Jump to content

whdodge

Members
 View Profile  See their activity

  • Posts

    5

  • Joined

  • Last visited

 Content Type 

Everything posted by whdodge

  1. whdodge
    Results of screen317's Security Check version 0.99.74 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! Kaspersky PURE 3.0 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 29 Java version out of Date! Adobe Flash Player 11.8.800.168 Adobe Reader 10.1.8 Adobe Reader out of Date! Mozilla Firefox (24.0) Google Chrome 29.0.1547.76 Google Chrome 30.0.1599.69 ````````Process Check: objlist.exe by Laurent```````` Kaspersky Lab Kaspersky PURE 3.0 avp.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log``````````````````````
  2. whdodge
    Here is the AdwCleaner report after cleaning... followed by mbam log. I then opened both Firefox and Chrome and they seem back to normal. # AdwCleaner v3.006 - Report created 07/10/2013 at 14:41:24# Updated 01/10/2013 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : Proud Owner - PROUDOWNER-PC# Running from : C:\Users\Proud Owner\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\ConduitFolder Deleted : C:\Program Files (x86)\ConduitFolder Deleted : C:\Program Files (x86)\MyPC Backup Folder Deleted : C:\Program Files (x86)\SearchprotectFolder Deleted : C:\Program Files (x86)\StartNow ToolbarFolder Deleted : C:\Program Files (x86)\Vafmusic2Folder Deleted : C:\Users\Proud Owner\AppData\Local\ConduitFolder Deleted : C:\Users\Proud Owner\AppData\Local\StartNowFolder Deleted : C:\Users\PROUDO~1\AppData\Local\Temp\Desk365Folder Deleted : C:\Users\Proud Owner\AppData\LocalLow\ConduitFolder Deleted : C:\Users\Proud Owner\AppData\LocalLow\Vafmusic2Folder Deleted : C:\Users\Proud Owner\AppData\Roaming\DefaultTabFolder Deleted : C:\Users\Proud Owner\AppData\Roaming\optimizer proFolder Deleted : C:\Users\Proud Owner\AppData\Roaming\SearchprotectFolder Deleted : C:\Users\Proud Owner\AppData\Roaming\StartNow ToolbarFolder Deleted : C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\CT3294791Folder Deleted : C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\Extensions\{7f3f960e-a836-45ca-8911-0accb522246e}Folder Deleted : C:\Users\Proud Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\incfcgceegpikennjoplhfghaaikdgeiFile Deleted : C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\Extensions\addon@defaulttab.com.xpiFile Deleted : C:\ENDFile Deleted : C:\Users\PROUDO~1\AppData\Local\Temp\Uninstall.exeFile Deleted : C:\Users\Proud Owner\Desktop\Optimizer Pro.lnkFile Deleted : C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\searchplugins\Conduit.xml ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\chdboodilddefglllfoimeceomkpmkbiKey Deleted : HKCU\Software\Google\Chrome\Extensions\incfcgceegpikennjoplhfghaaikdgeiKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlcKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.comKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.comKey Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXEKey Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObjectKey Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObjectKey Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.MngrKey Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCSKey Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2612669Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3294791Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F3F960E-A836-45CA-8911-0ACCB522246E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AACF7D0F-FF0C-4849-A7CE-33374F35BFD8}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F3F960E-A836-45CA-8911-0ACCB522246E}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F3F960E-A836-45CA-8911-0ACCB522246E}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AACF7D0F-FF0C-4849-A7CE-33374F35BFD8}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C7089ED-7489-4141-AFB0-C081A4BAF053}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9415DF24-1BCA-4ED1-AFD1-F8BF28DE388C}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7F3F960E-A836-45CA-8911-0ACCB522246E}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7F3F960E-A836-45CA-8911-0ACCB522246E}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7F3F960E-A836-45CA-8911-0ACCB522246E}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\b1.orgKey Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\DefaultTabKey Deleted : HKCU\Software\ZugoKey Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKCU\Software\AppDataLow\ToolbarKey Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopesKey Deleted : HKCU\Software\AppDataLow\Software\smartbarKey Deleted : HKCU\Software\AppDataLow\Software\Vafmusic2Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKLM\Software\b1.orgKey Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\DefaultTabKey Deleted : HKLM\Software\SaltarSmartKey Deleted : HKLM\Software\SearchProtectKey Deleted : HKLM\Software\StartNow ToolbarKey Deleted : HKLM\Software\Vafmusic2Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow ToolbarKey Deleted : [x64] HKLM\SOFTWARE\b1.orgKey Deleted : [x64] HKLM\SOFTWARE\DomaIQKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaltarSmartData Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16686 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page Restore] -\\ Mozilla Firefox v24.0 (en-US) [ File : C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\prefs.js ] Line Deleted : user_pref("CT3294791.FF19Solved", "true");Line Deleted : user_pref("CT3294791.UserID", "UN62005762623989149");Line Deleted : user_pref("CT3294791.browser.search.defaultthis.engineName", "true");Line Deleted : user_pref("CT3294791.fullUserID", "UN62005762623989149.IN.20130930012630");Line Deleted : user_pref("CT3294791.installDate", "30/09/2013 01:26:30");Line Deleted : user_pref("CT3294791.installSessionId", "{657EB95D-FB93-46E8-BE92-0EA2BB4092B9}");Line Deleted : user_pref("CT3294791.installSp", "TRUE");Line Deleted : user_pref("CT3294791.installerVersion", "1.7.1.4");Line Deleted : user_pref("CT3294791.keyword", "true");Line Deleted : user_pref("CT3294791.originalSearchEngine", "Bing");Line Deleted : user_pref("CT3294791.originalSearchEngineName", "Bing");Line Deleted : user_pref("CT3294791.searchRevert", "false");Line Deleted : user_pref("CT3294791.searchUserMode", "2");Line Deleted : user_pref("CT3294791.smartbar.homepage", "true");Line Deleted : user_pref("CT3294791.versionFromInstaller", "10.20.1.8");Line Deleted : user_pref("CT3294791.xpeMode", "0");Line Deleted : user_pref("browser.search.defaultenginename", "Vafmusic2 Customized Web Search");Line Deleted : user_pref("browser.search.defaultthis.engineName", "Vafmusic2 Customized Web Search");Line Deleted : user_pref("browser.search.selectedEngine", "Vafmusic2 Customized Web Search");Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3294791");Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3294791");Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3294791");Line Deleted : user_pref("smartbar.machineId", "SA8QCUMBDLTWUUS/P8BSDSA75YYJ72MMITNMXZUHQ7WI5ZPFRUTBXJRVP7K5NHAATAUYUDB9GQ/4D1TH4IAXAA"); -\\ Google Chrome v [ File : C:\Users\Proud Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepageDeleted : icon_urlDeleted : search_urlDeleted : suggest_urlDeleted : keywordDeleted : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [13535 octets] - [07/10/2013 13:28:02]AdwCleaner[s0].txt - [12617 octets] - [07/10/2013 14:41:24] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [12678 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.10.07.12 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16686Proud Owner :: PROUDOWNER-PC [administrator] 10/7/2013 3:10:10 PMmbam-log-2013-10-07 (15-10-10).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 256967Time elapsed: 3 minute(s), 47 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 1C:\Users\Proud Owner\AppData\Local\Temp\installdt.tmp (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully. Files Detected: 1C:\Users\Proud Owner\AppData\Local\Temp\installdt.tmp\DefaultTab.xpi (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully. (end)
  3. whdodge
    MrC Windows Defender is now disabled. When I run Firefox or Chrome I get strange pop-ups... sounds like adware? Here's the AdwCleaner report... I have not pressed the "clean" button yet... # AdwCleaner v3.006 - Report created 07/10/2013 at 13:28:02# Updated 01/10/2013 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : Proud Owner - PROUDOWNER-PC# Running from : C:\Users\Proud Owner\Desktop\AdwCleaner.exe# Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\ENDFile Found : C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\Extensions\addon@defaulttab.com.xpiFile Found : C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\searchplugins\Conduit.xmlFile Found : C:\Users\Proud Owner\Desktop\Optimizer Pro.lnkFile Found : C:\Users\PROUDO~1\AppData\Local\Temp\Uninstall.exeFile Found : C:\Users\PROUDO~1\AppData\Local\Temp\Uninstall.exeFile