Jump to content

viewerx

Honorary Members
  • Posts

    35
  • Joined

  • Last visited

Everything posted by viewerx

  1. On The G+ platform I had asked mostly for information, not a fix, about an Avast pop-up that said if I let it disable certain apps and disable certain settings I would get a faster running PC. It did not allow to see which exact apps and settings it was wanting to mess with. I never do anything without having an idea of what is going on. There was some interesting back and forth as to what this meant and then there is this (names left out for legal reasons): " if your (sic) are getting the pop up you are infected, end of story. that is called forceware and will never go away unless you listen to me. Sorry[name of computer service that responded] you are out of your league here you know not ofwhat you speak. Both Malwarebytes, and Avhast (sic) have been compromised by my friends.[his friends - hackers? cute name for viruses?] If you use them you are vulnerable. Also setting your computer back to factory specs only pisses off the malware and then it will delete your files. I have seen it hundreds of times. If you do not do as I instruct you will forever have issues. Malware today as opposed to yesterday 1900s is designed to not slow down your computer so that you dont want to clean it out. There is a ton of it and forceware is one of them. This is forceware, ya didnt ask for it ya didnt want it but yet its there. I am the ONLY US Qualified tech that can eradicate it and show you how to keep it out forever. lets see someone else make that claim cause i hold the patent and ill show you for free just to screw over the computer company that screwed you by including malware on your system when you bought it." I responded that a search for Forceware only showed connections to NVIDIA and that it was weird that after 3 years and a swapped out internal HDD it should pop up now. In earlier comments I had said I had no problems. So, 100& bs, misguided mix of possibles, or, do we have but one perfect computer genius who can save us all from the factory built-in "forcewares"? Thanks. Should I have posted this in the fun and giggles forum?
  2. Re: java. I know we set a java environment. I just checked about:plugins and Java is not in the list. No need to disable.
  3. Everything cleaned up well. I try not to use JAVA. Is it better to have it in the system but disabled in Chrome, or, to just uninstall it? I'd like to save the set-up .exe of Windows Clean up and re-title it Use Once A year. New and only Restore Point created.
  4. Hi, I did a registry back up as I knew I have problems with restoring to restore points. (I had not planned to restore back to problem time, I was just passing info about my not relying on Restore Points.) AND: I just did a test in the PowerDirector 8 and it works just fine now! Thank you, thank you, sir! It was a pleasure working with you. I hope that you have a good day!!
  5. Quotes: I did. I copy pasted all that was there in each line. ??? Re: restore point: I had tried to restore to a poit several months ago and got a vague error (an 8 an X and lots of 00). I say vague as I could not find a definition on Google. I talked with the IT guy at the local Library and he suggested I flash the BIOS. I read up on it - went to HP page - followed instructions until I was to click the link to Software and Drivers for BIOS update and the link took me to Drivers. No BIOS info. I did a search of Update BIOS and it lead me to the 1st page I had linked away from. ??? No flashed BIOS. Can't restore. No reply from HP Forum. About to use Windows all in one. Posting this info now.
  6. I used copy and paste. The 1st line changed the C:\Windows\System... to C:\ProgramFiles... but when I add the 2nd line it just goes back to C:\ProgramFiles... when I push Enter ??
  7. A) I hope that whatever has kept you busy is merely tedious not any real problems. B) several months ago I thought my HDD was dying and bought a new one. The problem transferred to the new one and I discovered the problem was due to Bloatware that came with my WD My passport backup. (For 3 years I had no backup at all. Just got this 2 months earlier) SmartWare. I looked on Google and people hated it. Deleted it and am now using Windows back to My Passport. So, I have a 'clean' HDD that I can re-swap. The old one can be Restored to Factory Setting for possible use in the future.
  8. RE: PD8 Power Director> Properties>advanced> Current Name: SYSTEM Changed to: ...Current Name: Owner(Owner-PC\Owner) Other boxes with "Permissions" included: Owner(Owner-PC\User) PD8 after = no change. At Cyberlink the 1st idea was to not to add MENU. I never use MENU, so nothing in it is the problem.
  9. Unless they are synergistic with other things I need I do not care about Office Errors. What does this mean in English?: Error: (11/10/2013 06:56:53 PM) (Source: Application Error)(User: ) Description: PDR8.exe8.0.0.19304a71b564EvoParser.dll1.0.1.5214a150a8ec00000050000b06b14b001cede786f778648C:\Program Files (x86)\Cyberlink\PowerDirector\PDR8.exeC:\Program Files (x86)\Cyberlink\PowerDirector\BigBang\EvoParser.dll273843a8-4a6c-11e3-90d9-7071bc0b0b5a
  10. Ran FarBar and copied Error log: No sign of Aspi32. Next most common is the AMD64 vs X86 _microsoft.windows.common-controls. To my semi-ignorant eyes looks like a processor vs a control command??????? I hope we find the item that is messing with my PowerDirector 8. Something done this past few days did it in. I know we will find it eventually, but, some of my video editing is piling up. 8-) ==================== Event log errors: ========================= Application errors:==================Error: (11/11/2013 01:17:35 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/10/2013 06:56:53 PM) (Source: Application Error) (User: )Description: Faulting application name: PDR8.exe, version: 8.0.0.1930, time stamp: 0x4a71b564Faulting module name: EvoParser.dll, version: 1.0.1.521, time stamp: 0x4a150a8eException code: 0xc0000005Fault offset: 0x0000b06bFaulting process id: 0x14b0Faulting application start time: 0xPDR8.exe0Faulting application path: PDR8.exe1Faulting module path: PDR8.exe2Report Id: PDR8.exe3 Error: (11/10/2013 04:50:42 AM) (Source: Windows Backup) (User: )Description: The backup was not successful. The error is: Windows Backup skipped backing up system image because one of the critical volumes is not having enough free space. Free up some space by deleting unnecessary files and try again. (0x81000033). Error: (11/10/2013 01:56:34 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/09/2013 07:28:21 PM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/09/2013 04:34:51 PM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/09/2013 01:50:50 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/08/2013 06:47:38 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 11:54:33 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 11:54:26 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors:=============Error: (11/11/2013 01:42:54 PM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Error: (11/11/2013 00:32:59 PM) (Source: Ntfs) (User: )Description: The default transaction resource manager on volume \\?\Volume{33493cc4-4542-11df-93f7-806e6f6e6963} encountered a non-retryable error and could not start. The data contains the error code. Error: (11/11/2013 00:09:09 PM) (Source: Ntfs) (User: )Description: The default transaction resource manager on volume \\?\Volume{33493cc4-4542-11df-93f7-806e6f6e6963} encountered a non-retryable error and could not start. The data contains the error code. Error: (11/11/2013 03:21:32 AM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Error: (11/10/2013 06:39:27 PM) (Source: DCOM) (User: )Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding740{B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE} Error: (11/09/2013 07:33:24 PM) (Source: Service Control Manager) (User: )Description: The Update BatBrowse service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (11/09/2013 04:50:08 PM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load: ASPI32 Error: (11/09/2013 04:49:35 PM) (Source: Ntfs) (User: )Description: The default transaction resource manager on volume \\?\Volume{33493cc4-4542-11df-93f7-806e6f6e6963} encountered a non-retryable error and could not start. The data contains the error code. Error: (11/09/2013 04:49:34 PM) (Source: Application Popup) (User: )Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (11/09/2013 02:59:43 AM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Microsoft Office Sessions:=========================Error: (11/11/2013 01:17:35 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (11/10/2013 06:56:53 PM) (Source: Application Error)(User: )Description: PDR8.exe8.0.0.19304a71b564EvoParser.dll1.0.1.5214a150a8ec00000050000b06b14b001cede786f778648C:\Program Files (x86)\Cyberlink\PowerDirector\PDR8.exeC:\Program Files (x86)\Cyberlink\PowerDirector\BigBang\EvoParser.dll273843a8-4a6c-11e3-90d9-7071bc0b0b5a Error: (11/10/2013 04:50:42 AM) (Source: Windows Backup)(User: )Description: Windows Backup skipped backing up system image because one of the critical volumes is not having enough free space. Free up some space by deleting unnecessary files and try again. (0x81000033) Error: (11/10/2013 01:56:34 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (11/09/2013 07:28:21 PM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\esetsmartinstaller_enu.exe Error: (11/09/2013 04:34:51 PM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\esetsmartinstaller_enu.exe Error: (11/09/2013 01:50:50 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (11/08/2013 06:47:38 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (11/07/2013 11:54:33 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\esetsmartinstaller_enu.exe Error: (11/07/2013 11:54:26 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\esetsmartinstaller_enu.exe CodeIntegrity Errors:=================================== Date: 2013-11-07 21:39:41.110 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-07 21:39:40.639 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  11. I keep wondering why any FF info should still be in my PC. MiniToolBox by Farbar Version: 13-07-2013Ran by Owner (administrator) on 11-11-2013 at 02:12:08Running from "C:\Users\Owner\Desktop"Microsoft Windows 7 Home Premium Service Pack 1 (X64)Boot Mode: Normal*************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is not enabled.No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== "Reset FF Proxy Settings": Firefox Proxy settings were reset. ========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Connected) # ----------------------------------# IPv4 Configuration# ----------------------------------pushd interface ipv4 resetset global icmpredirects=enabled popd# End of IPv4 configuration Windows IP Configuration Host Name . . . . . . . . . . . . : Owner-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : siemens Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : siemens Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet Physical Address. . . . . . . . . : 70-71-BC-0B-0B-5A DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::c9a1:c1b0:dc46:5a8c%10(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Saturday, November 09, 2013 4:49:44 PM Lease Expires . . . . . . . . . . : Monday, November 11, 2013 4:49:44 PM Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DHCPv6 IAID . . . . . . . . . . . : 242250172 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-53-3D-61-70-71-BC-0B-0B-5A DNS Servers . . . . . . . . . . . : 192.168.1.1 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter isatap.siemens: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : siemens Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter 6TO4 Adapter: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft 6to4 Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Teredo Tunneling Pseudo-Interface: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:62:3f78:beba:1592(Preferred) Link-local IPv6 Address . . . . . : fe80::62:3f78:beba:1592%11(Preferred) Default Gateway . . . . . . . . . : :: NetBIOS over Tcpip. . . . . . . . : DisabledServer: my.siemensAddress: 192.168.1.1 Name: google.comAddresses: 2607:f8b0:4000:809::1004 74.125.227.166 74.125.227.169 74.125.227.163 74.125.227.168 74.125.227.161 74.125.227.165 74.125.227.164 74.125.227.167 74.125.227.174 74.125.227.160 74.125.227.162 Pinging google.com [74.125.227.166] with 32 bytes of data:Reply from 74.125.227.166: bytes=32 time=30ms TTL=55Reply from 74.125.227.166: bytes=32 time=30ms TTL=55 Ping statistics for 74.125.227.166: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 30ms, Maximum = 30ms, Average = 30msServer: my.siemensAddress: 192.168.1.1 Name: yahoo.comAddresses: 98.139.183.24 98.138.253.109 206.190.36.45 Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=97ms TTL=49Reply from 98.139.183.24: bytes=32 time=108ms TTL=49 Ping statistics for 98.139.183.24: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 97ms, Maximum = 108ms, Average = 102ms Pinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================Interface List 10...70 71 bc 0b 0b 5a ......NVIDIA nForce 10/100 Mbps Ethernet 1...........................Software Loopback Interface 1 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface=========================================================================== IPv4 Route Table===========================================================================Active Routes:Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.2 276 192.168.1.2 255.255.255.255 On-link 192.168.1.2 276 192.168.1.255 255.255.255.255 On-link 192.168.1.2 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.2 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.2 276===========================================================================Persistent Routes: None IPv6 Route Table===========================================================================Active Routes: If Metric Network Destination Gateway 11 58 ::/0 On-link 1 306 ::1/128 On-link 11 58 2001::/32 On-link 11 306 2001:0:9d38:6ab8:62:3f78:beba:1592/128 On-link 10 276 fe80::/64 On-link 11 306 fe80::/64 On-link 11 306 fe80::62:3f78:beba:1592/128 On-link 10 276 fe80::c9a1:c1b0:dc46:5a8c/128 On-link 1 306 ff00::/8 On-link 11 306 ff00::/8 On-link 10 276 ff00::/8 On-link===========================================================================Persistent Routes: None========================= Winsock entries ===================================== Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors:==================Error: (11/11/2013 01:17:35 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/10/2013 06:56:53 PM) (Source: Application Error) (User: )Description: Faulting application name: PDR8.exe, version: 8.0.0.1930, time stamp: 0x4a71b564Faulting module name: EvoParser.dll, version: 1.0.1.521, time stamp: 0x4a150a8eException code: 0xc0000005Fault offset: 0x0000b06bFaulting process id: 0x14b0Faulting application start time: 0xPDR8.exe0Faulting application path: PDR8.exe1Faulting module path: PDR8.exe2Report Id: PDR8.exe3 Error: (11/10/2013 04:50:42 AM) (Source: Windows Backup) (User: )Description: The backup was not successful. The error is: Windows Backup skipped backing up system image because one of the critical volumes is not having enough free space. Free up some space by deleting unnecessary files and try again. (0x81000033). Error: (11/10/2013 01:56:34 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/09/2013 07:28:21 PM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/09/2013 04:34:51 PM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/09/2013 01:50:50 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/08/2013 06:47:38 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 11:54:33 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 11:54:26 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors:=============Error: (11/10/2013 06:39:27 PM) (Source: DCOM) (User: )Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding740{B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE} Error: (11/09/2013 07:33:24 PM) (Source: Service Control Manager) (User: )Description: The Update BatBrowse service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (11/09/2013 04:50:08 PM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load: ASPI32 Error: (11/09/2013 04:49:35 PM) (Source: Ntfs) (User: )Description: The default transaction resource manager on volume \\?\Volume{33493cc4-4542-11df-93f7-806e6f6e6963} encountered a non-retryable error and could not start. The data contains the error code. Error: (11/09/2013 04:49:34 PM) (Source: Application Popup) (User: )Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (11/09/2013 02:59:43 AM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system. Error: (11/08/2013 06:18:42 PM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load: ASPI32 Error: (11/08/2013 06:18:04 PM) (Source: Ntfs) (User: )Description: The default transaction resource manager on volume \\?\Volume{33493cc4-4542-11df-93f7-806e6f6e6963} encountered a non-retryable error and could not start. The data contains the error code. Error: (11/08/2013 06:18:03 PM) (Source: Application Popup) (User: )Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (11/08/2013 00:30:57 PM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load: ASPI32 Microsoft Office Sessions:=========================Error: (11/11/2013 01:17:35 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (11/10/2013 06:56:53 PM) (Source: Application Error)(User: )Description: PDR8.exe8.0.0.19304a71b564EvoParser.dll1.0.1.5214a150a8ec00000050000b06b14b001cede786f778648C:\Program Files (x86)\Cyberlink\PowerDirector\PDR8.exeC:\Program Files (x86)\Cyberlink\PowerDirector\BigBang\EvoParser.dll273843a8-4a6c-11e3-90d9-7071bc0b0b5a Error: (11/10/2013 04:50:42 AM) (Source: Windows Backup)(User: )Description: Windows Backup skipped backing up system image because one of the critical volumes is not having enough free space. Free up some space by deleting unnecessary files and try again. (0x81000033) Error: (11/10/2013 01:56:34 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (11/09/2013 07:28:21 PM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\esetsmartinstaller_enu.exe Error: (11/09/2013 04:34:51 PM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\esetsmartinstaller_enu.exe Error: (11/09/2013 01:50:50 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (11/08/2013 06:47:38 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (11/07/2013 11:54:33 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\esetsmartinstaller_enu.exe Error: (11/07/2013 11:54:26 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\esetsmartinstaller_enu.exe CodeIntegrity Errors:=================================== Date: 2013-11-07 21:39:41.110 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-07 21:39:40.639 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. =========================== Installed Programs ============================ Adobe AIR (Version: 3.9.0.1030)Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)Adobe Photoshop Elements 7.0 (Version: 7.0)Adobe Photoshop Elements 7.0 (Version: 7.0.0.3)Adobe Reader X (10.1.7) (Version: 10.1.7)Alien Skin Blow Up 2Alien Skin Snap Art 3Apple Software Update (Version: 2.1.0.110)ATT-RC Self Support ToolAudacity 1.2.6avast! Free Antivirus (Version: 8.0.1497.0)AviSynth 2.5BambooBing Bar (Version: 7.0.850.0)BurnAware Free 6.6CCleaner (Version: 3.11)CDisplay 1.8Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)CyberLink DVD Suite Deluxe (Version: 7.0.2115)CyberLink PowerDirector (Version: 8.0.1930)DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)DivX Setup (Version: 2.6.1.22)Download Accelerator Manager (Version: 4.5.17)Duplicate Cleaner Free 3.1.4 (Version: 3.1.4)DVD Menu Pack for HP MediaSmart Video (Version: 3.1.3224)DVD Shrink 3.2DVDFab 9.0.7.2 Final (Version: 9.0.7.2)DVDFab Passkey 8.1.0.4 (04/09/2013)ERUNT 1.1jESET Online Scanner v3FFmpeg v0.6.2 for AudacityFree FLV Converter V 7.5.0 (Version: 7.5.0.0)Free RAR Extract Frog (Version: 2.70)Free YouTube Downloader 3.5.176Google Chrome (Version: 30.0.1599.101)Google Drive (Version: 1.12.5329.1887)Google Earth Plug-in (Version: 7.1.1.1888)Google Talk Plugin (Version: 4.2.1.14031)Google Update Helper (Version: 1.3.21.165)Grabber2k v0.99e (Version: Grabber2k v0.99e)Hardware Diagnostic Tools (Version: 6.0.5247.34)Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)HP Advisor (Version: 3.3.9512.3162)HP Customer Experience Enhancements (Version: 6.0.1.7)HP MediaSmart DVD (Version: 3.1.3317)HP MediaSmart Music/Photo/Video (Version: 3.1.3422)HP MediaSmart SmartMenu (Version: 3.1.0.1)HP MediaSmart/TouchSmart Netflix (Version: 1.0.2.0)HP Product Detection (Version: 11.14.0001)HP Remote Solution (Version: 1.1.11.0)HP Setup (Version: 1.2.3560.3170)HP Support Assistant (Version: 7.0.39.15)HP Update (Version: 5.001.000.014)Hulu Desktop (Version: 0.9.9)Ideal DVD Copy V4.1.2Java 7 Update 45 (64-bit) (Version: 7.0.450)K-Lite Codec Pack 9.4.0 (Full) (Version: 9.4.0)LabelPrint (Version: 2.5.2017)LightScribe System Software (Version: 1.18.8.1)Luminance HDR 2.2.0Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)Media Player Codec Pack 4.2.3 (Version: 4.2.3)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)Microsoft .NET Framework 4 Extended (Version: 4.0.30319)Microsoft Live Search Toolbar (Version: 3.0.566.0)Microsoft Silverlight (Version: 5.1.20913.0)Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Works (Version: 9.7.0621)Morpheus Photo Animation Suite v3.11Movie Theme Pack for HP MediaSmart Video (Version: 3.1.3310)MSN (Version: 10.00.0588.0)MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)NVIDIA Display Control Panel (Version: 6.14.11.9739)NVIDIA Drivers (Version: 1.10.58.36)PeaZip 4.4PeaZip