mickoh10
-
Posts
11 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by mickoh10
-
-
It sure looks like it is okay, I dont know how to thank you, but of course your signature tells me how. Thanks so much Mr.C
-
I just realized that actually, after running the combo fix, everything got cleaned and wiped...even the restore point I had created. Now even the virus seems to be off completely because I have done 3 scans and nothing is showing up....all my programs seem to have reset as well.
-
I think I was just tired when I did that, I read your instructions twice, and it looked like I had to quarantine them until after I did and rested about 6 hrs then re-read again and realized I had screwed up..let me restore the computer to that point then.
-
-
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : IMSEOLab [Admin rights]
Mode : Scan -- Date : 04/25/2014 16:00:06
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 6 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : Adobe Acrobat Registration Service (C:\Users\IMSEOLab\AppData\Roaming\Local\Adobe\armhvc.exe [7]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-3950617617-3481865245-1003807710-1000\[...]\Run : Adobe Acrobat Registration Service (C:\Users\IMSEOLab\AppData\Roaming\Local\Adobe\armhvc.exe [7]) -> FOUND
[RUN][ROGUE ST] HKCU\[...]\RunOnce : 5raxzje9a8 (C:\Users\IMSEOLab\5raxzje9a8\26202.vbs [-]) -> FOUND
[RUN][ROGUE ST] HKUS\S-1-5-21-3950617617-3481865245-1003807710-1000\[...]\RunOnce : 5raxzje9a8 (C:\Users\IMSEOLab\5raxzje9a8\26202.vbs [-]) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 1 ¤¤¤
[iMSEOLab][ROGUE ST] start.lnk : C:\Users\IMSEOLab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk @C:\Users\IMSEOLab\5RAXZJ~1\26202.vbs [-][-] -> FOUND
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [LOADED] ¤¤¤
[Address] IAT @explorer.exe (DrawTextW) : USER32.dll -> HOOKED (f:\fences\DesktopDock.dll @ 0x63F110C0)
[Address] EAT @explorer.exe (BeginBufferedAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738909AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738849A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B0731)
[Address] EAT @explorer.exe (BufferedPaintClear) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73886395)
[Address] EAT @explorer.exe (BufferedPaintInit) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738908ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7389E6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7389D395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738894AB)
[Address] EAT @explorer.exe (CloseThemeData) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73886A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73883982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7389D9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738A3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B35E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738853E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738851BF)
[Address] EAT @explorer.exe (DrawThemeText) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73884EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738863E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388FCAF)
[Address] EAT @explorer.exe (EnableTheming) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B2FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73883F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73883F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B06CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73884BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738904BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73890473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B2E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738905DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73890FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388CD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388F8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7389165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388BF93)
[Address] EAT @explorer.exe (GetThemeBool) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73887C1F)
[Address] EAT @explorer.exe (GetThemeColor) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B2932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388616C)
[Address] EAT @explorer.exe (GetThemeFilename) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B2412)
[Address] EAT @explorer.exe (GetThemeFont) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388FF21)
[Address] EAT @explorer.exe (GetThemeInt) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388616C)
[Address] EAT @explorer.exe (GetThemeIntList) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B23B1)
[Address] EAT @explorer.exe (GetThemeMargins) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738886E9)
[Address] EAT @explorer.exe (GetThemeMetric) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738906E2)
[Address] EAT @explorer.exe (GetThemePartSize) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388CDB1)
[Address] EAT @explorer.exe (GetThemePosition) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B2350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738A3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73893611)
[Address] EAT @explorer.exe (GetThemeStream) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738939D9)
[Address] EAT @explorer.exe (GetThemeString) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B22E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B3172)
[Address] EAT @explorer.exe (GetThemeSysColor) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738A3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B29C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B2BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B320B)
[Address] EAT @explorer.exe (GetThemeSysString) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B2B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73882D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388F992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73891081)
[Address] EAT @explorer.exe (GetWindowTheme) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388DF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73893CE3)
[Address] EAT @explorer.exe (IsAppThemed) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388F869)
[Address] EAT @explorer.exe (IsCompositionActive) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73882E9A)
[Address] EAT @explorer.exe (IsThemeActive) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388F785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738860AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738885B4)
[Address] EAT @explorer.exe (OpenThemeData) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738873D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738A3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B3296)
[Address] EAT @explorer.exe (SetWindowTheme) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73890134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7389CFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7388B176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x738B068D)
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS543232A7A384 ATA Device +++++
--- User ---
[MBR] 707c8a788074ba88890dc019aad1dbca
[bSP] 226c63bd82dbd934a5451924135aa4ef : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 113484 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 234160661 | Size: 87331 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 414793077 | Size: 20659 MB
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 457103920 | Size: 82050 MB
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_04252014_160006.txt >>
-
I am sorry, the first posts were done before I uninstalled utorrent...here is the fresh one
Attach
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 2/26/2014 12:03:42 AM
System Uptime: 4/25/2014 3:39:26 PM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 3676
Processor: Celeron® Dual-Core CPU T3500 @ 2.10GHz | CPU | 2094/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 85 GiB total, 14.381 GiB free.