Found : C:\Users\PROUDO~1\AppData\Local\Temp\Uninstall.exeFile Found : C:\Users\PROUDO~1\AppData\Local\Temp\Uninstall.exeFile Found : C:\Users\PROUDO~1\AppData\Local\Temp\Uninstall.exeFolder Found : C:\Users\Proud Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\incfcgceegpikennjoplhfghaaikdgeiFolder Found : C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\Extensions\{7f3f960e-a836-45ca-8911-0accb522246e}Folder Found C:\Program Files (x86)\ConduitFolder Found C:\Program Files (x86)\MyPC BackupFolder Found C:\Program Files (x86)\MyPC Backup Folder Found C:\Program Files (x86)\SearchprotectFolder Found C:\Program Files (x86)\StartNow ToolbarFolder Found C:\Program Files (x86)\Vafmusic2Folder Found C:\ProgramData\ConduitFolder Found C:\Users\Proud Owner\AppData\Local\ConduitFolder Found C:\Users\Proud Owner\AppData\Local\StartNowFolder Found C:\Users\Proud Owner\AppData\LocalLow\ConduitFolder Found C:\Users\Proud Owner\AppData\LocalLow\Vafmusic2Folder Found C:\Users\Proud Owner\AppData\Roaming\DefaultTabFolder Found C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\CT3294791Folder Found C:\Users\Proud Owner\AppData\Roaming\optimizer proFolder Found C:\Users\Proud Owner\AppData\Roaming\SearchprotectFolder Found C:\Users\Proud Owner\AppData\Roaming\StartNow ToolbarFolder Found C:\Users\PROUDO~1\AppData\Local\Temp\Desk365Folder Found C:\Users\PROUDO~1\AppData\Local\Temp\Desk365Folder Found C:\Users\PROUDO~1\AppData\Local\Temp\Desk365Folder Found C:\Users\PROUDO~1\AppData\Local\Temp\Desk365Folder Found C:\Users\PROUDO~1\AppData\Local\Temp\Desk365 ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLLKey Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Found : HKCU\Software\AppDataLow\Software\ConduitKey Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopesKey Found : HKCU\Software\AppDataLow\Software\smartbarKey Found : HKCU\Software\AppDataLow\Software\Vafmusic2Key Found : HKCU\Software\AppDataLow\ToolbarKey Found : HKCU\Software\b1.orgKey Found : HKCU\Software\ConduitKey Found : HKCU\Software\DefaultTabKey Found : HKCU\Software\Google\Chrome\Extensions\incfcgceegpikennjoplhfghaaikdgeiKey Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F3F960E-A836-45CA-8911-0ACCB522246E}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.comKey Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.comKey Found : HKCU\Software\ZugoKey Found : [x64] HKCU\Software\b1.orgKey Found : [x64] HKCU\Software\ConduitKey Found : [x64] HKCU\Software\DefaultTabKey Found : [x64] HKCU\Software\ZugoKey Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Found : HKLM\Software\b1.orgKey Found : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}Key Found : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}Key Found : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLLKey Found : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXEKey Found : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Found : HKLM\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F3F960E-A836-45CA-8911-0ACCB522246E}Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : HKLM\SOFTWARE\Classes\CLSID\{AACF7D0F-FF0C-4849-A7CE-33374F35BFD8}Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}Key Found : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}Key Found : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObjectKey Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2612669Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3294791Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObjectKey Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1Key Found : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}Key Found : HKLM\SOFTWARE\Classes\ZGClnt.MngrKey Found : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1Key Found : HKLM\Software\ConduitKey Found : HKLM\Software\DefaultTabKey Found : HKLM\SOFTWARE\Google\Chrome\Extensions\chdboodilddefglllfoimeceomkpmkbiKey Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlcKey Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C7089ED-7489-4141-AFB0-C081A4BAF053}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9415DF24-1BCA-4ED1-AFD1-F8BF28DE388C}Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F3F960E-A836-45CA-8911-0ACCB522246E}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AACF7D0F-FF0C-4849-A7CE-33374F35BFD8}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow ToolbarKey Found : HKLM\Software\SaltarSmartKey Found : HKLM\Software\SearchProtectKey Found : HKLM\Software\StartNow ToolbarKey Found : HKLM\Software\Vafmusic2Key Found : [x64] HKLM\SOFTWARE\b1.orgKey Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}Key Found : [x64] HKLM\SOFTWARE\DomaIQKey Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaltarSmartValue Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7F3F960E-A836-45CA-8911-0ACCB522246E}]Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7F3F960E-A836-45CA-8911-0ACCB522246E}]Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7F3F960E-A836-45CA-8911-0ACCB522246E}] ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16686 -\\ Mozilla Firefox v24.0 (en-US) [ File : C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\prefs.js ] Line Found : user_pref("CT3294791.FF19Solved", "true");Line Found : user_pref("CT3294791.UserID", "UN62005762623989149");Line Found : user_pref("CT3294791.browser.search.defaultthis.engineName", "true");Line Found : user_pref("CT3294791.fullUserID", "UN62005762623989149.IN.20130930012630");Line Found : user_pref("CT3294791.installDate", "30/09/2013 01:26:30");Line Found : user_pref("CT3294791.installSessionId", "{657EB95D-FB93-46E8-BE92-0EA2BB4092B9}");Line Found : user_pref("CT3294791.installSp", "TRUE");Line Found : user_pref("CT3294791.installerVersion", "1.7.1.4");Line Found : user_pref("CT3294791.keyword", "true");Line Found : user_pref("CT3294791.originalSearchEngine", "Bing");Line Found : user_pref("CT3294791.originalSearchEngineName", "Bing");Line Found : user_pref("CT3294791.searchRevert", "false");Line Found : user_pref("CT3294791.searchUserMode", "2");Line Found : user_pref("CT3294791.smartbar.homepage", "true");Line Found : user_pref("CT3294791.versionFromInstaller", "10.20.1.8");Line Found : user_pref("CT3294791.xpeMode", "0");Line Found : user_pref("browser.search.defaultenginename", "Vafmusic2 Customized Web Search");Line Found : user_pref("browser.search.defaultthis.engineName", "Vafmusic2 Customized Web Search");Line Found : user_pref("browser.search.selectedEngine", "Vafmusic2 Customized Web Search");Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3294791");Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3294791");Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3294791");Line Found : user_pref("smartbar.machineId", "SA8QCUMBDLTWUUS/P8BSDSA75YYJ72MMITNMXZUHQ7WI5ZPFRUTBXJRVP7K5NHAATAUYUDB9GQ/4D1TH4IAXAA"); -\\ Google Chrome v [ File : C:\Users\Proud Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ] Found : homepageFound : icon_urlFound : search_urlFound : suggest_urlFound : keywordFound : urls_to_restore_on_startupFound : homepageFound : search_urlFound : urls_to_restore_on_startupFound : homepageFound : icon_urlFound : search_urlFound : suggest_urlFound : keywordFound : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [13337 octets] - [07/10/2013 13:28:02] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13398 octets] ##########
  4. whdodge
    RogueKiller V8.7.1 _x64_ [Oct 3 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Proud Owner [Admin rights] Mode : Scan -- Date : 10/07/2013 09:12:55 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 3 ¤¤¤ [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - WDC WD1002FAEX-00Y9A0 ATA Device +++++ --- User --- [MBR] ba9ef1bc510187704b8f815698b56753 [bSP] 05eb8174c41ef18034f134a5f0b6ffb4 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_10072013_091255.txt >>
  5. whdodge
    I'm posting DDS.txt and Attach.txt as instructed. Please help. Thanks. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 1.6.0_29Run by Proud Owner at 10:20:32 on 2013-10-06Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16361.12068 [GMT -7:00].AV: Kaspersky PURE 3.0 *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}SP: Kaspersky PURE 3.0 *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Kaspersky PURE 3.0 *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exeC:\Windows\system32\IProsetMonitor.exeC:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files (x86)\CyberLink\Shared files\RichVideo.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Encore\ENUWI-N4 Wireless USB Adapter\WlanWpsSvc.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\WUDFHost.exeC:\Windows\system32\taskhost.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Microsoft IntelliPoint\ipoint.exeC:\Program Files (x86)\ASUS Bluetooth Suite\BtvStack.