UNACE plugin 1PlayReady PC Runtime amd64 (Version: 1.3.0)Power2Go (Version: 6.0.3304)PVSonyDll (Version: 1.00.0001)QuickTime (Version: 7.50.61.0)Realtek High Definition Audio Driver (Version: 6.0.1.6196)RealUpgrade 1.1 (Version: 1.1.0)Recovery Manager (Version: 5.5.2216)SmartSound Quicktracks Plugin (Version: 3.0.3.0)SpeedFan (remove only)StreamTransport version: 1.0.2.2171Topaz Adjust 4 (64-bit) (Version: 4.0.0)Topaz Adjust 4 (Version: 4.0.0)Topaz Simplify 3 (64-bit) (Version: 3.0.0)Topaz Simplify 3 (Version: 3.0.0)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)USB Modem (Version: 2.0.21.0)VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)Vimicro USB2.0 UVC PC Camera (Version: 2010.03.02)WD Drive Utilities (Version: 1.0.0)WD Security (Version: 1.0.3.3)WD SES Driver Setup (Version: 1.0.0)WebTablet IE Plugin (Version: 1.1.0.4)WebTablet Netscape Plugin (Version: 1.1.0.3)Windows Live Sync (Version: 14.0.8089.726)WinPcap 4.1.2 (Version: 4.1.0.2001) ========================= Devices: ================================ Name: Winsock IFS DriverDescription: Winsock IFS DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: ws2ifsl Name: UMBus EnumeratorDescription: UMBus EnumeratorClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: umbus Name: System CMOS/real time clockDescription: System CMOS/real time clockClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: Link-Layer Topology Discovery ResponderDescription: Link-Layer Topology Discovery ResponderClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: rspndr Name: PCI standard PCI-to-PCI bridgeDescription: PCI standard PCI-to-PCI bridgeClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: pci Name: Standard Enhanced PCI to USB Host ControllerDescription: Standard Enhanced PCI to USB Host ControllerClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbehci Name: msisadrvDescription: msisadrvClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: msisadrv Name: Ancillary Function Driver for WinsockDescription: Ancillary Function Driver for WinsockClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: AFD Name: User Mode Driver Frameworks Platform DriverDescription: User Mode Driver Frameworks Platform DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: WudfPf Name: Security DriverDescription: Security DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: secdrv Name: System boardDescription: System boardClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: UMBus EnumeratorDescription: UMBus EnumeratorClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: umbus Name: TOSHIBA DT01ACA050 SCSI Disk DeviceDescription: Disk driveClass Guid: {4d36e967-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard disk drives)Service: disk Name: XAudioDescription: XAudioClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: XAudio Name: USB Composite DeviceDescription: USB Composite DeviceClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbccgp Name: speedfanDescription: speedfanClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: speedfan Name: Motherboard resourcesDescription: Motherboard resourcesClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: Generic volume shadow copyDescription: Generic volume shadow copyClass Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}Manufacturer: MicrosoftService: Name: NDIS System DriverDescription: NDIS System DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: NDIS Name: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: PCI standard PCI-to-PCI bridgeDescription: PCI standard PCI-to-PCI bridgeClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: pci Name: Microsoft System Management BIOS DriverDescription: Microsoft System Management BIOS DriverClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: mssmbios Name: PCI standard PCI-to-PCI bridgeDescription: PCI standard PCI-to-PCI bridgeClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: pci Name: Motherboard resourcesDescription: Motherboard resourcesClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: HID-compliant deviceDescription: HID-compliant deviceClass Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}Manufacturer: (Standard system devices)Service: Name: USB Root HubDescription: USB Root HubClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhub Name: Security Processor Loader DriverDescription: Security Processor Loader DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: spldr Name: Bitlocker Drive Encryption Filter DriverDescription: Bitlocker Drive Encryption Filter DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: fvevol Name: NDProxyDescription: NDProxyClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: NDProxy Name: Motherboard resourcesDescription: Motherboard resourcesClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: Webcam C110Description: USB Video DeviceClass Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Manufacturer: MicrosoftService: usbvideo Name: WAN Miniport (IKEv2)Description: WAN Miniport (IKEv2)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: RasAgileVpn Name: Generic Audio Product USB DeviceDescription: Disk driveClass Guid: {4d36e967-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard disk drives)Service: disk Name: USB Input DeviceDescription: USB Input DeviceClass Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}Manufacturer: (Standard system devices)Service: HidUsb Name: aswRdrDescription: aswRdrClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: aswRdr Name: USB Root HubDescription: USB Root HubClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhub Name: HTTPDescription: HTTPClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: HTTP Name: Numeric data processorDescription: Numeric data processorClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: USB Mass Storage DeviceDescription: USB Mass Storage DeviceClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: Compatible USB storage deviceService: USBSTOR Name: Generic volume shadow copyDescription: Generic volume shadow copyClass Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}Manufacturer: MicrosoftService: Name: Generic volumeDescription: Generic volumeClass Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}Manufacturer: MicrosoftService: volsnap Name: AMD Athlon II X2 215 ProcessorDescription: AMD ProcessorClass Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}Manufacturer: Advanced Micro DevicesService: AmdPPM Name: Generic volume shadow copyDescription: Generic volume shadow copyClass Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}Manufacturer: MicrosoftService: Name: WAN Miniport (L2TP)Description: WAN Miniport (L2TP)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: Rasl2tp Name: aswRvrtDescription: aswRvrtClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: aswRvrt Name: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: WD SES DeviceDescription: WD SES DeviceClass Guid: {8496e87e-c0a1-4102-9d8d-bd9a9b8b07a9}Manufacturer: Western Digital TechnologiesService: WDC_SAM Name: Hardware Policy DriverDescription: Hardware Policy DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: hwpolicy Name: PCI standard PCI-to-PCI bridgeDescription: PCI standard PCI-to-PCI bridgeClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: pci Name: PCI standard RAM ControllerDescription: PCI standard RAM ControllerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: ACPI FanDescription: ACPI FanClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: Webcam C110Description: Webcam C110Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}Manufacturer: LogitechService: usbaudio Name: NETBTDescription: NETBTClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: NetBT Name: WAN Miniport (Network Monitor)Description: WAN Miniport (Network Monitor)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: NdisWan Name: Generic volume shadow copyDescription: Generic volume shadow copyClass Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}Manufacturer: MicrosoftService: Name: ACPI Power ButtonDescription: ACPI Power ButtonClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: NetGroup Packet Filter DriverDescription: NetGroup Packet Filter DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: NPF Name: WAN Miniport (IP)Description: WAN Miniport (IP)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: NdisWan Name: aswSPDescription: aswSPClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: aswSP Name: HID-compliant consumer control deviceDescription: HID-compliant consumer control deviceClass Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}Manufacturer: MicrosoftService: Name: Generic volumeDescription: Generic volumeClass Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}Manufacturer: MicrosoftService: volsnap Name: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: PCI standard RAM ControllerDescription: PCI standard RAM ControllerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: NVIDIA nForce Serial ATA ControllerDescription: NVIDIA nForce Serial ATA ControllerClass Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}Manufacturer: NVIDIA CorporationService: nvstor64 Name: Generic- Multi-Card USB DeviceDescription: Disk driveClass Guid: {4d36e967-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard disk drives)Service: disk Name: WAN Miniport (IPv6)Description: WAN Miniport (IPv6)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: NdisWan Name: avast! Network Shield SupportDescription: avast! Network Shield SupportClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: aswTdi Name: AMD Athlon II X2 215 ProcessorDescription: AMD ProcessorClass Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}Manufacturer: Advanced Micro DevicesService: AmdPPM Name: TCP/IP Protocol DriverDescription: TCP/IP Protocol DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: Tcpip Name: NSI proxy service driver.Description: NSI proxy service driver.Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: nsiproxy Name: ACPI Thermal ZoneDescription: ACPI Thermal ZoneClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: aswVmmDescription: aswVmmClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: aswVmm Name: WAN Miniport (PPPOE)Description: WAN Miniport (PPPOE)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: RasPppoe Name: TCP/IP Registry CompatibilityDescription: TCP/IP Registry CompatibilityClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: tcpipreg Name: KSecDDDescription: KSecDDClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: KSecDD Name: Generic USB HubDescription: Generic USB HubClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Generic USB Hub)Service: usbhub Name: MY AUDIODescription: Audio Product Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}Manufacturer: Generic Service: WUDFRd Name: HID-compliant mouseDescription: HID-compliant mouseClass Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: mouhid Name: G:\Description: Multi-Card Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}Manufacturer: Generic-Service: WUDFRd Name: Microsoft ACPI-Compliant SystemDescription: Microsoft ACPI-Compliant SystemClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: ACPI Name: Generic volumeDescription: Generic volumeClass Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}Manufacturer: MicrosoftService: volsnap Name: BeepDescription: BeepClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: Beep Name: KSecPkgDescription: KSecPkgClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: KSecPkg Name: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: Generic volumeDescription: Generic volumeClass Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}Manufacturer: MicrosoftService: volsnap Name: NetIO Legacy TDI Support DriverDescription: NetIO Legacy TDI Support DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: tdx Name: NVIDIA nForce PCI System ManagementDescription: NVIDIA nForce PCI System ManagementClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: NVIDIAService: Name: USB Mass Storage DeviceDescription: USB Mass Storage DeviceClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: Compatible USB storage deviceService: USBSTOR Name: WAN Miniport (PPTP)Description: WAN Miniport (PPTP)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: PptpMiniport Name: NVIDIA nForce Serial ATA ControllerDescription: NVIDIA nForce Serial ATA ControllerClass Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}Manufacturer: NVIDIA CorporationService: nvstor64 Name: NullDescription: NullClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: Null Name: Link-Layer Topology Discovery Mapper I/O DriverDescription: Link-Layer Topology Discovery Mapper I/O DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: lltdio Name: WAN Miniport (SSTP)Description: WAN Miniport (SSTP)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: RasSstp Name: ACPI Fixed Feature ButtonDescription: ACPI Fixed Feature ButtonClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: USB Composite DeviceDescription: USB Composite DeviceClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbccgp Name: Performance Counters for Windows DriverDescription: Performance Counters for Windows DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: pcw Name: USB Mass Storage DeviceDescription: USB Mass Storage DeviceClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: Compatible USB storage deviceService: USBSTOR Name: VgaSaveDescription: VgaSaveClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: VgaSave Name: Generic volumeDescription: Generic volumeClass Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}Manufacturer: MicrosoftService: volsnap Name: HP 2009 Series Wide LCD MonitorDescription: HP 2009 Series Wide LCD MonitorClass Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}Manufacturer: HPService: monitor Name: Terminal Server Keyboard DriverDescription: Terminal Server Keyboard DriverClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: TermDD Name: PEAUTHDescription: PEAUTHClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: PEAUTH Name: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: HID-compliant deviceDescription: HID-compliant deviceClass Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}Manufacturer: (Standard system devices)Service: Name: Programmable interrupt controllerDescription: Programmable interrupt controllerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: NVIDIA nForce 10/100 Mbps Ethernet Description: NVIDIA nForce Networking ControllerClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: NVIDIAService: NVNET Name: Generic volumeDescription: Generic volumeClass Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}Manufacturer: MicrosoftService: volsnap Name: Microsoft 6to4 AdapterDescription: Microsoft 6to4 AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnel Name: Common Log (CLFS)Description: Common Log (CLFS)Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: CLFS Name: Terminal Server Mouse DriverDescription: Terminal Server Mouse DriverClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: TermDD Name: Mount Point ManagerDescription: Mount Point ManagerClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: mountmgr Name: Microsoft ISATAP AdapterDescription: Microsoft ISATAP AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnel Name: System timerDescription: System timerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: CNGDescription: CNGClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: CNG Name: Plug and Play Software Device EnumeratorDescription: Plug and Play Software Device EnumeratorClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: swenum Name: Realtek High Definition AudioDescription: Realtek High Definition AudioClass Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}Manufacturer: RealtekService: IntcAzAudAddService Name: Dynamic Volume ManagerDescription: Dynamic Volume ManagerClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: volmgrx Name: Windows Firewall Authorization DriverDescription: Windows Firewall Authorization DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: mpsdrv Name: Microsoft ISATAP Adapter #2Description: Microsoft ISATAP AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnel Name: HID-compliant deviceDescription: HID-compliant deviceClass Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}Manufacturer: (Standard system devices)Service: Name: USB Input DeviceDescription: USB Input DeviceClass Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}Manufacturer: (Standard system devices)Service: HidUsb Name: QoS Packet SchedulerDescription: QoS Packet SchedulerClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: Psched Name: UMBus Root Bus EnumeratorDescription: UMBus Root Bus EnumeratorClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: umbus Name: High precision event timerDescription: High precision event timerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnel Name: NVIDIA GeForce 6150SE nForce 430 Description: NVIDIA GeForce 6150SE nForce 430 Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}Manufacturer: NVIDIA Service: nvlddmkm Name: High Definition Audio ControllerDescription: High Definition Audio ControllerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: HDAudBus Name: Storage volumesDescription: Storage volumesClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: volsnap Name: Microsoft Virtual Drive Enumerator DriverDescription: Microsoft Virtual Drive Enumerator DriverClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: vdrvroot Name: System Attribute CacheDescription: System Attribute CacheClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: discache Name: ACPI x64-based PCDescription: ACPI x64-based PCClass Guid: {4d36e966-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard computers)Service: \Driver\ACPI_HAL Name: Direct memory access controllerDescription: Direct memory access controllerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: Wacom MouseDescription: Wacom MouseClass Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}Manufacturer: Wacom TechnologyService: mouhid Name: Volume ManagerDescription: Volume ManagerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: volmgr Name: Remote Access IPv6 ARP DriverDescription: Remote Access IPv6 ARP DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: Wanarpv6 Name: RDPCDDDescription: RDPCDDClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: RDPCDD Name: File as Volume DriverDescription: File as Volume DriverClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: blbdrive Name: LDDM Graphics SubsystemDescription: LDDM Graphics SubsystemClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: DXGKrnl Name: hp CDDVDW TS-H653R SCSI CdRom DeviceDescription: CD-ROM DriveClass Guid: {4d36e965-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard CD-ROM drives)Service: cdrom Name: Kernel Mode Driver Frameworks serviceDescription: Kernel Mode Driver Frameworks serviceClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: Wdf01000 Name: Composite Bus EnumeratorDescription: Composite Bus EnumeratorClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: CompositeBus Name: PCI standard ISA bridgeDescription: PCI standard ISA bridgeClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: msisadrv Name: Standard OpenHCD USB Host ControllerDescription: Standard OpenHCD USB Host ControllerClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbohci Name: RDP Encoder Mirror DriverDescription: RDP Encoder Mirror DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: RDPENCDD Name: HID-compliant deviceDescription: HID-compliant deviceClass Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}Manufacturer: (Standard system devices)Service: Name: System speakerDescription: System speakerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: Name: USB Input DeviceDescription: USB Input DeviceClass Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}Manufacturer: (Standard system devices)Service: HidUsb Name: WFP Lightweight FilterDescription: WFP Lightweight FilterClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: WfpLwf Name: Wacom Virtual Hid DriverDescription: Wacom Virtual Hid DriverClass Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}Manufacturer: WacomService: wacomvhid Name: Reflector Display Driver used to gain access to graphics dataDescription: Reflector Display Driver used to gain access to graphics dataClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: RDPREFMP Name: HID Keyboard DeviceDescription: HID Keyboard DeviceClass Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard keyboards)Service: kbdhid Name: PCI busDescription: PCI busClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: pci Name: WD My Passport 0748 USB DeviceDescription: Disk driveClass Guid: {4d36e967-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard disk drives)Service: disk ========================= Memory info: =================================== Percentage of memory in use: 63%Total physical RAM: 3838.49 MBAvailable physical RAM: 1386.46 MBTotal Pagefile: 7675.16 MBAvailable Pagefile: 4587.45 MBTotal Virtual: 4095.88 MBAvailable Virtual: 3963.31 MB ========================= Partitions: ===================================== 1 Drive c: (HP) (Fixed) (Total:454.69 GB) (Free:120.07 GB) NTFS2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.95 GB) (Free:1.6 GB) NTFS3 Drive e: (MY AUDIO) (Removable) (Total:3.93 GB) (Free:3.73 GB) FAT326 Drive h: (My Passport) (Fixed) (Total:465.73 GB) (Free:173.17 GB) NTFS ========================= Users: ======================================== User accounts for \\OWNER-PC Administrator Guest Owner ========================= Minidump Files ================================== No minidump file found **** End of log **** 2 AM I'll be back tomorrow. Thanks.