E: is FIXED (NTFS) - 111 GiB total, 10.643 GiB free.
F: is FIXED (NTFS) - 20 GiB total, 18.917 GiB free.
G: is CDROM ()
K: is CDROM ()
L: is CDROM ()
M: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VMware Virtual Ethernet Adapter for VMnet8
Device ID: ROOT\VMWARE\0001
Manufacturer: VMware, Inc.
Name: VMware Virtual Ethernet Adapter for VMnet8
PNP Device ID: ROOT\VMWARE\0001
Service: VMnetAdapter
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl64f3890b
Device ID: ROOT\LEGACY_MPKSL64F3890B\0000
Manufacturer:
Name: MpKsl64f3890b
PNP Device ID: ROOT\LEGACY_MPKSL64F3890B\0000
Service: MpKsl64f3890b
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VMware Virtual Ethernet Adapter for VMnet1
Device ID: ROOT\VMWARE\0000
Manufacturer: VMware, Inc.
Name: VMware Virtual Ethernet Adapter for VMnet1
PNP Device ID: ROOT\VMWARE\0000
Service: VMnetAdapter
.
==== System Restore Points ===================
.
RP138: 4/25/2014 10:26:35 AM - Removed Camtasia Studio 8
RP139: 4/25/2014 11:05:48 AM - Removed FiverrBot
RP140: 4/25/2014 11:07:50 AM - Removed PrPowershot
.
==== Installed Programs ======================
.
7-Zip 9.20
Adobe AIR
Adobe Flash Player 12 ActiveX & Plugin
Adobe Reader XI (11.0.06)
Adobe Shockwave Player + Authorware Web Player
Advanced SystemCare Ultimate 7
AOMEI Backupper
Apple Application Support
Apple Software Update
Atheros for Acer MyAllm Driver v7.1.0.90 Installation Program
Ava Find Pro
Bluetooth Win7 Suite
Box Sync
Business Plan Pro 15th Anniversary Edition
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
ClickBankGoldminer
ClickingAgent
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition
Dell Wireless WLAN Card
Driver Booster
DriverPack Solution Updater
ERUNT 1.1j
Fences 2
FlipBook Maker Pro 3.6.1
Friend Bomber
Google Chrome
Google Drive
Google Update Helper
GSA Captcha Breaker v2.47
GSA Search Engine Ranker v7.85
iCare Data Recovery enterprise license 5.1
IM-Magic Partition Resizer Professional 2013
Income Jacker
InstantArticleWizard
Intel® Graphics Media Accelerator Driver
Intel® Processor ID Utility
Internet Download Manager
Internet Everywhere
IObit Uninstaller
iSEEK AnswerWorks English Runtime
Java 7 Update 51
Java Auto Updater
Java 6 Update 45
K-Lite Codec Pack 8.4.0 (Full)
KeywordSnatcher
KMSpico 4.1
Lagarith Lossless Codec (1.3.27)
LastPass (uninstall only)
Logos 4 Prerequisites
Logos Bible Software 4
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5.1
Microsoft Access MUI (English) 2013
Microsoft Access Setup Metadata MUI (English) 2013
Microsoft DCF MUI (English) 2013
Microsoft Excel MUI (English) 2013
Microsoft Groove MUI (English) 2013
Microsoft InfoPath MUI (English) 2013
Microsoft Lync MUI (English) 2013
Microsoft Office OSM MUI (English) 2013
Microsoft Office OSM UX MUI (English) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (English) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Shared MUI (English) 2013
Microsoft Office Shared Setup Metadata MUI (English) 2013
Microsoft OneNote MUI (English) 2013
Microsoft Outlook MUI (English) 2013
Microsoft PowerPoint MUI (English) 2013
Microsoft Publisher MUI (English) 2013
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 False
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 False
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 False
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft Word MUI (English) 2013
Mobile Partner
