name = 8virus8-exe | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. Error - 11/5/2013 1:40:38 AM | Computer Name = 8virus8-exe | Source = EventLog | ID = 6008 Description = The previous system shutdown at 11:38:38 PM on ?11/?4/?2013 was unexpected. Error - 11/5/2013 1:43:07 AM | Computer Name = 8virus8-exe | Source = Service Control Manager | ID = 7003 Description = The Intel® Management & Security Application User Notification Service service depends the following service: LMS. This service might not be installed. Error - 11/5/2013 3:43:50 PM | Computer Name = 8virus8-exe | Source = DCOM | ID = 10010 Description = Error - 11/5/2013 3:49:08 PM | Computer Name = 8virus8-exe | Source = Service Control Manager | ID = 7003 Description = The Intel® Management & Security Application User Notification Service service depends the following service: LMS. This service might not be installed. < End of report >
  11. k long story short. Installed a few apps from chrom, the lst one was last pass, thay is where it became all wonky. facebook froze and said it was infected and boot me. then I cant find lastpass in programs to delete i open up chrome and bang bsod . so here is my hjt log please say you see something i am missing. oh and the startup menue is super slow since last night Logfile of Trend Micro HijackThis v2.0.4Scan saved at 2:56:36 AM, on 11/6/2013Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Unable to get Internet Explorer version!Boot mode: Normal Running processes:C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\ProgramData\FLEXnet\Connect\11\ISUSPM.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exeC:\Program Files (x86)\Launch Manager\LManager.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\Downloads\HijackThis.exeC:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exeC:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exeC:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLLO4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -kO4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exeO4 - HKLM\..\Run: [sOSUAUI] "C:\Program Files (x86)\Malwarebytes Secure Backup\sosuploadagent.exe" -showuiO4 - HKLM\..\Run: [sMessaging] C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exeO4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeO4 - HKCU\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -schedulerO4 - HKCU\..\Run: [bDAB3CD44D7D45EEC58DB422F61BD03E74CADA2F._service_run] "C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe" --type=serviceO4 - HKCU\..\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] "C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-windowO9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exeO23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GREGsvc.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exeO23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 9758 bytes Malwarebytes Anti-Malware (PRO) 1.75.0.1300www.malwarebytes.org Database version: v2013.11.06.03 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16721Owner :: 8VIRUS8-EXE [administrator] Protection: Enabled 11/6/2013 7:20:57 AMmbam-log-2013-11-06 (07-20-57).txt Scan type: Full scan (C:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled: Objects scanned: 363250Time elapsed: 1 hour(s), 11 minute(s), Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end)2013/11/06 02:45:47 -0600 8VIRUS8-EXE Owner MESSAGE Executing scheduled update: Flash Scan | Hourly2013/11/06 02:45:48 -0600 8VIRUS8-EXE Owner ERROR Scheduled update failed: No address found failed with error code 02013/11/06 04:40:35 -0600 8VIRUS8-EXE Owner MESSAGE Executing scheduled update: Flash Scan | Hourly2013/11/06 04:40:45 -0600 8VIRUS8-EXE Owner MESSAGE Scheduled update executed successfully: database updated from version v2013.11.05.04 to version v2013.11.06.032013/11/06 04:40:45 -0600 8VIRUS8-EXE Owner MESSAGE Starting database refresh2013/11/06 04:40:46 -0600 8VIRUS8-EXE Owner MESSAGE Stopping IP protection2013/11/06 04:40:47 -0600 8VIRUS8-EXE Owner MESSAGE IP Protection stopped successfully2013/11/06 04:40:49 -0600 8VIRUS8-EXE Owner MESSAGE Executing scheduled scan: Flash Scan | -terminate2013/11/06 04:40:49 -0600 8VIRUS8-EXE Owner MESSAGE Scheduled scan executed successfully2013/11/06 04:41:11 -0600 8VIRUS8-EXE Owner MESSAGE Database refreshed successfully2013/11/06 04:41:11 -0600 8VIRUS8-EXE Owner MESSAGE Starting IP protection2013/11/06 04:41:16 -0600 8VIRUS8-EXE Owner MESSAGE IP Protection started successfully
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.