  12. "Cannot find the C:\VEW.txt file. Do you want to create a new one?" An untitled notepad opened along with this prompt box. I clicked Yes, the prompt box closed and I waited. I then checked C: drive and found nothing to do with VEW. I repeated and clicked No and it just closed the box. I had just been wanting to tie up any errors for the health of the PC. I now find that my PowerDirector 8 by CyberLink will no longer burn VOB logs to folders nor will it burn to DVD-rw. Something was removed or mangled in our cleaning process. I have used that prog every week or 2 for a long time. I have un installed and re installed that program with no change. I have left a message at the CyberLink forum. Passing all info I have to this one.
  13. "life" took longer. 8-) Uploaded IE to be able to re-install Chrome. Un-installed Chrome. Ran JavaRa. Installed Chrome. No sign of Spigot!!!! (Imported bookmarks lost this page??!!) Thank you!!!! Ron, could you point me to where I could get help addressing a few things that showed in errors? "Activation conflict......./AMD64 microsoft... vs ..../X86 microsoft..." Failure to load ASPI 32. "Controller error ...\harddisk1\DR1" (CHLDSK do anything for this?) Thanks,
  14. 2 pm and I have a few hours of 'life' to deal with. Thanks, later.
  15. I use Chrome. Once more into the breech! 8-) # AdwCleaner v3.011 - Report created 08/11/2013 at 12:23:37# Updated 03/11/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Owner - OWNER-PC# Running from : C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\AdwCleaner.exe# Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS ***** [ Browsers ] ***** -\\ Internet Explorer v0.0.0.0 -\\ Mozilla Firefox v [ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.default\prefs.js ] -\\ Google Chrome v30.0.1599.101 [ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [7392 octets] - [07/11/2013 00:48:53]AdwCleaner[R1].txt - [989 octets] - [08/11/2013 12:23:37]AdwCleaner[s0].txt - [7439 octets] - [07/11/2013 00:50:14] ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1108 octets] ########## Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 211485Time elapsed: 4 minute(s), 40 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013Ran by Owner (administrator) on OWNER-PC on 08-11-2013 12:44:39Running from C:\Users\Owner\DesktopWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 8Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe(CyberLink) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [PC-Doctor for Windows localizer] - C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-16] (PC-Doctor, Inc.)HKLM\...\RunOnce: [PCDrProfiler] - "C:\Program Files\PC-Doctor for Windows\RunProfiler.exe" -r [89584 2009-09-16] (PC-Doctor, Inc.)HKCU\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)HKCU\...\Run: [DVDFab Passkey] - C:\Program Files (x86)\DVDFab Passkey\DVDFabPasskey.exe [1419296 2013-09-04] (Fengtao Software Inc.)HKLM-x32\...\Run: [hpsysdrv] - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe [54576 2008-12-08] (Hewlett-Packard)HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-30] (AVAST Software)HKLM-x32\...\Run: [updatePDRShortCut] - C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO-x32: Tensons.Application.DownloadAcceleratorManager.BHO - {00000003-1118-11da-8cd6-0800200c9888} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No FileTcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.defaultFF DefaultSearchEngine: YahooFF SelectedSearchEngine: YahooFF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No FileFF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)FF Extension: dam - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.default\Extensions\dam@tensons.comFF Extension: torntv - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.default\Extensions\torntv@torntv.com.xpiFF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 Chrome: =======CHR HomePage: https://www.facebook.com/?ref=tn_tnmnCHR RestoreOnStartup: "hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ch", "https://www.facebook.com/?ref=tn_tnmn"CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)CHR Plugin: (Google Talk Plugin) - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)CHR Plugin: (Java Platform SE 7 U40) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No FileCHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\Windows\SysWOW64\npDeployJava1.dll No FileCHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (Search by Image (by Google)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.5.0_0CHR Extension: (avast! Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0CHR Extension: (Hide Highlighted Posts) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmofgiembeapimonljnndbnjagdhfae\1.3_0CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0CHR Extension: (Google Reader) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx ==================== Services (Whitelisted) ================= R2 AcfXAudioService; C:\Windows\SysWOW64\ACFXAU64.dll [436736 2009-04-28] (Conexant Systems, Inc.)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2009-10-22] (Alcatel-Lucent)R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2009-04-17] ()S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)S4 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127784 2009-11-23] (Wacom Technology, Corp.) ==================== Drivers (Whitelisted) ==================== S3 acfva; C:\Windows\System32\DRIVERS\ACFVA64.sys [123008 2009-09-02] (Conexant Systems Inc.)S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()S3 dgcfltr; C:\Windows\System32\DRIVERS\ACFDCP64.sys [34944 2009-04-28] (Conexant Systems, Inc.)R3 dvdfab; C:\Windows\System32\drivers\dvdfab.sys [79232 2011-08-15] (Fengtao Software Inc.)R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)S3 MODEMCSA; C:\Windows\system32\drivers\MODEMCSA.sys [24064 2009-07-13] (Microsoft Corporation)S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [202112 2010-04-29] (Vimicro Corporation)S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2009-04-28] (Conexant Systems, Inc.)U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)S3 catchme; \??\C:\ComboFix\catchme.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-08 12:44 - 2013-11-08 12:44 - 00000000 ____D C:\FRST2013-11-08 12:42 - 2013-11-08 12:43 - 01957098 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe2013-11-08 12:30 - 2013-11-08 12:30 - 00001020 _____ C:\Windows\PFRO.log2013-11-07 22:00 - 2013-11-07 22:00 - 00023105 _____ C:\ComboFix.txt2013-11-07 21:31 - 2013-11-07 22:00 - 00000000 ____D C:\Qoobox2013-11-07 21:31 - 2011-06-26 00:45 - 00256000 _____ C:\Windows\PEV.exe2013-11-07 21:31 - 2010-11-07 11:20 - 00208896 _____ C:\Windows\MBR.exe2013-11-07 21:31 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2013-11-07 21:31 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2013-11-07 21:31 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2013-11-07 21:31 - 2000-08-30 18:00 - 00098816 _____ C:\Windows\sed.exe2013-11-07 21:31 - 2000-08-30 18:00 - 00080412 _____ C:\Windows\grep.exe2013-11-07 21:31 - 2000-08-30 18:00 - 00068096 _____ C:\Windows\zip.exe2013-11-07 19:40 - 2013-11-07 19:40 - 00000000 ____D C:\DVD_02013-11-07 13:23 - 2013-11-07 13:23 - 00002789 _____ C:\Users\Owner\Desktop\ESET.txt2013-11-07 11:54 - 2013-11-07 11:54 - 00000000 ____D C:\Program Files (x86)\ESET2013-11-07 01:28 - 2013-11-07 02:02 - 1345074382 _____ C:\Users\Owner\Desktop\The World's end.avi2013-11-07 00:53 - 2013-11-08 12:30 - 00000280 _____ C:\Windows\setupact.log2013-11-07 00:53 - 2013-11-07 00:53 - 00000000 _____ C:\Windows\setuperr.log2013-11-07 00:48 - 2013-11-08 12:28 - 00000000 ____D C:\AdwCleaner2013-11-07 00:38 - 2013-11-05 16:36 - 01034531 _____ (Thisisu) C:\Users\Owner\Desktop\JRT_NEW.exe2013-11-07 00:25 - 2013-11-07 00:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-11-07 00:24 - 2013-11-07 00:24 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2013-11-06 23:15 - 2013-11-07 21:55 - 00000000 ____D C:\Windows\ERDNT2013-11-06 23:14 - 2013-11-06 23:14 - 00000926 _____ C:\Users\Owner\Desktop\NTREGOPT.lnk2013-11-06 23:14 - 2013-11-06 23:14 - 00000907 _____ C:\Users\Owner\Desktop\ERUNT.lnk2013-11-06 23:14 - 2013-11-06 23:14 - 00000000 ____D C:\Program Files (x86)\ERUNT2013-11-06 20:49 - 2013-11-06 20:49 - 00001252 _____ C:\Users\Public\Desktop\Download Accelerator Manager (DAM).lnk2013-11-04 11:48 - 2013-11-04 11:48 - 00000000 ____D C:\Windows\ERUNT2013-10-31 16:17 - 2013-10-31 16:17 - 00000000 ____D C:\Users\Owner\AppData\Roaming\37072013-10-31 01:07 - 2013-10-31 16:16 - 00000000 ____D C:\Users\Owner\AppData\Roaming\DVDFab92013-10-31 01:07 - 2013-10-31 02:50 - 00000000 ____D C:\Users\Owner\Documents\DVDFab92013-10-31 01:07 - 2013-10-31 01:07 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 9.0.7.2 Final2013-10-31 01:07 - 2013-10-31 01:07 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run2013-10-31 01:06 - 2013-10-31 01:06 - 00000000 ____D C:\Users\Owner\Desktop\2-click run2013-10-31 01:04 - 2013-10-31 01:04 - 00000000 ____D C:\Users\Owner\Documents\PcSetup2013-10-31 01:01 - 2013-10-31 01:03 - 00000000 ____D C:\Users\Owner\Downloads\DVDFab 9.0.7.2 Final (2-click run)(Registered)2013-10-30 18:50 - 2013-10-30 18:50 - 01498892 _____ C:\Users\Owner\Documents\marion ross op.wmv2013-10-30 18:49 - 2013-10-30 18:49 - 182741100 _____ C:\Users\Owner\Documents\Marion Ross in OP.avi2013-10-25 19:06 - 2013-10-25 20:09 - 00000000 ____D C:\Users\Owner\Downloads\EternalDesire 13 04 23 Zsanett Tormay Dym XXX iMAGEsET ExtraTorrentAT2013-10-22 11:40 - 2013-10-23 14:52 - 00000000 ___DC C:\Users\Owner\AppData\Local\MigWiz2013-10-21 16:02 - 2013-10-21 16:02 - 01228854 _____ C:\Users\Owner\Documents\Snapshot(7).bmp2013-10-20 00:08 - 2013-10-20 00:08 - 00000000 ____D C:\pm the last pm2013-10-19 19:15 - 2013-10-19 19:15 - 00000000 ____D C:\pm 52013-10-12 23:09 - 2013-10-12 23:09 - 00000000 ____D C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com2013-10-12 11:53 - 2013-10-12 11:53 - 00000000 ____D C:\Program Files (x86)\BurnAware Free2013-10-12 11:43 - 2013-10-12 11:43 - 00000000 ____D C:\Users\Owner\AppData\Local\factormystic.net2013-10-11 17:08 - 2013-10-11 17:09 - 02816072 _____ (LionSea SoftWare ) C:\Users\Owner\Downloads\setup.exe2013-10-11 16:57 - 2013-10-11 16:57 - 00000000 ____D C:\Users\Owner\AppData\Local\DriverTuner2013-10-11 16:12 - 2013-11-08 12:35 - 00732000 _____ C:\Windows\WindowsUpdate.log2013-10-11 13:04 - 2013-10-11 13:04 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Oracle2013-10-11 13:03 - 2013-10-11 13:03 - 00000000 ____D C:\ProgramData\Oracle2013-10-10 11:08 - 2013-09-13 19:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys2013-10-10 11:08 - 2013-09-07 20:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2013-10-10 11:08 - 2013-09-07 20:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll2013-10-10 11:08 - 2013-09-07 20:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll ==================== One Month Modified Files and Folders ======= 2013-11-08 12:44 - 2013-11-08 12:44 - 00000000 ____D C:\FRST2013-11-08 12:43 - 2013-11-08 12:42 - 01957098 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe2013-11-08 12:38 - 2009-07-13 22:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-11-08 12:38 - 2009-07-13 22:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-11-08 12:36 - 2009-07-13 23:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI2013-11-08 12:35 - 2013-10-11 16:12 - 00732000 _____ C:\Windows\WindowsUpdate.log2013-11-08 12:30 - 2013-11-08 12:30 - 00001020 _____ C:\Windows\PFRO.log2013-11-08 12:30 - 2013-11-07 00:53 - 00000280 _____ C:\Windows\setupact.log2013-11-08 12:30 - 2011-03-10 16:36 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-11-08 12:30 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-11-08 12:28 - 2013-11-07 00:48 - 00000000 ____D C:\AdwCleaner2013-11-08 12:23 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\tracing2013-11-08 11:54 - 2011-03-10 16:36 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-11-08 09:34 - 2012-03-25 19:37 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForOwner2013-11-08 09:34 - 2012-03-25 19:37 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForOwner.job2013-11-08 01:27 - 2010-07-28 15:47 - 00000817 _____ C:\Users\Owner\AppData\Roaming\burnaware.ini2013-11-07 22:00 - 2013-11-07 22:00 - 00023105 _____ C:\ComboFix.txt2013-11-07 22:00 - 2013-11-07 21:31 - 00000000 ____D C:\Qoobox2013-11-07 22:00 - 2009-07-13 21:20 - 00000000 __RHD C:\Users\Default2013-11-07 21:55 - 2013-11-06 23:15 - 00000000 ____D C:\Windows\ERDNT2013-11-07 21:45 - 2009-07-13 20:34 - 00000215 _____ C:\Windows\system.ini2013-11-07 19:40 - 2013-11-07 19:40 - 00000000 ____D C:\DVD_02013-11-07 19:39 - 2010-07-30 02:52 - 00000000 ___HD C:\ProgramData\DVD Shrink2013-11-07 18:55 - 2011-12-27 16:49 - 08383488 ___SH C:\Users\Owner\Documents\Thumbs.db2013-11-07 17:29 - 2012-01-24 23:51 - 00000000 ____D C:\Users\Owner\Documents\My Video2013-11-07 17:25 - 2012-03-14 22:21 - 00000000 ____D C:\Users\Owner\Downloads\program set ups2013-11-07 17:22 - 2012-09-26 22:52 - 00000000 ____D C:\Program Files (x86)\VideoLAN2013-11-07 16:59 - 2012-08-19 11:36 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9667FC7A-F3B5-4A6E-B1DE-52DCAC6CC5AB}2013-11-07 16:17 - 2010-05-29 20:38 - 00000000 ____D C:\Users\Owner\AppData\Local\VirtualStore2013-11-07 13:23 - 2013-11-07 13:23 - 00002789 _____ C:\Users\Owner\Desktop\ESET.txt2013-11-07 11:54 - 2013-11-07 11:54 - 00000000 ____D C:\Program Files (x86)\ESET2013-11-07 11:12 - 2010-07-05 09:02 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log2013-11-07 11:02 - 2010-06-21 13:51 - 00000000 ____D C:\Users\Owner\AppData\Roaming\HP Support Assistant2013-11-07 11:02 - 2010-05-29 20:45 - 00000000 ____D C:\Users\Owner\AppData\Roaming\HpUpdate2013-11-07 02:02 - 2013-11-07 01:28 - 1345074382 _____ C:\Users\Owner\Desktop\The World's end.avi2013-11-07 00:53 - 2013-11-07 00:53 - 00000000 _____ C:\Windows\setuperr.log2013-11-07 00:50 - 2012-07-27 16:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-11-07 00:35 - 2013-11-07 00:25 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-11-07 00:24 - 2013-11-07 00:24 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2013-11-06 23:14 - 2013-11-06 23:14 - 00000926 _____ C:\Users\Owner\Desktop\NTREGOPT.lnk2013-11-06 23:14 - 2013-11-06 23:14 - 00000907 _____ C:\Users\Owner\Desktop\ERUNT.lnk2013-11-06 23:14 - 2013-11-06 23:14 - 00000000 ____D C:\Program Files (x86)\ERUNT2013-11-06 20:49 - 2013-11-06 20:49 - 00001252 _____ C:\Users\Public\Desktop\Download Accelerator Manager (DAM).lnk2013-11-06 20:49 - 2012-07-19 23:07 - 00000000 ____D C:\Program Files (x86)\Tensons2013-11-05 17:34 - 2012-11-20 16:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update2013-11-05 17:30 - 2012-09-01 01:20 - 00000000 ____D C:\Users\Owner\AppData\Roaming\uTorrent2013-11-05 16:36 - 2013-11-07 00:38 - 01034531 _____ (Thisisu) C:\Users\Owner\Desktop\JRT_NEW.exe2013-11-04 11:48 - 2013-11-04 11:48 - 