Mozilla Firefox 28.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Outils de vérification linguistique 2013 de Microsoft Office - Français
Proxifier version 3.21
Quicken 2014
QuickTime 7
QuickVerse 2010
Realtek High Definition Audio Driver
SAM CoDeC Pack
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Excel 2013 (KB2827238) 32-Bit Edition
Security Update for Microsoft Office 2013 (KB2768005) 32-Bit Edition
Security Update for Microsoft Office 2013 (KB2810009) 32-Bit Edition
Security Update for Microsoft Office 2013 (KB2850064) 32-Bit Edition
Security Update for Microsoft Word 2013 (KB2827224) 32-Bit Edition
SEO PowerSuite
Share YouTube Videos version 1
SpeedCommander 15
Surfing Protection
TeraCopy 2.3 beta 2
Time Stopper
tools-freebsd
tools-linux
tools-netware
tools-solaris
tools-windows
tools-winPre2k
TumblingJazz version 1.131
TuneUp Utilities 2014
TuneUp Utilities 2014 (en-US)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2767850) 32-Bit Edition
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition
USB Disk Security
Ut Video Codec Suite
VirtualCloneDrive
VLC media player 1.1.5
VMware Workstation
Windows 7 Manager
Windows 7 USB/DVD Download Tool
WinRAR 5.01 (32-bit)
WordWeb Pro
x264vfw - H.264/MPEG-4 AVC codec (remove only)
Xvid MPEG-4 Video Codec
.
==== Event Viewer Messages From Past Week ========
.
4/25/2014 3:48:42 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
4/25/2014 3:39:54 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xc045a790, 0xc0000185, 0x88987860, 0x8b4f29ce). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 042514-19578-01.
4/25/2014 2:43:11 PM, Error: Service Control Manager [7034] - The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).
4/25/2014 2:42:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VMware Workstation Server service to connect.
4/25/2014 2:42:14 PM, Error: Service Control Manager [7000] - The VMware Workstation Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/25/2014 2:38:53 PM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.
4/25/2014 2:38:41 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswNdisFlt aswRdr aswRvrt aswSnx aswSP aswTdi aswVmm BIOS CSC DfsC discache ElbyCDIO MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl
4/25/2014 2:38:41 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/25/2014 2:38:41 PM, Error: Service Control Manager [7001] - The VMware Workstation Server service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.
4/25/2014 2:38:41 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
4/25/2014 2:38:41 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
4/25/2014 2:38:41 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
4/25/2014 2:38:41 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
4/25/2014 2:38:41 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
4/25/2014 2:38:41 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/25/2014 2:38:41 PM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/25/2014 2:38:41 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/25/2014 2:38:41 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
4/25/2014 2:35:36 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
4/25/2014 11:21:03 AM, Error: Service Control Manager [7043] - The TuneUp Utilities Service service did not shut down properly after receiving a preshutdown control.
4/25/2014 10:56:37 AM, Error: Service Control Manager [7034] - The Hotspot Shield Monitoring Service service terminated unexpectedly. It has done this 1 time(s).