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exeC:\Program Files (x86)\Steam\Steam.exeC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files\Encore\ENUWI-N4 Wireless USB Adapter\WlanCU.exeC:\Users\Proud Owner\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEC:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exeC:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exeC:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exeC:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.acC:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exeC:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Common Files\Steam\SteamService.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Users\Proud Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files (x86)\Safari\Safari.exeC:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXEC:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXEC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Windows\splwow64.exeC:\Windows\notepad.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uSearch Bar = PreserveuURLSearchHooks: Vafmusic2 Toolbar: {7f3f960e-a836-45ca-8911-0accb522246e} - C:\Program Files (x86)\Vafmusic2\prxtbVafm.dllmURLSearchHooks: Vafmusic2 Toolbar: {7f3f960e-a836-45ca-8911-0accb522246e} - C:\Program Files (x86)\Vafmusic2\prxtbVafm.dllmWinlogon: Userinit = userinit.exe,BHO: AutorunsDisabled - <orphaned>BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dllBHO: Kaspersky Passsword Manager Toolbar: {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dllBHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dllBHO: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dllBHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllBHO: Vafmusic2 Toolbar: {7f3f960e-a836-45ca-8911-0accb522246e} - C:\Program Files (x86)\Vafmusic2\prxtbVafm.dllBHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dllTB: RadioPI: {92926B63-5116-4C6F-A33E-378767B8D15F} - TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllTB: RadioPI: {92926b63-5116-4c6f-a33e-378767b8d15f} - TB: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllTB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dllTB: Kaspersky Passsword Manager Toolbar: {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dllTB: Vafmusic2 Toolbar: {7f3f960e-a836-45ca-8911-0accb522246e} - C:\Program Files (x86)\Vafmusic2\prxtbVafm.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllEB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dlluRun: [Google Update] "C:\Users\Proud Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silentuRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exeuRun: [spotify Web Helper] "C:\Users\Proud Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunuRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exeuRun: [spotify] "C:\Users\Proud Owner\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostartmRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"mRun: [MDS_Menu] "C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -smRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"mRun: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXEmRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [NCUpdateHelper] C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"StartupFolder: C:\Users\PROUDO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Proud Owner\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\Users\PROUDO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\IMVU.lnk - C:\Users\Proud Owner\AppData\Roaming\IMVUClient\IMVUQualityAgent.exeStartupFolder: C:\Users\PROUDO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEStartupFolder: C:\Users\PROUDO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files\Encore\ENUWI-N4 Wireless USB Adapter\WlanCU.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:95mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htmIE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 192.168.0.1TCP: Interfaces\{0695F37D-663C-438E-8A89-320E46FDAE9A} : DHCPNameServer = 192.168.33.1TCP: Interfaces\{1AB29D57-ECE2-4747-8CA8-2D0613E12920} : DHCPNameServer = 192.168.0.