00000000 ____D C:\Windows\ERUNT2013-11-04 04:44 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache2013-11-03 23:31 - 2009-07-14 01:44 - 00000000 ___RD C:\Users\Public\Recorded TV2013-11-03 22:00 - 2013-01-11 15:25 - 00000000 ____D C:\Users\Owner\Documents\Comic -Graphic Novel2013-11-01 18:58 - 2013-08-24 14:00 - 00000000 ____D C:\Users\Owner\Downloads\rar zip2013-10-31 16:17 - 2013-10-31 16:17 - 00000000 ____D C:\Users\Owner\AppData\Roaming\37072013-10-31 16:16 - 2013-10-31 01:07 - 00000000 ____D C:\Users\Owner\AppData\Roaming\DVDFab92013-10-31 14:39 - 2013-04-09 00:54 - 326737920 _____ C:\Users\Owner\Documents\me1.avi2013-10-31 05:32 - 2011-11-29 14:23 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt2013-10-31 02:50 - 2013-10-31 01:07 - 00000000 ____D C:\Users\Owner\Documents\DVDFab92013-10-31 02:02 - 2010-06-23 10:56 - 00000000 ____D C:\ProgramData\vsosdk2013-10-31 01:46 - 2010-06-02 14:43 - 00084272 _____ C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT2013-10-31 01:44 - 2009-07-13 22:45 - 00343376 _____ C:\Windows\system32\FNTCACHE.DAT2013-10-31 01:07 - 2013-10-31 01:07 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 9.0.7.2 Final2013-10-31 01:07 - 2013-10-31 01:07 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run2013-10-31 01:06 - 2013-10-31 01:06 - 00000000 ____D C:\Users\Owner\Desktop\2-click run2013-10-31 01:04 - 2013-10-31 01:04 - 00000000 ____D C:\Users\Owner\Documents\PcSetup2013-10-31 01:04 - 2010-10-01 00:22 - 00082816 _____ (VSO Software) C:\Users\Owner\AppData\Roaming\pcouffin.sys2013-10-31 01:04 - 2010-10-01 00:22 - 00007859 _____ C:\Users\Owner\AppData\Roaming\pcouffin.cat2013-10-31 01:04 - 2010-10-01 00:22 - 00000055 _____ C:\Users\Owner\AppData\Roaming\pcouffin.log2013-10-31 01:04 - 2010-10-01 00:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Vso2013-10-31 01:03 - 2013-10-31 01:01 - 00000000 ____D C:\Users\Owner\Downloads\DVDFab 9.0.7.2 Final (2-click run)(Registered)2013-10-30 18:50 - 2013-10-30 18:50 - 01498892 _____ C:\Users\Owner\Documents\marion ross op.wmv2013-10-30 18:49 - 2013-10-30 18:49 - 182741100 _____ C:\Users\Owner\Documents\Marion Ross in OP.avi2013-10-28 00:11 - 2012-11-04 15:45 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Media Player Classic2013-10-25 20:09 - 2013-10-25 19:06 - 00000000 ____D C:\Users\Owner\Downloads\EternalDesire 13 04 23 Zsanett Tormay Dym XXX iMAGEsET ExtraTorrentAT2013-10-25 19:03 - 2013-06-22 13:20 - 00000000 ____D C:\Users\Owner\Downloads\torrents2013-10-23 20:53 - 2012-07-18 11:31 - 00000000 ____D C:\Users\Owner\AppData\Roaming\dvdcss2013-10-23 14:52 - 2013-10-22 11:40 - 00000000 ___DC C:\Users\Owner\AppData\Local\MigWiz2013-10-22 18:42 - 2013-09-15 15:01 - 00000000 ____D C:\ProgramData\Western Digital2013-10-21 16:02 - 2013-10-21 16:02 - 01228854 _____ C:\Users\Owner\Documents\Snapshot(7).bmp2013-10-20 00:08 - 2013-10-20 00:08 - 00000000 ____D C:\pm the last pm2013-10-19 19:15 - 2013-10-19 19:15 - 00000000 ____D C:\pm 52013-10-19 16:43 - 2013-07-18 12:16 - 00000000 ____D C:\Users\Owner\Documents\webtv2013-10-17 18:41 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF2013-10-16 14:01 - 2010-05-29 20:41 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Hewlett-Packard2013-10-13 08:49 - 2011-03-10 16:36 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2013-10-13 08:49 - 2011-03-10 16:36 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2013-10-12 23:09 - 2013-10-12 23:09 - 00000000 ____D C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com2013-10-12 23:04 - 2010-05-30 11:17 - 00000000 ____D C:\ProgramData\Recovery2013-10-12 22:16 - 2011-04-10 13:16 - 00000000 ____D C:\Program Files (x86)\SpeedFan2013-10-12 11:53 - 2013-10-12 11:53 - 00000000 ____D C:\Program Files (x86)\BurnAware Free2013-10-12 11:43 - 2013-10-12 11:43 - 00000000 ____D C:\Users\Owner\AppData\Local\factormystic.net2013-10-11 17:09 - 2013-10-11 17:08 - 02816072 _____ (LionSea SoftWare ) C:\Users\Owner\Downloads\setup.exe2013-10-11 16:57 - 2013-10-11 16:57 - 00000000 ____D C:\Users\Owner\AppData\Local\DriverTuner2013-10-11 15:39 - 2010-11-06 16:10 - 00000000 ____D C:\ProgramData\FLEXnet2013-10-11 13:04 - 2013-10-11 13:04 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Oracle2013-10-11 13:03 - 2013-10-11 13:03 - 00000000 ____D C:\ProgramData\Oracle2013-10-11 13:03 - 2010-12-09 00:05 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll2013-10-10 12:11 - 2013-03-15 02:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight2013-10-10 12:11 - 2013-03-15 02:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight2013-10-10 10:53 - 2013-07-12 05:53 - 00000000 ____D C:\Windows\system32\MRT2013-10-10 10:50 - 2010-05-29 21:00 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Files to move or delete:====================C:\ProgramData\PKP_DLdu.DAT Some content of TEMP:====================C:\Users\Owner\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-30 23:53 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013Ran by Owner at 2013-11-08 12:45:41Running from C:\Users\Owner\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe AIR (x32 Version: 3.7.0.2090)Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.202)Adobe Photoshop Elements 7.0 (x32 Version: 7.0)Adobe Photoshop Elements 7.0 (x32 Version: 7.0.0.3)Adobe Reader X (10.1.7) (x32 Version: 10.1.7)Alien Skin Blow Up 2Alien Skin Snap Art 3Apple Software Update (x32 Version: 2.1.0.110)ATT-RC Self Support ToolAudacity 1.2.6 (x32)avast! Free Antivirus (x32 Version: 8.0.1497.0)AviSynth 2.5 (x32)Bamboo (x32)BurnAware Free 6.6 (x32)CCleaner (Version: 3.11)CDisplay 1.8 (x32)Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)CyberLink DVD Suite Deluxe (x32 Version: 7.0.2115)CyberLink PowerDirector (x32 Version: 8.0.1930)DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904)DivX Setup (x32 Version: 2.6.1.22)Download Accelerator Manager (x32 Version: 4.5.17)Duplicate Cleaner Free 3.1.4 (x32 Version: 3.1.4)DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224)DVD Shrink 3.2 (x32)DVDFab 9.0.7.2 Final (x32 Version: 9.0.7.2)DVDFab Passkey 8.1.0.4 (04/09/2013) (x32)ERUNT 1.1j (x32)ESET Online Scanner v3 (x32)FFmpeg v0.6.2 for Audacity (x32)Free FLV Converter V 7.5.0 (x32 Version: 7.5.0.0)Free RAR Extract Frog (x32 Version: 2.70)Free YouTube Downloader 3.5.134 (x32)Google Chrome (x32 Version: 30.0.1599.101)Google Drive (x32 Version: 1.12.5329.1887)Google Earth Plug-in (x32 Version: 7.1.1.1888)Google Talk Plugin (x32 Version: 4.2.1.14031)Google Update Helper (x32 Version: 1.3.21.165)Grabber2k v0.99e (x32 Version: Grabber2k v0.99e)Hardware Diagnostic Tools (Version: 6.0.5247.34)Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)HP Advisor (x32 Version: 3.3.9512.3162)HP Customer Experience Enhancements (x32 Version: 6.0.1.7)HP MediaSmart DVD (x32 Version: 3.1.3317)HP MediaSmart Music/Photo/Video (x32 Version: 3.1.3422)HP MediaSmart SmartMenu (Version: 3.1.0.1)HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.2.0)HP Product Detection (x32 Version: 11.14.0001)HP Remote Solution (x32 Version: 1.1.11.0)HP Setup (x32 Version: 1.2.3560.3170)HP Support Assistant (x32 Version: 7.0.39.15)HP Update (x32 Version: 5.001.000.014)Hulu Desktop (HKCU Version: 0.9.9)Ideal DVD Copy V4.1.2 (x32)K-Lite Codec Pack 9.4.0 (Full) (x32 Version: 9.4.0)LabelPrint (x32 Version: 2.5.2017)LightScribe System Software (x32 Version: 1.18.8.1)Luminance HDR 2.2.0Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)Media Player Codec Pack 4.2.3 (x32 Version: 4.2.3)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)Microsoft Live Search Toolbar (x32 Version: 3.0.566.0)Microsoft Silverlight (Version: 5.1.20913.0)Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)Microsoft Works (x32 Version: 9.7.0621)Morpheus Photo Animation Suite v3.11 (x32)Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310)MSN (x32 Version: 10.00.0588.0)MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)NVIDIA Display Control Panel (Version: 6.14.11.9739)NVIDIA Drivers (Version: 1.10.58.36)PeaZip 4.4 (x32)PeaZip UNACE plugin 1 (x32)PlayReady PC Runtime amd64 (Version: 1.3.0)Power2Go (x32 Version: 6.0.3304)PVSonyDll (Version: 1.00.0001)QuickTime (x32 Version: 7.50.61.0)Realtek High Definition Audio Driver (x32 Version: 6.0.1.6196)RealUpgrade 1.1 (x32 Version: 1.1.0)Recovery Manager (x32 Version: 5.5.2216)SmartSound Quicktracks Plugin (x32 Version: 3.0.3.0)SpeedFan (remove only) (x32)StreamTransport version: 1.0.2.2171 (x32)Topaz Adjust 4 (64-bit) (Version: 4.0.0)Topaz Adjust 4 (x32 Version: 4.0.0)Topaz Simplify 3 (64-bit) (Version: 3.0.0)Topaz Simplify 3 (x32 Version: 3.0.0)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)USB Modem (Version: 2.0.21.0)VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)Vimicro USB2.0 UVC PC Camera (x32 Version: 2010.03.02)WD Drive Utilities (x32 Version: 1.0.0)WD Security (x32 Version: 1.0.3.3)WD SES Driver Setup (x32 Version: 1.0.0)WebTablet IE Plugin (x32 Version: 1.1.0.4)WebTablet Netscape Plugin (x32 Version: 1.1.0.3)Windows Live Sync (x32 Version: 14.0.8089.726)WinPcap 4.1.2 (x32 Version: 4.1.0.2001) ==================== Restore Points ========================= 07-11-2013 08:25:21 Scheduled Checkpoint07-11-2013 21:47:46 Removed Java 7 Update 4008-11-2013 12:43:40 Windows Update ==================== Hosts content: ========================== 2009-07-13 20:34 - 2013-11-07 21:44 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {0E42BC3A-492A-45A9-91BA-A8F18223507E} - System32\Tasks\{5B34B600-4E62-466A-AE9F-85A8EF27FE96} => C:\Program Files (x86)\Tensons\Download Accelerator Manager\daman.exe [2013-09-05] (Tensons Corporation)Task: {1F8FDAD4-C99A-4691-8C8B-1303CFCF48E7} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)Task: {22D38C19-A80B-4C2F-B5CC-42B1FEBF9C35} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3865469153-480291104-2532518772-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2011-11-08] (RealNetworks, Inc.)Task: {294954B2-3941-4CFB-9CDD-7455D5BCA073} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-10] (Google Inc.)Task: {2E2BBB49-D34B-400C-8544-A8F03EF9C1AC} - System32\Tasks\{98B0DEFD-C3A9-48C6-BF73-474756E81AC1} => C:\Program Files (x86)\Tensons\Download Accelerator Manager\daman.exe [2013-09-05] (Tensons Corporation)Task: {37DD3235-AA80-4494-9836-3E894D0F103F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)Task: {5E5E0214-4988-4AF8-9404-2F3D94C8126F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)Task: {6FEA5545-2041-4ECC-A5D2-E3FB1923B35B} - System32\Tasks\{3F2B41DA-31FD-4882-A7C3-AF5D049E80E8} => C:\Program Files (x86)\Tensons\Download Accelerator Manager\daman.exe [2013-09-05] (Tensons Corporation)Task: {7DF73FB1-D4AA-44A9-A04F-26F6566E06F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)Task: {80502462-75D8-4BB6-B597-AE2E8EB3A061} - System32\Tasks\{48D371E2-275B-43CA-B61D-4DB03D76CDA2} => C:\Program Files (x86)\Tensons\Download Accelerator Manager\daman.exe [2013-09-05] (Tensons Corporation)Task: {86C14A3E-4F32-494F-AF7A-F24966013349} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exeTask: {93C9951A-A10A-4D77-932D-234A16862594} - System32\Tasks\{B308E757-34BA-447E-AA41-6B2AD5763631} => C:\Program Files (x86)\Tensons\Download Accelerator Manager\daman.exe [2013-09-05] (Tensons Corporation)Task: {9D160EAB-DDB9-481E-8509-CC6F82B6F497} - \ParetoLogic Update Version3 No Task FileTask: {BA91A51F-2ECF-4A7E-BA6C-F16F80D98399} - System32\Tasks\{50728FC8-59F4-42F3-8AF9-A97629310D8B} => C:\Program Files (x86)\Tensons\Download Accelerator Manager\daman.exe [2013-09-05] (Tensons Corporation)Task: {BB775933-8EB0-4494-8E22-1AD2F90F29D2} - System32\Tasks\{9EF5D831-1961-4CC1-8E61-E38723287C27} => C:\Program Files (x86)\Tensons\Download Accelerator Manager\daman.exe [2013-09-05] (Tensons Corporation)Task: {BEB91909-0D10-4ACD-B777-EBB68279A64C} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)Task: {C7322029-0FB8-4069-A42E-55F28357526D} - \PC Health Advisor No Task FileTask: {CBE8724C-5C72-4E02-B65C-8AE5D5E99F17} - \ParetoLogic Registration3 No Task FileTask: {D29670CB-9B8F-41E8-BDA1-82B292CEA2B8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exeTask: {E07C01E0-F85A-49CA-B272-07E5B5772B9A} - System32\Tasks\{D44B1E1B-3C39-44D0-9D19-9395EA7BD84B} => C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\Photoshop Elements 7.0.exe [2008-09-16] (Adobe Systems Incorporated)Task: {E57382AD-BB28-4E2D-AE76-24BF1E6E17E5} - System32\Tasks\RealCreateProcessScheduledTask186541549S-1-5-21-3865469153-480291104-2532518772-1000 => C:\Program Files (x86)\Real\RealPlayer\realplay.exeTask: {E97FF199-B2BC-433A-933B-9FE3A69730E0} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)Task: {EC2922F3-8BDF-4D9B-AC64-C6F000666B99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-10] (Google Inc.)Task: {EE3411A6-D3D7-4FFE-A114-A148BAC50E67} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exeTask: {F2860C7F-81BF-4550-96B8-E1BBEB2CCBBF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)Task: {F9C0B614-F040-4E4D-BB60-5E9ABBE9F98D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)Task: {FE3AA6F5-1A41-449C-9A4C-0D96C99C2807} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3865469153-480291104-2532518772-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2011-11-08] (RealNetworks, Inc.)Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\HPCeeScheduleForOwner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2013-11-07 20:20 - 2013-11-05 17:05 - 02107904 _____ () C:\Program Files\AVAST Software\Avast\defs\13110702\algo.dll2009-10-22 17:50 - 2009-10-22 17:50 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll2009-09-29 16:25 - 2009-09-29 16:25 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll2009-09-29 16:25 - 2009-09-29 16:25 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll2009-09-29 16:25 - 2009-09-29 16:25 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll2009-09-29 16:25 - 2009-09-29 16:25 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll2009-09-29 16:25 - 2009-09-29 16:25 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll2009-09-29 16:25 - 2009-09-29 16:25 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll2009-09-29 16:25 - 2009-09-29 16:25 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll2009-09-29 16:25 - 2009-09-29 16:25 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll2013-10-16 11:08 - 2013-10-08 18:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll2013-10-16 11:08 - 2013-10-08 18:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll2013-10-16 11:08 - 2013-10-08 18:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll2013-10-16 11:08 - 2013-10-08 18:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll2013-10-16 11:08 - 2013-10-08 18:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Windows:nlsPreferencesAlternateDataStreams: C:\ProgramData\Temp:56E2E879AlternateDataStreams: C:\Users\Owner\Downloads:Shareaza.GUID ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (11/08/2013 06:47:38 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 11:54:33 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 11:54:26 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 11:54:26 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 11:54:03 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 11:53:59 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 11:53:54 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 11:53:35 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 11:53:35 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/07/2013 02:38:41 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. System errors:=============Error: (11/08/2013 00:30:57 PM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load: ASPI32 Error: (11/08/2013 00:30:15 PM) (Source: Ntfs) (User: )Description: The default transaction resource manager on volume \\?\Volume{33493cc4-4542-11df-93f7-806e6f6e6963} encountered a non-retryable error and could not start. The data contains the error code. Error: (11/08/2013 00:30:15 PM) (Source: Application Popup) (User: )Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (11/08/2013 01:07:03 AM) (Source: DCOM) (User: )Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (11/07/2013 09:44:43 PM) (Source: Service Control Manager) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (11/07/2013 09:39:41 PM) (Source: Application Popup) (User: )Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (11/07/2013 09:36:06 PM) (Source: Service Control Manager) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (11/07/2013 04:20:04 PM) (Source: Disk) (User: )Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (11/07/2013 04:20:04 PM) (Source: Disk) (User: )Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (11/07/2013 04:20:04 PM) (Source: Disk) (User: )Description: The driver detected a controller error on \Device\Harddisk1\DR1. Microsoft Office Sessions:=========================Error: (11/08/2013 06:47:38 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (11/07/2013 11:54:33 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\esetsmartinstaller_enu.exe Error: (11/07/2013 11:54:26 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\esetsmartinstaller_enu.exe Error: (11/07/2013 11:54:26 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\esetsmartinstaller_enu.exe Error: (11/07/2013 11:54:03 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\esetsmartinstaller_enu.exe Error: (11/07/2013 11:53:59 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\esetsmartinstaller_enu.exe Error: (11/07/2013 11:53:54 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\program set ups\esetsmartinstaller_enu.exe Error: (11/07/2013 11:53:35 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\esetsmartinstaller_enu (1).exe Error: (11/07/2013 11:53:35 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Downloads\esetsmartinstaller_enu.exe Error: (11/07/2013 02:38:41 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Owner\Downloads\program set ups\SoftonicDownloader_for_divx-web-player.exe CodeIntegrity Errors:=================================== Date: 2013-11-07 21:39:41.110 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-07 21:39:40.639 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 43%Total physical RAM: 3838.49 MBAvailable physical RAM: 2158.85 MBTotal Pagefile: 7675.16 MBAvailable Pagefile: 5760.54 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.8 MB ==================== Drives ================================ Drive c: (HP) (Fixed) (Total:454.69 GB) (Free:164.44 GB) NTFSDrive d: (FACTORY_IMAGE) (Fixed) (Total:10.95 GB) (Free:1.6 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive e: (MY AUDIO) (Removable) (Total:3.93 GB) (Free:3.73 GB) FAT32Drive h: (My Passport) (Fixed) (Total:465.73 GB) (Free:191.21 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 466 GB) (Disk ID: 873E367A)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=455 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS) ========================================================Disk: 2 (Size: 4 GB) (Disk ID: 6F20736B)No partition Table on disk 2.Disk 2 is a removable device. ========================================================Disk: 3 (Size: 466 GB) (Disk ID: DE1646F8)Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  16. Full Scan. 1 threat. Umm.... "AdwCleaner.exe Threat: Win32:Dropper-gen[Drp]" 8-) It still does not see the beast.
  17. Here it is Ron: ComboFix 13-11-07.01 - Owner 11/07/2013 21:33:19.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3838.1795 [GMT -6:00] Running from: c:\users\Owner\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ADS - Windows: deleted 320 bytes in 1 streams. . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Amazon.ico c:\programdata\MercadoLivre.ico c:\programdata\QuickStores.ico c:\users\Owner\AppData\Roaming\inst.exe c:\users\Owner\AppData\Roaming\WTouch c:\users\Owner\AppData\Roaming\WTouch\WTouch.xml c:\windows\security\Database\tmp.edb c:\windows\SysWow64\msnphoto.scr c:\windows\SysWow64\zip32.dll . . ((((((((((((((((((((((((( Files Created from 2013-10-08 to 2013-11-08 ))))))))))))))))))))))))))))))) . . 2013-11-08 03:44 . 2013-11-08 03:44 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-11-08 01:40 . 2013-11-08 01:40 -------- d-----w- C:\DVD_0 2013-11-07 23:27 . 2013-11-07 23:27 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{616A6107-F14C-43AD-B6A1-1A6F17E5DBF6}\offreg.dll 2013-11-07 17:54 . 2013-11-07 17:54 -------- d-----w- c:\program files (x86)\ESET 2013-11-07 06:48 . 2013-11-07 06:50 -------- d-----w- C:\AdwCleaner 2013-11-07 06:25 . 2013-11-07 06:35 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-11-07 06:24 . 2013-11-07 06:24 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2013-11-07 05:14 . 2013-11-07 05:14 -------- d-----w- c:\program files (x86)\ERUNT 2013-11-06 00:05 . 2013-11-06 00:05 -------- d-----w- C:\FRST 2013-11-05 08:58 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{616A6107-F14C-43AD-B6A1-1A6F17E5DBF6}\mpengine.dll 2013-11-05 08:03 . 2013-11-05 08:04 -------- d-----w- c:\program files\SUPERAntiSpyware 2013-11-05 08:03 . 2013-11-05 08:03 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2013-11-04 17:48 . 2013-11-04 17:48 -------- d-----w- c:\windows\ERUNT 2013-10-31 22:17 . 2013-10-31 22:17 -------- d-----w- c:\users\Owner\AppData\Roaming\3707 2013-10-31 07:07 . 2013-10-31 22:16 -------- d-----w- c:\users\Owner\AppData\Roaming\DVDFab9 2013-10-22 17:40 . 2013-10-23 20:52 -------- dc----w- c:\users\Owner\AppData\Local\MigWiz 2013-10-20 06:08 . 2013-10-20 06:08 -------- d-----w- C:\pm the last pm 2013-10-20 01:15 . 2013-10-20 01:15 -------- d-----w- C:\pm 5 2013-10-13 05:09 . 2013-10-13 05:09 -------- d-----w- c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com 2013-10-12 17:53 . 2013-10-12 17:53 -------- d-----w- c:\program files (x86)\BurnAware Free 2013-10-12 17:43 . 2013-10-12 17:43 -------- d-----w- c:\users\Owner\AppData\Local\factormystic.net 2013-10-11 22:57 . 2013-10-11 22:57 -------- d-----w- c:\users\Owner\AppData\Local\DriverTuner 2013-10-11 19:04 . 2013-10-11 19:04 -------- d-----w- c:\users\Owner\AppData\Roaming\Oracle 2013-10-11 19:03 . 2013-10-11 19:03 -------- d-----w- c:\programdata\Oracle 2013-10-10 17:08 . 2013-09-08 02:03 231424 ----a-w- c:\windows\SysWow64\mswsock.dll 2013-10-10 17:08 . 2013-09-14 01:10 497152 ----a-w- c:\windows\system32\drivers\afd.sys 2013-10-10 17:08 . 2013-09-08 02:27 327168 ----a-w- c:\windows\system32\mswsock.dll 2013-10-10 17:08 . 2013-09-08 02:30 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-31 07:04 . 2010-10-01 06:22 82816 ----a-w- c:\users\Owner\AppData\Roaming\pcouffin.sys 2013-10-11 19:03 . 2010-12-09 06:05 790440 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-10-10 16:50 . 2010-05-30 03:00 80541720 ----a-w- c:\windows\system32\MRT.exe 2013-09-04 12:12 . 2013-10-09 00:35 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys 2013-09-04 12:11 . 2013-10-09 00:35 325120 ----a-w- c:\windows\system32\drivers\usbport.sys 2013-09-04 12:11 . 2013-10-09 00:35 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2013-09-04 12:11 . 2013-10-09 00:35 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys 2013-09-04 12:11 . 2013-10-09 00:35 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2013-09-04 12:11 . 2013-10-09 00:35 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys 2013-09-04 12:11 . 2013-10-09 00:35 7808 ----a-w- c:\windows\system32\drivers\usbd.sys 2013-09-03 19:35 . 2010-05-30 03:04 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-08-30 07:48 . 2013-03-23 21:13 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-08-30 07:48 . 2013-03-23 21:13 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-08-30 07:48 . 2012-11-20 22:31 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-08-30 07:48 . 2012-10-12 17:37 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-08-30 07:48 . 2012-10-12 17:37 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-08-30 07:48 . 2012-10-12 17:37 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-08-30 07:48 . 2012-10-12 17:37 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-08-30 07:48 . 2012-10-12 17:37 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-08-30 07:47 . 2012-10-12 17:36 41664 ----a-w- c:\windows\avastSS.scr 2013-08-30 07:47 . 2011-05-30 17:27 287840 ----a-w- c:\windows\system32\aswBoot.exe 2013-08-29 02:17 . 2013-10-09 00:38 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-08-29 02:16 . 2013-10-09 00:37 1732032 ----a-w- c:\windows\system32\ntdll.dll 2013-08-29 02:16 . 2013-10-09 00:37 243712 ----a-w- c:\windows\system32\wow64.dll 2013-08-29 02:16 . 2013-10-09 00:37 859648 ----a-w- c:\windows\system32\tdh.dll 2013-08-29 02:13 . 2013-10-09 00:38 878080 ----a-w- c:\windows\system32\advapi32.dll 2013-08-29 01:51 . 2013-10-09 00:37 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-08-29 01:51 . 2013-10-09 00:37 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-08-29 01:50 . 2013-10-09 00:37 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-08-29 01:50 . 2013-10-09 00:37 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll 2013-08-29 01:50 . 2013-10-09 00:37 619520 ----a-w- c:\windows\SysWow64\tdh.dll 2013-08-29 01:48 . 2013-10-09 00:37 640512 ----a-w- c:\windows\SysWow64\advapi32.dll 2013-08-29 01:48 . 2013-10-09 00:37 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-08-29 00:49 . 2013-10-09 00:37 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-08-29 00:49 . 2013-10-09 00:37 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-08-29 00:49 . 2013-10-09 00:37 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-08-29 00:49 . 2013-10-09 00:37 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-08-28 01:21 . 2013-10-09 00:37 3155968 ----a-w- c:\windows\system32\win32k.sys 2013-08-28 01:12 . 2013-10-09 00:36 461312 ----a-w- c:\windows\system32\scavengeui.dll 2006-12-02 06:37 . 2006-12-02 06:37 904704 ----a-w- c:\program files\msdia80.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048] "DVDFab Passkey"="c:\program files (x86)\DVDFab Passkey\DVDFabPasskey.exe" [2013-09-04 1419296] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-10-10 6589208] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968] "UpdatePDRShortCut"="c:\program files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408] "WD Drive Unlocker"="c:\program files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe" [2012-09-06 1688008] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 acfva;acfva;c:\windows\system32\DRIVERS\ACFVA64.sys;c:\windows\SYSNATIVE\DRIVERS\ACFVA64.sys [x] R3 dgcfltr;DGC Filter Driver;c:\windows\system32\DRIVERS\ACFDCP64.sys;c:\windows\SYSNATIVE\DRIVERS\ACFDCP64.sys [x] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x] R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys;c:\windows\SYSNATIVE\Drivers\VMUVC.sys [x] R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys;c:\windows\SYSNATIVE\drivers\vvftUVC.sys [x] R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys;c:\windows\SYSNATIVE\DRIVERS\wacmoumonitor.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe;c:\windows\SYSNATIVE\Pen_Tablet.exe [x] R4 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe;c:\program files\WTouch\WTouchService.exe [x] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x] S2 AcfXAudioService;AcfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x] S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe;c:\program files\Common Files\Motive\McciCMService.exe [x] S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe;c:\windows\SysWOW64\nlssrv32.exe [x] S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x] S3 dvdfab;dvdfab;c:\windows\system32\drivers\dvdfab.sys;c:\windows\SYSNATIVE\drivers\dvdfab.sys [x] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-10-16 17:04 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-10 22:35] . 2013-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-10 22:35] . 2013-11-04 c:\windows\Tasks\HPCeeScheduleForOwner.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 03:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2013-09-25 22:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-09-25 22:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-09-25 22:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2013-09-25 22:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2013-09-25 22:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2013-09-25 22:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "PCDrProfiler"="c:\program files\PC-Doctor for Windows\RunProfiler.exe" [2009-09-17 89584] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm IE: &Download with DAM - c:\program files (x86)\Tensons\Download Accelerator Manager\\addUrl.htm IE: Download &All with DAM - c:\program files (x86)\Tensons\Download Accelerator Manager\\addAllUrls.htm IE: Run DAM Media&Grabber - c:\program files (x86)\Tensons\Download Accelerator Manager\\runMg.htm Trusted Zone: google.com\www TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start AddRemove-DVDFab 9.0.7.2 Final9.0.7.2 - c:\2-click run\DVDFab 9.0.7.2 Final\uninstall.exe AddRemove-{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1 - c:\program files (x86)\Free YouTube Downloader\unins000.exe AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-11-07 21:59:44 ComboFix-quarantined-files.txt 2013-11-08 03:59 . Pre-Run: 177,210,306,560 bytes free Post-Run: 177,113,362,432 bytes free . - - End Of File - - A79D5648CA5C851AB67E041F81B1F002 F6039F9958C7601C82F7DBFA58390F21
  18. Must had the snake oil some time ago. I cleared Chrome's cache "to the beginning of time." I have been reading the ComboFix page. I looked in Start and searched Computer with System Recovery Environment. I then used just Environment. Just a lot of AMD Microsoft 64 files. The combo fix tells how to get the SRE on XP. For Windows 7 it seems I need a Windows 7 DVD. My Windows 7 came installed and I do not have a DVD. I have delayed using ComboFix until I find out how to get the needed System Recovery Environment. (sigh!)