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllSSODL: WebCheck - <orphaned>mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dllx64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllx64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dllx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"x64-Run: [AtherosBtStack] C:\Program Files (x86)\ASUS Bluetooth Suite\BtvStack.exex64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll.INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\FF - prefs.js: browser.search.selectedEngine - Vafmusic2 Customized Web SearchFF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dllFF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dllFF - plugin: C:\Users\Proud Owner\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dllFF - ExtSQL: 2013-09-27 19:47; firefox@saltarsmart.biz; C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\extensions\firefox@saltarsmart.biz.xpiFF - ExtSQL: 2013-09-30 01:25; addon@defaulttab.com; C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\extensions\addon@defaulttab.com.xpiFF - ExtSQL: 2013-09-30 01:26; {7f3f960e-a836-45ca-8911-0accb522246e}; C:\Users\Proud Owner\AppData\Roaming\Mozilla\Firefox\Profiles\z7miy6ej.default\extensions\{7f3f960e-a836-45ca-8911-0accb522246e}FF - ExtSQL: !HIDDEN! 2011-11-07 11:32; 4effxtbr@RadioPI_4e.com; C:\Program Files (x86)\RadioPI_4e\bar\1.bin.============= SERVICES / DRIVERS ===============.R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\drivers\CSCrySec.sys [2013-4-26 84536]R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-11-22 303408]R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\drivers\CSVirtualDiskDrv.sys [2013-4-26 66616]R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2011-3-10 29488]R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-10-18 54368]R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2011/09/08 14:51:01];C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [2009-8-28 146928]R2 avp;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -r [?]R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2011-9-8 133800]R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-9-11 14997280]R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-9-16 3273088]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-9-12 414496]R2 WlanWpsSvc;WlanWpsSvc;C:\Program Files\Encore\ENUWI-N4 Wireless USB Adapter\WlanWpsSvc.exe [2011-11-18 167936]R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2009-10-20 25088]R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-9-3 29016]R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-9-3 29528]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-9 80384]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-9 181248]R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-9-11 39200]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]S3 Andbus;LGE Android Platform Composite USB Device;C:\Windows\System32\drivers\lgandbus64.sys [2011-12-25 19456]S3 AndDiag;LGE Android Platform USB Serial Port;C:\Windows\System32\drivers\lganddiag64.sys [2011-12-25 27648]S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\Windows\System32\drivers\lgandgps64.sys [2011-12-25 27136]S3 ANDModem;LGE Android Platform USB Modem;C:\Windows\System32\drivers\lgandmodem64.sys [2011-12-25 34304]S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2009-10-21 31744]S3 AthDfu;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2009-7-25 47616]S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2009-10-23 329728]S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2009-10-22 240128]S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2009-10-21 126976]S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2009-10-22 57344]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-10-5 130976]S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2011-11-18 664576]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-10 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464].=============== File Associations ===============.ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\dreamweaver.exe", "%1".=============== Created Last 30 ================.2013-10-04 10:15:11 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBFB0E9B-B570-4F58-937F-2C52479FA976}\mpengine.dll2013-10-03 22:52:37 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-10-03 22:52:37 -------- d-----w- C:\Program Files\iTunes2013-10-03 22:52:37 -------- d-----w- C:\Program Files\iPod2013-10-03 22:52:37 -------- d-----w- C:\Program Files (x86)\iTunes2013-10-01 15:02:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll2013-10-01 15:02:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll2013-10-01 15:02:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll2013-10-01 15:02:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll2013-10-01 15:02:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll2013-09-30 08:28:11 -------- d-----w- C:\Program Files\Uninstaller2013-09-30 08:27:04 -------- d-----w- C:\Program