  19. JavaRa 1.16 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Thu Nov 07 16:09:42 2013 There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124. ------------------------------------ Finished reporting. JavaRa 1.16 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Thu Nov 07 16:12:09 2013 There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124. ------------------------------------ Finished reporting. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013 Ran by Owner at 2013-11-07 16:31:49 Run:1 Running from C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13 Boot Mode: Normal ============================================== Content of fixlist: ***************** MountPoints2: {c0e96c88-7b27-11e2-bce9-7071bc0b0b5a} - E:\UEZLink.exe ProxyServer: http= HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo....r=spigot-yhp-ie SearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {25100003-F379-48D0-BA5C-2E4582A3BD1B} URL = http://search.yahoo....&type=714647&p={searchTerms} BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\FreeSoundRecorder\tbFre0.dll.vir FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Extension: Shopping Sidekick Plugin - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.default\Extensions\crossriderapp21802@crossrider.com FF Extension: TorrentHandler - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.default\Extensions\TorrentHandler@TorrentHandler.com.xpi CHR HomePage: https://www.facebook.com/?ref=tn_tnmn CHR RestoreOnStartup: "hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ch", "https://www.facebook.com/?ref=tn_tnmn" CHR Plugin: (Java™ Platform SE 7 U40) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) C:\Users\Owner\Downloads\uplayermediaplayer-setup.exe C:\Users\Owner\Downloads\program set ups\Brothersoft_downloader_For_Orbit_Downloader.exe C:\Users\Owner\Downloads\program set ups\Chrome.exe C:\Users\Owner\Downloads\program set ups\peazip-4.4.WINDOWS.exe C:\Users\Owner\Downloads\program set ups\Setup_FreeFlvConverter.exe C:\Users\Owner\Downloads\program set ups\SoftonicDownloader_for_divx-web-player.exe C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\BurnAwareFreeEditionv66.exe C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\DuplicateCleaner_setup.exe C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\FreeStudio.exe C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\FreeVideoFlipAndRotate.exe C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\uTorrent.exe C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\avc-free.exe C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\background.html JS/Adware.Yontoo.B application C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\yl.js JS/Adware.Yontoo.A application C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\background.html JS/Adware.Yontoo.B application C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\yl.js JS/Adware.Yontoo.A application ***************** HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0e96c88-7b27-11e2-bce9-7071bc0b0b5a} => Key deleted successfully. HKCR\CLSID\{c0e96c88-7b27-11e2-bce9-7071bc0b0b5a} => Key not found. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{25100003-F379-48D0-BA5C-2E4582A3BD1B} => Key deleted successfully. HKCR\CLSID\{25100003-F379-48D0-BA5C-2E4582A3BD1B} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found. HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Value deleted successfully. HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => Key not found. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found. C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\FreeSoundRecorder\tbFre0.dll.vir => Moved successfully. HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.40.2 => Key not found. C:\Windows\SysWOW64\npDeployJava1.dll => Moved successfully. HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2 => Key not found. C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found. C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.default\Extensions\crossriderapp21802@crossrider.com => Moved successfully. C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.default\Extensions\TorrentHandler@TorrentHandler.com.xpi => Moved successfully. CHR HomePage: https://www.facebook.com/?ref=tn_tnmn ==> The Chrome "Settings" can be used to fix the entry. CHR RestoreOnStartup: "hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ch", "https://www.facebook.com/?ref=tn_tnmn" ==> The Chrome "Settings" can be used to fix the entry. C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found. C:\Windows\SysWOW64\npDeployJava1.dll not found. C:\Users\Owner\Downloads\uplayermediaplayer-setup.exe => Moved successfully. C:\Users\Owner\Downloads\program set ups\Brothersoft_downloader_For_Orbit_Downloader.exe => Moved successfully. C:\Users\Owner\Downloads\program set ups\Chrome.exe => Moved successfully. C:\Users\Owner\Downloads\program set ups\peazip-4.4.WINDOWS.exe => Moved successfully. C:\Users\Owner\Downloads\program set ups\Setup_FreeFlvConverter.exe => Moved successfully. C:\Users\Owner\Downloads\program set ups\SoftonicDownloader_for_divx-web-player.exe => Moved successfully. C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\BurnAwareFreeEditionv66.exe => Moved successfully. C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\DuplicateCleaner_setup.exe => Moved successfully. C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\FreeStudio.exe => Moved successfully. C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\FreeVideoFlipAndRotate.exe => Moved successfully. C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\uTorrent.exe => Moved successfully. C:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\avc-free.exe => Moved successfully. "C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\background.html JS/Adware.Yontoo.B application" => File/Directory not found. "C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\yl.js JS/Adware.Yontoo.A application" => File/Directory not found. "C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\background.html JS/Adware.Yontoo.B application" => File/Directory not found. "C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\yl.js JS/Adware.Yontoo.A application" => File/Directory not found. ==== End of Fixlog ==== An awful lot of FireFox mentions?? Also: this was in between the JavaRa and FRST instructions: "Uninstall the Uniblue Registry Booster - Snake Oil Do I need a Windows Registry Cleaner?" I don't have that. ??
  20. Hi, Ron, Glad I listened to you: no spigot for a while last night. It is not gone. RogueKiller log above. Here are the next requested logs. ---------------------------------------Malwarebytes Anti-Rootkit BETA 1.07.0.1007 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 8.0.7601.17514 File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, H:\ DRIVE_FIXEDCPU speed: 2.712000 GHzMemory total: 4024950784, free: 2365407232 Downloaded database version: v2013.11.07.01Downloaded database version: v2013.10.11.02=======================================Initializing...------------ Kernel report ------------ 11/07/2013 00:25:03------------ Loaded modules -----------\SystemRoot\system32\ntoskrnl.exe\SystemRoot\system32\hal.dll\SystemRoot\system32\kdcom.dll\SystemRoot\system32\mcupdate_AuthenticAMD.dll\SystemRoot\system32\PSHED.dll\SystemRoot\system32\CLFS.SYS\SystemRoot\system32\CI.dll\SystemRoot\system32\drivers\Wdf01000.sys\SystemRoot\system32\drivers\WDFLDR.SYS\SystemRoot\system32\drivers\ACPI.sys\SystemRoot\system32\drivers\WMILIB.SYS\SystemRoot\system32\drivers\msisadrv.sys\SystemRoot\system32\drivers\pci.sys\SystemRoot\system32\drivers\vdrvroot.sys\SystemRoot\System32\drivers\partmgr.sys\SystemRoot\system32\drivers\volmgr.sys\SystemRoot\System32\drivers\volmgrx.sys\SystemRoot\System32\drivers\mountmgr.sys\SystemRoot\system32\DRIVERS\nvstor64.sys\SystemRoot\system32\DRIVERS\storport.sys\SystemRoot\system32\drivers\amdxata.sys\SystemRoot\system32\drivers\fltmgr.sys\SystemRoot\system32\drivers\fileinfo.sys\SystemRoot\System32\Drivers\PxHlpa64.sys\SystemRoot\System32\Drivers\Ntfs.sys\SystemRoot\System32\Drivers\msrpc.sys\SystemRoot\System32\Drivers\ksecdd.sys\SystemRoot\System32\Drivers\cng.sys\SystemRoot\System32\drivers\pcw.sys\SystemRoot\System32\Drivers\Fs_Rec.sys\SystemRoot\system32\drivers\ndis.sys\SystemRoot\system32\drivers\NETIO.SYS\SystemRoot\System32\Drivers\ksecpkg.sys\SystemRoot\System32\drivers\tcpip.sys\SystemRoot\System32\drivers\fwpkclnt.sys\SystemRoot\system32\drivers\volsnap.sys\SystemRoot\System32\Drivers\spldr.sys\SystemRoot\SysWOW64\speedfan.sys\SystemRoot\System32\drivers\rdyboost.sys\SystemRoot\System32\Drivers\mup.sys\SystemRoot\System32\drivers\hwpolicy.sys\SystemRoot\System32\DRIVERS\fvevol.sys\SystemRoot\system32\DRIVERS\disk.sys\SystemRoot\system32\DRIVERS\CLASSPNP.SYS\SystemRoot\System32\Drivers\aswVmm.sys\SystemRoot\System32\Drivers\aswRvrt.sys\SystemRoot\system32\DRIVERS\cdrom.sys\SystemRoot\System32\Drivers\aswSnx.SYS\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\drivers\VIDEOPRT.SYS\SystemRoot\System32\drivers\watchdog.sys\SystemRoot\System32\DRIVERS\RDPCDD.sys\SystemRoot\system32\drivers\rdpencdd.sys\SystemRoot\system32\drivers\rdprefmp.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\system32\DRIVERS\tdx.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\System32\Drivers\aswTdi.SYS\SystemRoot\system32\drivers\afd.sys\SystemRoot\System32\Drivers\aswrdr2.sys\SystemRoot\System32\DRIVERS\netbt.sys\SystemRoot\system32\DRIVERS\wfplwf.sys\SystemRoot\system32\DRIVERS\pacer.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\wanarp.sys\SystemRoot\system32\drivers\termdd.sys\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\drivers\nsiproxy.sys\SystemRoot\system32\drivers\mssmbios.sys\SystemRoot\System32\drivers\discache.sys\SystemRoot\System32\Drivers\dfsc.sys\SystemRoot\system32\DRIVERS\blbdrive.sys\SystemRoot\System32\Drivers\aswSP.SYS\SystemRoot\system32\DRIVERS\tunnel.sys\SystemRoot\system32\DRIVERS\amdppm.sys\SystemRoot\system32\DRIVERS\usbohci.sys\SystemRoot\system32\DRIVERS\USBPORT.SYS\SystemRoot\system32\DRIVERS\usbehci.sys\SystemRoot\system32\drivers\HDAudBus.sys\SystemRoot\system32\DRIVERS\nvmf6264.sys\SystemRoot\system32\drivers\dvdfab.sys\SystemRoot\system32\DRIVERS\nvlddmkm.sys\SystemRoot\system32\DRIVERS\nvBridge.kmd\SystemRoot\System32\drivers\dxgkrnl.sys\SystemRoot\System32\drivers\dxgmms1.sys\SystemRoot\system32\drivers\CompositeBus.sys\SystemRoot\system32\DRIVERS\wacomvhid.sys\SystemRoot\system32\DRIVERS\HIDCLASS.SYS\SystemRoot\system32\DRIVERS\HIDPARSE.SYS\SystemRoot\system32\DRIVERS\AgileVpn.sys\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\rassstp.sys\SystemRoot\system32\DRIVERS\kbdclass.sys\SystemRoot\system32\DRIVERS\mouclass.sys\SystemRoot\system32\drivers\swenum.sys\SystemRoot\system32\drivers\ks.sys\SystemRoot\system32\drivers\umbus.sys\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\system32\DRIVERS\mouhid.sys\SystemRoot\system32\DRIVERS\wacommousefilter.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\system32\drivers\RTKVHD64.sys\SystemRoot\system32\drivers\portcls.sys\SystemRoot\system32\drivers\drmk.sys\SystemRoot\system32\drivers\ksthunk.sys\SystemRoot\System32\Drivers\crashdmp.sys\SystemRoot\System32\Drivers\dump_diskdump.sys\SystemRoot\System32\Drivers\dump_nvstor64.sys\SystemRoot\System32\Drivers\dump_dumpfve.sys\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\system32\DRIVERS\usbccgp.sys\SystemRoot\system32\DRIVERS\USBD.SYS\SystemRoot\system32\drivers\hidusb.sys\SystemRoot\system32\DRIVERS\kbdhid.sys\SystemRoot\system32\DRIVERS\monitor.sys\SystemRoot\System32\TSDDD.dll\SystemRoot\System32\cdd.dll\SystemRoot\system32\DRIVERS\USBSTOR.SYS\SystemRoot\System32\ATMFD.DLL\SystemRoot\system32\drivers\luafv.sys\??\C:\Windows\system32\drivers\aswMonFlt.sys\SystemRoot\System32\Drivers\aswFsBlk.SYS\SystemRoot\System32\Drivers\usbvideo.sys\SystemRoot\system32\drivers\usbaudio.sys\SystemRoot\system32\DRIVERS\wdcsam64.sys\SystemRoot\system32\DRIVERS\lltdio.sys\SystemRoot\system32\DRIVERS\rspndr.sys\SystemRoot\System32\Drivers\fastfat.SYS\SystemRoot\system32\DRIVERS\bowser.sys\SystemRoot\System32\drivers\mpsdrv.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\system32\DRIVERS\mrxsmb10.sys\SystemRoot\system32\DRIVERS\mrxsmb20.sys\SystemRoot\system32\drivers\HTTP.sys\SystemRoot\system32\DRIVERS\ACFSDK64.sys\SystemRoot\system32\drivers\peauth.sys\SystemRoot\System32\Drivers\secdrv.SYS\SystemRoot\System32\DRIVERS\srvnet.sys\SystemRoot\System32\drivers\tcpipreg.sys\SystemRoot\system32\DRIVERS\ACFXAU64.sys\SystemRoot\System32\DRIVERS\srv2.sys\SystemRoot\System32\DRIVERS\srv.sys\SystemRoot\system32\drivers\WudfPf.sys\SystemRoot\system32\DRIVERS\WUDFRd.sys\SystemRoot\system32\DRIVERS\cdfs.sys\??\C:\Windows\system32\drivers\mbamchameleon.sys\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys\Windows\System32\ntdll.dll\Windows\System32\smss.exe\Windows\System32\apisetschema.dll\Windows\System32\autochk.exe\Windows\System32\ws2_32.dll\Windows\System32\msctf.dll\Windows\System32\advapi32.dll\Windows\System32\normaliz.dll\Windows\System32\difxapi.dll\Windows\System32\gdi32.dll\Windows\System32\iertutil.dll\Windows\System32\psapi.dll\Windows\System32\imm32.dll\Windows\System32\shlwapi.dll\Windows\System32\Wldap32.dll\Windows\System32\setupapi.dll\Windows\System32\urlmon.dll\Windows\System32\usp10.dll\Windows\System32\nsi.dll\Windows\System32\oleaut32.dll\Windows\System32\comdlg32.dll\Windows\System32\shell32.dll\Windows\System32\imagehlp.dll\Windows\System32\rpcrt4.dll\Windows\System32\lpk.dll\Windows\System32\wininet.dll\Windows\System32\kernel32.dll\Windows\System32\clbcatq.dll\Windows\System32\ole32.dll\Windows\System32\msvcrt.dll\Windows\System32\user32.dll\Windows\System32\sechost.dll\Windows\System32\KernelBase.dll\Windows\System32\crypt32.dll\Windows\System32\devobj.dll\Windows\System32\cfgmgr32.dll\Windows\System32\wintrust.dll\Windows\System32\comctl32.dll\Windows\System32\msasn1.dll\Windows\SysWOW64\normaliz.dll----------- End -----------Done!<<<1>>>Upper Device Name: \Device\Harddisk1\DR5Upper Device Object: 0xfffffa8007ffb580Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\00000089\Lower Device Object: 0xfffffa8008130340Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk3\DR3Upper Device Object: 0xfffffa800629f790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\0000007a\Lower Device Object: 0xfffffa8006296550Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk2\DR2Upper Device Object: 0xfffffa8006183790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\00000073\Lower Device Object: 0xfffffa8005378b60Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xfffffa80047ed060Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\0000005b\Lower Device Object: 0xfffffa800468b640Lower Device Driver Name: \Driver\nvstor64\<<<2>>>Physical Sector Size: 512Drive: 0, DevicePointer: 0xfffffa80047ed060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa80047edb90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa80047ed060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8003c8ac60, DeviceName: Unknown, DriverName: \Driver\ACPI\DevicePointer: 0xfffffa800468b640, DeviceName: \Device\0000005b\, DriverName: \Driver\nvstor64\------------ End ----------Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesDone!Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: 873E367A Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 204800 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 206848 Numsec = 953544704 Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 953751552 Numsec = 22956032 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytesSector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...Done!Physical Sector Size: 512Drive: 1, DevicePointer: 0xfffffa8007ffb580, DeviceName: \Device\Harddisk1\DR5\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa80080ab040, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8007ffb580, DeviceName: \Device\Harddisk1\DR5\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8008130340, DeviceName: \Device\00000089\, DriverName: \Driver\USBSTOR\------------ End ----------Alternate DeviceName: \Device\Harddisk1\DR5\, DriverName: \Driver\Disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 1Scanning MBR on drive 1...Inspecting partition table:Partition information: This drive is a Single Partition removable Drive. Partition is not bootable Disk Size: 4294836224 bytesSector size: 512 bytes Done!Physical Sector Size: 0Drive: 2, DevicePointer: 0xfffffa8006183790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa800538a380, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8006183790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8005378b60, DeviceName: \Device\00000073\, DriverName: \Driver\USBSTOR\------------ End ----------Physical Sector Size: 512Drive: 3, DevicePointer: 0xfffffa800629f790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8006291040, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa800629f790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8006296550, DeviceName: \Device\0000007a\, DriverName: \Driver\USBSTOR\------------ End ----------Alternate DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 3Scanning MBR on drive 3...Inspecting partition table:MBR Signature: 55AADisk Signature: DE1646F8 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 976705536 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500074283008 bytesSector size: 512 bytes Done!Scan finished======================================= Removal queue found; removal startedRemoving C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_2048_i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_3_i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_3_r.mbam...Removal finished Malwarebytes Anti-Rootkit BETA 1.07.0.1007www.malwarebytes.org Database version: v2013.11.07.01 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 8.0.7601.17514Owner :: OWNER-PC [administrator] 11/7/2013 12:25:07 AMmbar-log-2013-11-07 (00-25-07).txt Scan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/ShurikenScan options disabled: Objects scanned: 227650Time elapsed: 9 minute(s), 39 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) Physical Sectors Detected: 0(No malicious items detected) (end) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.8 (11.05.2013:1)OS: Windows 7 Home Premium x64Ran by Owner on Thu 11/07/2013 at 0:39:46.43~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Thu 11/07/2013 at 0:49:11.42End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.11.07.07 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 8.0.7601.17514Owner :: OWNER-PC [administrator] 11/7/2013 11:43:42 AMmbam-log-2013-11-07 (11-43-42).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 207603Time elapsed: 2 minute(s), 6 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\FreeSoundRecorder\tbFre0.dll.vir a variant of Win32/Toolbar.Conduit.B applicationC:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster applicationC:\Users\Owner\Downloads\uplayermediaplayer-setup.exe Win32/DownloadAdmin.G applicationC:\Users\Owner\Downloads\program set ups\AVStoDVD_251_Install.exe a variant of Win32/Bundled.Toolbar.Ask applicationC:\Users\Owner\Downloads\program set ups\Brothersoft_downloader_For_Orbit_Downloader.exe a variant of Win32/BSDownloader applicationC:\Users\Owner\Downloads\program set ups\Chrome.exe a variant of Win32/AirAdInstaller.A applicationC:\Users\Owner\Downloads\program set ups\HC2Setup.exe Win32/Somoto.F applicationC:\Users\Owner\Downloads\program set ups\InstallFreeRARExtractFrog.exe a variant of Win32/Bundled.Toolbar.Ask applicationC:\Users\Owner\Downloads\program set ups\peazip-4.4.WINDOWS.exe Win32/OpenCandy applicationC:\Users\Owner\Downloads\program set ups\Setup_FreeFlvConverter.exe Win32/Toolbar.SearchSuite applicationC:\Users\Owner\Downloads\program set ups\SoftonicDownloader_for_divx-web-player.exe Win32/SoftonicDownloader.E applicationC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\BurnAwareFreeEditionv66.exe a variant of Win32/OpenInstall applicationC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\DuplicateCleaner_setup.exe Win32/MyPCBackup.A applicationC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\FreeStudio.exe Win32/OpenCandy applicationC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\FreeVideoFlipAndRotate.exe Win32/OpenCandy applicationC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\uTorrent.exe a variant of Win32/Bunndle applicationC:\Users\Owner\Downloads\program set ups\-- Newer than 10-21-12\newer than 10-15-13\avc-free.exe Win32/OpenCandy applicationC:\Users\Owner\Downloads\program set ups\FFSetup260\FFSetup260.exe a variant of Win32/Bundled.Toolbar.Ask applicationC:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\background.html JS/Adware.Yontoo.B applicationC:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\yl.js JS/Adware.Yontoo.A applicationC:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\background.html JS/Adware.Yontoo.B applicationC:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\yl.js JS/Adware.Yontoo.A application (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe(CyberLink) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [PC-Doctor for Windows localizer] - C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-16] (PC-Doctor, Inc.)HKLM\...\RunOnce: [PCDrProfiler] - "C:\Program Files\PC-Doctor for Windows\RunProfiler.exe" -r [89584 2009-09-16] (PC-Doctor, Inc.)HKCU\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)HKCU\...\Run: [DVDFab Passkey] - C:\Program Files (x86)\DVDFab Passkey\DVDFabPasskey.exe [1419296 2013-09-04] (Fengtao Software Inc.)HKCU\...\Run: [sUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6589208 2013-10-10] (SUPERAntiSpyware)MountPoints2: {c0e96c88-7b27-11e2-bce9-7071bc0b0b5a} - E:\UEZLink.exeHKLM-x32\...\Run: [hpsysdrv] - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe [54576 2008-12-08] (Hewlett-Packard)HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-30] (AVAST Software)HKLM-x32\...\Run: [updatePDRShortCut] - C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard) ==================== Internet (Whitelisted) ==================== ProxyServer: http=HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=714647&fr=spigot-yhp-ieHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usSearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {25100003-F379-48D0-BA5C-2E4582A3BD1B} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO-x32: Tensons.Application.DownloadAcceleratorManager.BHO - {00000003-1118-11da-8cd6-0800200c9888} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No FileDPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No FileTcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.defaultFF DefaultSearchEngine: YahooFF SelectedSearchEngine: YahooFF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No FileFF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)FF Extension: Shopping Sidekick Plugin - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.default\Extensions\crossriderapp21802@crossrider.comFF Extension: dam - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.default\Extensions\dam@tensons.comFF Extension: torntv - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.default\Extensions\torntv@torntv.com.xpiFF Extension: TorrentHandler - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\54u8x685.default\Extensions\TorrentHandler@TorrentHandler.com.xpiFF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 Chrome: =======CHR HomePage: https://www.facebook.com/?ref=tn_tnmnCHR RestoreOnStartup: "hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ch", "https://www.facebook.com/?ref=tn_tnmn"CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.5 (861)) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)CHR Plugin: (Google Talk Plugin) - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)CHR Plugin: (Java Platform SE 7 U40) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll (Hulu LLC)CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (Search by Image (by Google)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.5.0_0CHR Extension: (Skymonk ) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcgdcemjmklhiaipolnmnlcoihpiiedp\1.41_0CHR Extension: (avast! Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0CHR Extension: (Hide Highlighted Posts) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmofgiembeapimonljnndbnjagdhfae\1.3_0CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0CHR Extension: (Google Reader) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx ==================== Services (Whitelisted) ================= R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)R2 AcfXAudioService; C:\Windows\SysWOW64\ACFXAU64.dll [436736 2009-04-28] (Conexant Systems, Inc.)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2009-10-22] (Alcatel-Lucent)R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2009-04-17] ()S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)S4 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127784 2009-11-23] (Wacom Technology, Corp.) ==================== Drivers (Whitelisted) ==================== S3 acfva; C:\Windows\System32\DRIVERS\ACFVA64.sys [123008 2009-09-02] (Conexant Systems Inc.)S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()S3 dgcfltr; C:\Windows\System32\DRIVERS\ACFDCP64.sys [34944 2009-04-28] (Conexant Systems, Inc.)R3 dvdfab; C:\Windows\System32\drivers\dvdfab.sys [79232 2011-08-15] (Fengtao Software Inc.)R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)S3 MODEMCSA; C:\Windows\system32\drivers\MODEMCSA.sys [24064 2009-07-13] (Microsoft Corporation)S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [202112 2010-04-29] (Vimicro Corporation)S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2009-04-28] (Conexant Systems, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-07 13:23 - 2013-11-07 13:23 - 00002789 _____ C:\Users\Owner\Desktop\ESET.txt2013-11-07 11:54 - 2013-11-07 11:54 - 00000000 ____D C:\Program Files (x86)\ESET2013-11-07 01:28 - 2013-11-07 02:02 - 1345074382 _____ C:\Users\Owner\Desktop\The World's end.avi2013-11-07 00:53 - 2013-11-07 00:53 - 00000056 _____ C:\Windows\setupact.log2013-11-07 00:53 - 2013-11-07 00:53 - 00000000 _____ C:\Windows\setuperr.log2013-11-07 00:49 - 2013-11-07 00:49 - 00000795 _____ C:\Users\Owner\Desktop\JRT.txt2013-11-07 00:48 - 2013-11-07 00:50 - 00000000 ____D C:\AdwCleaner2013-11-07 00:38 - 2013-11-05 16:36 - 01034531 _____ (Thisisu) C:\Users\Owner\Desktop\JRT_NEW.exe2013-11-07 00:25 - 2013-11-07 00:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-11-07 00:24 - 2013-11-07 00:35 - 00000000 ____D C:\Users\Owner\Desktop\mbar2013-11-07 00:24 - 2013-11-07 00:24 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2013-11-06 23:26 - 2013-11-06 23:26 - 00003200 _____ C:\Users\Owner\Desktop\RKreport[0]_S_11062013_232622.txt2013-11-06 23:15 - 2013-11-06 23:15 - 00000000 ____D C:\Windows\ERDNT2013-11-06 23:14 - 2013-11-06 23:14 - 00000926 _____ C:\Users\Owner\Desktop\NTREGOPT.lnk2013-11-06 23:14 - 2013-11-06 23:14 - 00000907 _____ C:\Users\Owner\Desktop\ERUNT.lnk2013-11-06 23:14 - 2013-11-06 23:14 - 00000000 ____D C:\Program Files (x86)\ERUNT2013-11-06 23:07 - 2013-11-06 23:09 - 00002368 _____ C:\Users\Owner\Desktop\Rkill.txt2013-11-06 23:07 - 2013-11-06 23:07 - 00000000 ____D C:\Users\Owner\Desktop\rkill2013-11-06 20:49 - 2013-11-06 20:49 - 00001252 _____ C:\Users\Public\Desktop\Download Accelerator Manager (DAM).lnk2013-11-05 18:05 - 2013-11-05 18:05 - 00000000 ____D C:\FRST2013-11-05 17:39 - 2013-11-05 17:39 - 00003097 _____ C:\Users\Owner\Desktop\RKreport[0]_S_11052013_173939.txt2013-11-05 17:16 - 2013-11-05 17:16 - 00003286 _____ C:\Users\Owner\Desktop\RKreport[0]_D_11052013_171647.txt2013-11-05 17:15 - 2013-11-05 17:15 - 00003334 _____ C:\Users\Owner\Desktop\RKreport[0]_S_11052013_171537.txt2013-11-05 17:13 - 2013-11-05 17:17 - 00000000 ____D C:\Users\Owner\Desktop\RK_Quarantine2013-11-05 02:03 - 2013-11-05 02:04 - 00000000 ____D C:\Program Files\SUPERAntiSpyware2013-11-05 02:03 - 2013-11-05 02:03 - 00001810 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk2013-11-05 02:03 - 2013-11-05 02:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com2013-11-04 11:48 - 2013-11-04 11:48 - 00000000 ____D C:\Windows\ERUNT2013-10-31 16:17 - 2013-10-31 16:17 - 00000000 ____D C:\Users\Owner\AppData\Roaming\37072013-10-31 01:07 - 2013-10-31 16:16 - 00000000 ____D C:\Users\Owner\AppData\Roaming\DVDFab92013-10-31 01:07 - 2013-10-31 02:50 - 00000000 ____D C:\Users\Owner\Documents\DVDFab92013-10-31 01:07 - 2013-10-31 01:07 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 9.0.7.2 Final2013-10-31 01:07 - 2013-10-31 01:07 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run2013-10-31 01:06 - 2013-10-31 01:06 - 00000000 ____D C:\Users\Owner\Desktop\2-click run2013-10-31 01:04 - 2013-10-31 01:04 - 00099384 _____ C:\Users\Owner\AppData\Roaming\inst.exe2013-10-31 01:04 - 2013-10-31 01:04 - 00000000 ____D C:\Users\Owner\Documents\PcSetup2013-10-31 01:01 - 2013-10-31 01:03 - 00000000 ____D C:\Users\Owner\Downloads\DVDFab 9.0.7.2 Final (2-click run)(Registered)2013-10-30 18:50 - 2013-10-30 18:50 - 01498892 _____ C:\Users\Owner\Documents\marion ross op.wmv2013-10-30 18:49 - 2013-10-30 18:49 - 182741100 _____ C:\Users\Owner\Documents\Marion Ross in OP.avi2013-10-25 19:06 - 2013-10-25 20:09 - 00000000 ____D C:\Users\Owner\Downloads\EternalDesire 13 04 23 Zsanett Tormay Dym XXX iMAGEsET ExtraTorrentAT2013-10-22 11:40 - 2013-10-23 14:52 - 00000000 ___DC C:\Users\Owner\AppData\Local\MigWiz2013-10-21 16:02 - 2013-10-21 16:02 - 01228854 _____ C:\Users\Owner\Documents\Snapshot(7).bmp2013-10-20 00:08 - 2013-10-20 00:08 - 00000000 ____D C:\pm the last pm2013-10-19 19:15 - 2013-10-19 19:15 - 00000000 ____D C:\pm 52013-10-12 23:09 - 2013-10-12 23:09 - 00000000 ____D C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com2013-10-12 11:53 - 2013-10-12 11:53 - 00000000 ____D C:\Program Files (x86)\BurnAware Free2013-10-12 11:43 - 2013-10-12 11:43 - 00000000 ____D C:\Users\Owner\AppData\Local\factormystic.net2013-10-11 17:08 - 2013-10-11 17:09 - 02816072 _____ (LionSea SoftWare ) C:\Users\Owner\Downloads\setup.exe2013-10-11 16:57 - 2013-10-11 16:57 - 00000000 ____D C:\Users\Owner\AppData\Local\DriverTuner2013-10-11 16:12 - 2013-11-07 11:12 - 00688481 _____ C:\Windows\WindowsUpdate.log2013-10-11 13:04 - 2013-10-11 13:04 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Oracle2013-10-11 13:03 - 2013-10-11 13:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2013-10-11 13:03 - 2013-10-11 13:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2013-10-11 13:03 - 2013-10-11 13:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2013-10-11 13:03 - 2013-10-11 13:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2013-10-11 13:03 - 2013-10-11 13:03 - 00000000 ____D C:\ProgramData\Oracle2013-10-11 13:03 - 2013-10-11 13:03 - 00000000 ____D C:\Program