Files (x86)\SearchProtect2013-09-30 08:26:58 -------- d-----w- C:\ProgramData\Conduit2013-09-30 08:26:55 -------- d-----w- C:\Program Files (x86)\Vafmusic22013-09-30 08:26:36 -------- d-----w- C:\Users\Proud Owner\AppData\Local\CRE2013-09-30 08:26:31 -------- d-----w- C:\Users\Proud Owner\AppData\Roaming\SearchProtect2013-09-30 08:26:10 -------- d-----w- C:\Users\Proud Owner\AppData\Roaming\Optimizer Pro2013-09-30 08:25:53 -------- d-----w- C:\Users\Proud Owner\AppData\Roaming\DefaultTab2013-09-30 08:25:48 -------- d-----w- C:\Program Files (x86)\MyPC Backup2013-09-12 10:07:12 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-09-12 08:17:50 571168 ----a-w- C:\Windows\SysWow64\nvStreaming.exe2013-09-11 15:59:02 -------- d-----w- C:\Users\Proud Owner\AppData\Local\Blizzard Entertainment2013-09-11 15:25:54 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys2013-09-11 15:25:54 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll2013-09-11 15:25:54 28448 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll2013-09-11 15:25:46 -------- d-----w- C:\Users\Proud Owner\AppData\Local\NVIDIA2013-09-11 15:21:00 1832224 ----a-w- C:\Windows\System32\nvdispco6432049.dll2013-09-11 15:21:00 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432049.dll.==================== Find3M ====================.2013-10-04 20:18:20 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-10-04 20:18:20 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-09-12 07:25:43 6599968 ----a-w- C:\Windows\System32\nvcpl.dll2013-09-12 07:25:43 3452192 ----a-w- C:\Windows\System32\nvsvc64.dll2013-09-12 07:25:40 920864 ----a-w- C:\Windows\System32\nvvsvc.exe2013-09-12 07:25:40 63776 ----a-w- C:\Windows\System32\nvshext.dll2013-09-12 07:25:40 219424 ----a-w- C:\Windows\System32\nvmctray.dll2013-09-11 22:06:31 3361114 ----a-w- C:\Windows\System32\nvcoproc.bin2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys2013-08-07 11:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-07-15 15:35:02 90208 ----a-w- C:\Windows\System32\drivers\klflt.sys2013-07-15 15:35:02 54368 ----a-w- C:\Windows\System32\drivers\kltdi.sys2013-07-15 15:35:02 178448 ----a-w- C:\Windows\System32\drivers\kneps.sys2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll.============= FINISH: 10:20:52.11 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1Install Date: 9/8/2011 1:26:07 PMSystem Uptime: 10/6/2013 8:39:29 AM (2 hours ago).Motherboard: ASUSTeK Computer INC. | | SABERTOOTH P67Processor: Intel® Core i7-2600 CPU @ 3.40GHz | LGA1155 | 3401/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 931 GiB total, 689.722 GiB free.D: is CDROM ()E: is CDROM ()F: is RemovableG: is RemovableH: is RemovableI: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP262: 9/22/2013 2:04:00 PM - Windows UpdateRP263: 9/27/2013 9:30:31 AM - Windows UpdateRP264: 10/1/2013 8:46:15 AM - Windows Update.==== Installed Programs ======================.7-Zip 9.20 (x64 edition)Add or Remove Adobe Creative Suite 3 Master CollectionAdobe Acrobat 8 ProfessionalAdobe After Effects CS3Adobe After Effects CS3 PresetsAdobe Anchor Service CS3Adobe Asset Services CS3Adobe Bridge CS3Adobe Bridge Start MeetingAdobe BridgeTalk Plugin CS3Adobe Camera Raw 4.0Adobe CMapsAdobe Color - Photoshop SpecificAdobe Color Common SettingsAdobe Color EU Extra SettingsAdobe Color JA Extra SettingsAdobe Color NA Recommended SettingsAdobe Contribute CS3Adobe Creative Suite 3 Master CollectionAdobe Default Language CS3Adobe Device Central CS3Adobe Dreamweaver CS3Adobe Encore CS3Adobe Encore CS3 CodecsAdobe ExtendScript Toolkit 2Adobe Extension Manager CS3Adobe Fireworks CS3Adobe Flash CS3Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Flash Video EncoderAdobe Fonts AllAdobe Help Viewer CS3Adobe Illustrator CS3Adobe InDesign CS3Adobe InDesign CS3 Icon HandlerAdobe Linguistics CS3Adobe MotionPicture Color FilesAdobe PDF Library FilesAdobe Photoshop CS3Adobe Premiere Pro CS3Adobe Premiere Pro CS3 Functional ContentAdobe Premiere Pro CS3 Third Party ContentAdobe Reader X (10.1.8)Adobe SetupAdobe SING CS3Adobe Soundbooth CS3Adobe Soundbooth CS3 CodecsAdobe Stock Photos CS3Adobe Type SupportAdobe Update Manager CS3Adobe Version Cue CS3 ClientAdobe Version Cue CS3 ServerAdobe Video ProfilesAdobe WAS CS3Adobe WinSoft Linguistics PluginAdobe XMP DVA Panels CS3Adobe XMP Panels CS3AHV content for Acrobat and FlashAionAmazon MP3 Downloader 1.0.17Apple Application SupportApple Mobile Device SupportApple Software UpdateArcSoft Panorama Maker 