Files (x86)\Java2013-10-10 11:08 - 2013-09-13 19:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys2013-10-10 11:08 - 2013-09-07 20:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2013-10-10 11:08 - 2013-09-07 20:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll2013-10-10 11:08 - 2013-09-07 20:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll2013-10-08 19:25 - 2013-10-08 19:25 - 00000000 _RSHD C:\acroldr2013-10-08 19:22 - 2013-10-08 19:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Acronis2013-10-08 18:38 - 2013-08-28 20:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2013-10-08 18:38 - 2013-08-28 20:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll2013-10-08 18:38 - 2013-07-12 04:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys2013-10-08 18:38 - 2013-07-12 04:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys2013-10-08 18:38 - 2013-07-12 04:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys2013-10-08 18:38 - 2013-07-04 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll2013-10-08 18:38 - 2013-07-04 06:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll2013-10-08 18:38 - 2013-07-04 06:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll2013-10-08 18:38 - 2013-07-04 05:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll2013-10-08 18:38 - 2013-07-04 05:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll2013-10-08 18:38 - 2013-07-04 05:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll2013-10-08 18:38 - 2013-07-04 04:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys2013-10-08 18:38 - 2013-07-02 22:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys2013-10-08 18:38 - 2013-07-02 22:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys2013-10-08 18:38 - 2013-06-25 16:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys2013-10-08 18:38 - 2013-06-05 23:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2013-10-08 18:38 - 2013-06-05 23:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2013-10-08 18:38 - 2013-06-05 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2013-10-08 18:38 - 2013-06-05 23:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2013-10-08 18:38 - 2013-06-05 22:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2013-10-08 18:38 - 2013-06-05 22:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2013-10-08 18:38 - 2013-06-05 22:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2013-10-08 18:38 - 2013-06-05 21:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2013-10-08 18:38 - 2013-06-05 21:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2013-10-08 18:38 - 2013-06-05 21:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2013-10-08 18:37 - 2013-08-28 20:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2013-10-08 18:37 - 2013-08-28 20:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll2013-10-08 18:37 - 2013-08-28 20:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2013-10-08 18:37 - 2013-08-28 19:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2013-10-08 18:37 - 2013-08-28 19:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2013-10-08 18:37 - 2013-08-28 19:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2013-10-08 18:37 - 2013-08-28 19:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll2013-10-08 18:37 - 2013-08-28 19:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2013-10-08 18:37 - 2013-08-28 19:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2013-10-08 18:37 - 2013-08-28 18:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2013-10-08 18:37 - 2013-08-28 18:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2013-10-08 18:37 - 2013-08-28 18:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2013-10-08 18:37 - 2013-08-28 18:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2013-10-08 18:37 - 2013-08-27 19:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-10-08 18:36 - 2013-08-27 19:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll2013-10-08 18:36 - 2013-08-01 06:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys2013-10-08 18:36 - 2013-07-20 04:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll2013-10-08 18:36 - 2013-07-20 04:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll2013-10-08 18:35 - 2013-09-04 06:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys2013-10-08 18:35 - 2013-09-04 06:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys2013-10-08 18:35 - 2013-09-04 06:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys2013-10-08 18:35 - 2013-09-04 06:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys2013-10-08 18:35 - 2013-09-04 06:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys2013-10-08 18:35 - 2013-09-04 06:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys2013-10-08 18:35 - 2013-09-04 06:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys2013-10-08 17:47 - 2012-03-13 15:54 - 36595712 _____ C:\Users\Owner\Documents\Disk_Copy.iso ==================== One Month Modified Files and Folders ======= 2013-11-07 13:23 - 2013-11-07 13:23 - 00002789 _____ C:\Users\Owner\Desktop\ESET.txt2013-11-07 12:54 - 2011-03-10 16:36 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-11-07 11:54 - 2013-11-07 11:54 - 00000000 ____D C:\Program Files (x86)\ESET2013-11-07 11:53 - 2012-03-14 22:21 - 00000000 ____D C:\Users\Owner\Downloads\program set ups2013-11-07 11:14 - 2011-03-10 16:36 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-11-07 11:12 - 2013-10-11 16:12 - 00688481 _____ C:\Windows\WindowsUpdate.log2013-11-07 11:12 - 2010-07-05 09:02 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log2013-11-07 11:04 - 2009-07-13 23:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI2013-11-07 11:02 - 2010-06-21 13:51 - 00000000 ____D C:\Users\Owner\AppData\Roaming\HP Support Assistant2013-11-07 11:02 - 2010-05-29 20:45 - 00000000 ____D C:\Users\Owner\AppData\Roaming\HpUpdate2013-11-07 11:01 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\tracing2013-11-07 03:32 - 2009-07-13 22:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-11-07 03:32 - 2009-07-13 22:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-11-07 02:02 - 2013-11-07 01:28 - 1345074382 _____ C:\Users\Owner\Desktop\The World's end.avi2013-11-07 00:53 - 2013-11-07 00:53 - 00000056 _____ C:\Windows\setupact.log2013-11-07 00:53 - 2013-11-07 00:53 - 00000000 _____ C:\Windows\setuperr.log2013-11-07 00:53 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-11-07 00:50 - 2013-11-07 00:48 - 00000000 ____D C:\AdwCleaner2013-11-07 00:50 - 2012-07-27 16:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-11-07 00:49 - 2013-11-07 00:49 - 00000795 _____ C:\Users\Owner\Desktop\JRT.txt2013-11-07 00:35 - 2013-11-07 00:25 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-11-07 00:35 - 2013-11-07 00:24 - 00000000 ____D C:\Users\Owner\Desktop\mbar2013-11-07 00:24 - 2013-11-07 00:24 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2013-11-06 23:26 - 2013-11-06 23:26 - 00003200 _____ C:\Users\Owner\Desktop\RKreport[0]_S_11062013_232622.txt2013-11-06 23:15 - 2013-11-06 23:15 - 00000000 ____D C:\Windows\ERDNT2013-11-06 23:14 - 2013-11-06 23:14 - 00000926 _____ C:\Users\Owner\Desktop\NTREGOPT.lnk2013-11-06 23:14 - 2013-11-06 23:14 - 00000907 _____ C:\Users\Owner\Desktop\ERUNT.lnk2013-11-06 23:14 - 2013-11-06 23:14 - 00000000 ____D C:\Program Files (x86)\ERUNT2013-11-06 23:09 - 2013-11-06 23:07 - 00002368 _____ C:\Users\Owner\Desktop\Rkill.txt2013-11-06 23:07 - 2013-11-06 23:07 - 00000000 ____D C:\Users\Owner\Desktop\rkill2013-11-06 20:49 - 2013-11-06 20:49 - 00001252 _____ C:\Users\Public\Desktop\Download Accelerator Manager (DAM).lnk2013-11-06 20:49 - 2012-07-19 23:07 - 00000000 ____D C:\Program Files (x86)\Tensons2013-11-06 16:18 - 2012-08-19 11:36 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9667FC7A-F3B5-4A6E-B1DE-52DCAC6CC5AB}2013-11-05 18:05 - 2013-11-05 18:05 - 00000000 ____D C:\FRST2013-11-05 17:39 - 2013-11-05 17:39 - 00003097 _____ C:\Users\Owner\Desktop\RKreport[0]_S_11052013_173939.txt2013-11-05 17:34 - 2012-11-20 16:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update2013-11-05 17:30 - 2012-09-01 01:20 - 00000000 ____D C:\Users\Owner\AppData\Roaming\uTorrent2013-11-05 17:17 - 2013-11-05 17:13 - 00000000 ____D C:\Users\Owner\Desktop\RK_Quarantine2013-11-05 17:16 - 2013-11-05 17:16 - 00003286 _____ C:\Users\Owner\Desktop\RKreport[0]_D_11052013_171647.txt2013-11-05 17:15 - 2013-11-05 17:15 - 00003334 _____ C:\Users\Owner\Desktop\RKreport[0]_S_11052013_171537.txt2013-11-05 16:36 - 2013-11-07 00:38 - 01034531 _____ (Thisisu) C:\Users\Owner\Desktop\JRT_NEW.exe2013-11-05 02:04 - 2013-11-05 02:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware2013-11-05 02:03 - 2013-11-05 02:03 - 00001810 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk2013-11-05 02:03 - 2013-11-05 02:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com2013-11-04 11:48 - 2013-11-04 11:48 - 00000000 ____D C:\Windows\ERUNT2013-11-04 09:34 - 2012-03-25 19:37 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForOwner2013-11-04 09:34 - 2012-03-25 19:37 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForOwner.job2013-11-04 04:44 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache2013-11-03 23:31 - 2009-07-14 01:44 - 00000000 ___RD C:\Users\Public\Recorded TV2013-11-03 22:00 - 2013-01-11 15:25 - 00000000 ____D C:\Users\Owner\Documents\Comic -Graphic Novel2013-11-01 18:58 - 2013-08-24 14:00 - 00000000 ____D C:\Users\Owner\Downloads\rar zip2013-11-01 16:59 - 2011-12-27 16:49 - 08383488 ___SH C:\Users\Owner\Documents\Thumbs.db2013-10-31 19:02 - 2010-07-28 15:47 - 00000817 _____ C:\Users\Owner\AppData\Roaming\burnaware.ini2013-10-31 18:22 - 2010-07-30 02:52 - 00000000 ___HD C:\ProgramData\DVD Shrink2013-10-31 18:20 - 2012-01-24 23:51 - 00000000 ____D C:\Users\Owner\Documents\My Video2013-10-31 16:17 - 2013-10-31 16:17 - 00000000 ____D C:\Users\Owner\AppData\Roaming\37072013-10-31 16:16 - 2013-10-31 01:07 - 00000000 ____D C:\Users\Owner\AppData\Roaming\DVDFab92013-10-31 14:39 - 2013-04-09 00:54 - 326737920 _____ C:\Users\Owner\Documents\me1.avi2013-10-31 05:32 - 2011-11-29 14:23 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt2013-10-31 02:50 - 2013-10-31 01:07 - 00000000 ____D C:\Users\Owner\Documents\DVDFab92013-10-31 02:02 - 2010-06-23 10:56 - 00000000 ____D C:\ProgramData\vsosdk2013-10-31 01:46 - 2010-06-02 14:43 - 00084272 _____ C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT2013-10-31 01:44 - 2009-07-13 22:45 - 00343376 _____ C:\Windows\system32\FNTCACHE.DAT2013-10-31 01:07 - 2013-10-31 01:07 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 9.0.7.2 Final2013-10-31 01:07 - 2013-10-31 01:07 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run2013-10-31 01:06 - 2013-10-31 01:06 - 00000000 ____D C:\Users\Owner\Desktop\2-click run2013-10-31 01:04 - 2013-10-31 01:04 - 00099384 _____ C:\Users\Owner\AppData\Roaming\inst.exe2013-10-31 01:04 - 2013-10-31 01:04 - 00000000 ____D C:\Users\Owner\Documents\PcSetup2013-10-31 01:04 - 2010-10-01 00:22 - 00082816 _____ (VSO Software) C:\Users\Owner\AppData\Roaming\pcouffin.sys2013-10-31 01:04 - 2010-10-01 00:22 - 00007859 _____ C:\Users\Owner\AppData\Roaming\pcouffin.cat2013-10-31 01:04 - 2010-10-01 00:22 - 00000055 _____ C:\Users\Owner\AppData\Roaming\pcouffin.log2013-10-31 01:04 - 2010-10-01 00:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Vso2013-10-31 01:03 - 2013-10-31 01:01 - 00000000 ____D C:\Users\Owner\Downloads\DVDFab 9.0.7.2 Final (2-click run)(Registered)2013-10-30 18:50 - 2013-10-30 18:50 - 01498892 _____ C:\Users\Owner\Documents\marion ross op.wmv2013-10-30 18:49 - 2013-10-30 18:49 - 182741100 _____ C:\Users\Owner\Documents\Marion Ross in OP.avi2013-10-28 00:11 - 2012-11-04 15:45 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Media Player Classic2013-10-25 20:09 - 2013-10-25 19:06 - 00000000 ____D C:\Users\Owner\Downloads\EternalDesire 13 04 23 Zsanett Tormay Dym XXX iMAGEsET ExtraTorrentAT2013-10-25 19:03 - 2013-06-22 13:20 - 00000000 ____D C:\Users\Owner\Downloads\torrents2013-10-23 21:17 - 2010-05-29 20:38 - 00000000 ____D C:\Users\Owner\AppData\Local\VirtualStore2013-10-23 20:53 - 2012-07-18 11:31 - 00000000 ____D C:\Users\Owner\AppData\Roaming\dvdcss2013-10-23 14:52 - 2013-10-22 11:40 - 00000000 ___DC C:\Users\Owner\AppData\Local\MigWiz2013-10-22 18:42 - 2013-09-15 15:01 - 00000000 ____D C:\ProgramData\Western Digital2013-10-21 16:02 - 2013-10-21 16:02 - 01228854 _____ C:\Users\Owner\Documents\Snapshot(7).bmp2013-10-20 00:08 - 2013-10-20 00:08 - 00000000 ____D C:\pm the last pm2013-10-19 19:15 - 2013-10-19 19:15 - 00000000 ____D C:\pm 52013-10-19 16:43 - 2013-07-18 12:16 - 00000000 ____D C:\Users\Owner\Documents\webtv2013-10-17 18:41 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF2013-10-16 14:01 - 2010-05-29 20:41 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Hewlett-Packard2013-10-13 08:49 - 2011-03-10 16:36 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2013-10-13 08:49 - 2011-03-10 16:36 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2013-10-12 23:09 - 2013-10-12 23:09 - 00000000 ____D C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com2013-10-12 23:04 - 2010-05-30 11:17 - 00000000 ____D C:\ProgramData\Recovery2013-10-12 22:16 - 2011-04-10 13:16 - 00000000 ____D C:\Program Files (x86)\SpeedFan2013-10-12 11:53 - 2013-10-12 11:53 - 00000000 ____D C:\Program Files (x86)\BurnAware Free2013-10-12 11:43 - 2013-10-12 11:43 - 00000000 ____D C:\Users\Owner\AppData\Local\factormystic.net2013-10-11 17:09 - 2013-10-11 17:08 - 02816072 _____ (LionSea SoftWare ) C:\Users\Owner\Downloads\setup.exe2013-10-11 16:57 - 2013-10-11 16:57 - 00000000 ____D C:\Users\Owner\AppData\Local\DriverTuner2013-10-11 15:39 - 2010-11-06 16:10 - 00000000 ____D C:\ProgramData\FLEXnet2013-10-11 13:04 - 2013-10-11 13:04 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Oracle2013-10-11 13:03 - 2013-10-11 13:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2013-10-11 13:03 - 2013-10-11 13:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2013-10-11 13:03 - 2013-10-11 13:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2013-10-11 13:03 - 2013-10-11 13:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2013-10-11 13:03 - 2013-10-11 13:03 - 00000000 ____D C:\ProgramData\Oracle2013-10-11 13:03 - 2013-10-11 13:03 - 00000000 ____D C:\Program Files (x86)\Java2013-10-11 13:03 - 2012-08-03 15:00 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll2013-10-11 13:03 - 2010-12-09 00:05 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll2013-10-10 12:11 - 2013-03-15 02:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight2013-10-10 12:11 - 2013-03-15 02:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight2013-10-10 10:53 - 2013-07-12 05:53 - 00000000 ____D C:\Windows\system32\MRT2013-10-10 10:50 - 2010-05-29 21:00 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2013-10-08 19:25 - 2013-10-08 19:25 - 00000000 _RSHD C:\acroldr2013-10-08 19:22 - 2013-10-08 19:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Acronis Files to move or delete:====================C:\ProgramData\PKP_DLdu.DAT Some content of TEMP:====================C:\Users\Owner\AppData\Local\Temp\ntdll_dump.dllC:\Users\Owner\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-30 23:53 ==================== End Of Log =============== Lots of threats found by ESET were in my saved .exe folder: are they "real" = come out no mater what, or "virtual" = in the options I do not choose (Toolbar, etc)?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.