5Bluetooth Suite (64)BonjourCyberLink BD Advisor 2.0CyberLink Blu-ray Disc SuiteCyberLink LabelPrintCyberLink MediaShowCyberLink Power2GoCyberLink PowerDVD 8CyberLink PowerProducerDefinition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDMUninstallerDon't StarveDropboxDungeons & Dragons Online ®: Eberron Unlimited ™ v01.17.01.801ENUWI-N4 Wireless USB AdapterExpress BurnFirestorm-Release (remove only)Futuremark SystemInfoGeForce Experience NvStream Client ComponentsGoogle ChromeGoogle EarthGoogle Toolbar for Internet ExplorerGoogle Update HelperiCloudIntel® Management Engine ComponentsIntel® Network Connections 15.6.25.0iTunesJava Auto UpdaterJava 6 Update 29JMicron JMB36X DriverKaspersky PURE 3.0League of LegendsLG Tool KitLG United Mobile DriverLightScribe System SoftwareMagickaMalwarebytes Anti-Malware version 1.75.0.1300marvell 91xx driverMicrosoft .NET Framework 1.1Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft .NET Framework 4 Multi-Targeting PackMicrosoft Application Error ReportingMicrosoft Expression Blend 3 SDKMicrosoft Expression Blend 4Microsoft Expression Blend SDK for .NET 4Microsoft Expression Blend SDK for Silverlight 4Microsoft Expression Design 4Microsoft Expression Encoder 4 ProMicrosoft Expression Encoder 4 Screen Capture CodecMicrosoft Expression Studio 4Microsoft Expression Web 4Microsoft Expression Web 4 Service Pack 2Microsoft IntelliPoint 8.2Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Single Image 2010Microsoft Office Word MUI (English) 2010Microsoft Silverlight 3 SDKMicrosoft Silverlight 4 SDKMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft XNA Framework Redistributable 3.1Mozilla Firefox 24.0 (x86 en-US)Mozilla Maintenance ServiceMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)NCSOFT Game LauncherNikon Message Center 2Nikon Movie EditorNVIDIA 3D Vision Controller Driver 326.01NVIDIA 3D Vision Driver 327.23NVIDIA Alien vs. Triangles demoNVIDIA Control Panel 327.23NVIDIA Endless City demoNVIDIA GeForce Experience 1.6.1NVIDIA Graphics Driver 327.23NVIDIA HD Audio Driver 1.3.26.4NVIDIA Install ApplicationNVIDIA PhysXNVIDIA PhysX System Software 9.13.0725NVIDIA Stereoscopic 3D DriverNVIDIA Update 8.3.14NVIDIA Update ComponentsNVIDIA Virtual Audio 1.2.5OpenOffice.org 3.3Orcs Must Die! 2Pando Media BoosterPDF SettingsPicture Control UtilityPixillion Image ConverterQuickTimeRealtek High Definition Audio DriverRenesas Electronics USB 3.0 Host Controller DriverSafariSaltarSmart 1.0.0Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft Excel 2010 (KB2760597) 32-Bit EditionSecurity Update for Microsoft Expression Design 4 (KB2667730)Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687276) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687510) 32-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2794707) 32-Bit EditionSecurity Update for Microsoft Publisher 2010 (KB2553147) 32-Bit EditionSecurity Update for Microsoft Visio 2010 (KB2810068) 32-Bit EditionSecurity Update for Microsoft Word 2010 (KB2760769) 32-Bit EditionSHIELD StreamingSingularity (remove only)Skype Click to CallSkype™ 6.7SpotifyStartNow ToolbarSteamThe Elder Scrolls V: SkyrimTorchlight IITotal War: SHOGUN 2Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2494150)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553157) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589370) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598242) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687503) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760758) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2767886) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionViewNX 2VLC media player 1.1.11WinampWinamp Detector Plug-inWindows Driver Package - Realtek Semiconductor Corp. (RTL8192su) Net (08/15/2009 1085.7.0815.2009)World of WarcraftWPF Toolkit February 2010 (Version 3.5.50211.1).==== Event Viewer Messages From Past Week ========.9/30/2013 12:41:36 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.9/30/2013 12:41:36 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.9/30/2013 1:26:11 AM, Error: Service Control Manager [7030] - The DefaultTabSearch service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.10/1/2013 8:17:08 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.10/1/2013 1:21:22 PM, Error: Service Control Manager [7034] - The Computer Backup (MyPC Backup) service terminated unexpectedly. It has done this 1 time(s)..==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.