4/25/2014 10:55:44 AM, Error: Service Control Manager [7034] - The Hotspot Shield Service service terminated unexpectedly. It has done this 1 time(s).
4/25/2014 1:43:26 PM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
4/25/2014 1:43:15 PM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): '\??\C:\Users\IMSEOLab\ntuser.dat'.
4/25/2014 1:43:14 PM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
4/24/2014 6:13:43 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR4.
4/24/2014 11:47:47 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
4/24/2014 11:35:58 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
4/24/2014 11:15:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
4/24/2014 11:15:14 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/24/2014 11:15:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/24/2014 10:37:12 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.173.438.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10502.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
4/24/2014 10:37:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
4/24/2014 10:09:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/24/2014 10:09:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/24/2014 10:09:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/24/2014 10:08:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/24/2014 10:08:28 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm BIOS discache ElbyCDIO MpFilter spldr Wanarpv6
4/24/2014 10:08:26 PM, Error: Service Control Manager [7001] - The VMware Workstation Server service depends on the VMware Authorization Service service which failed to start because of the following error: The dependency service or group failed to start.
4/23/2014 7:28:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.173.297.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
4/23/2014 6:25:11 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
4/23/2014 11:38:23 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.173.297.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10502.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
4/23/2014 11:32:55 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
4/23/2014 11:24:25 AM, Error: Service Control Manager [7022] - The VMware USB Arbitration Service service hung on starting.
4/23/2014 11:23:03 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VMware Authorization Service service to connect.
4/23/2014 11:23:03 AM, Error: Service Control Manager [7001] - The VMware Workstation Server service depends on the VMware Authorization Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
4/23/2014 11:23:03 AM, Error: Service Control Manager [7000] - The VMware Authorization Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/23/2014 1:57:34 AM, Error: Service Control Manager [7000] - The TuneUp Theme Extension service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service.
4/23/2014 1:39:43 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.173.297.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
4/23/2014 1:09:30 PM, Error: Service Control Manager [7034] - The TuneUp Utilities Service service terminated unexpectedly. It has done this 1 time(s).
4/21/2014 3:23:07 PM, Error: Schannel [36887] - The following fatal alert was received: 40.
4/20/2014 8:57:08 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
4/20/2014 8:56:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.
4/20/2014 8:56:08 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
4/19/2014 3:56:53 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR7.
4/19/2014 3:23:08 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR6.
4/19/2014 10:23:27 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.171.148.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10501.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
4/18/2014 4:43:44 AM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
4/18/2014 10:03:17 AM, Error: Service Control Manager [7001] - The VMware Workstation Server service depends on the VMware USB Arbitration Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2014 10:03:17 AM, Error: Service Control Manager [7000] - The VMware USB Arbitration Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2014 10:03:16 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VMware USB Arbitration Service service to connect.
.
==== End Of File ===========================
DDS
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.51.2
Run by IMSEOLab at 15:43:27 on 2014-04-25
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2974.1610 [GMT 3:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Advanced SystemCare Ultimate *Enabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCService.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
C:\Program Files\InternetEverywhere\InternetEverywhere_Service.exe
F:\Malwarebytes' Anti-Malware\mbamscheduler.exe
F:\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\KMSpico\Service_KMS.exe
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
C:\Windows\system32\vmnat.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vmnetdhcp.exe
C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
F:\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
F:\USB Disk Security\USBGuard.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Atheros\AWiCMgr.exe
C:\Program Files\WordWeb\wweb32.exe
F:\USB Disk Security\USBGuard.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Windows\system32\SearchIndexer.exe
F:\fences\Fences.exe
C:\Program Files\Internet Download Manager\IDMan.exe
F:\Proxifier\Proxifier.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe
F:\AvaFind Pro\AvaFind.exe
C:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IObit\Surfing Protection\SPUpdate.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Users\IMSEOLab\5raxzje9a8\USfDfXCw.com
C:\Users\IMSEOLab\5raxzje9a8\USfDfXCw.com
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll
BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\iobit\iobit uninstaller\UninstallExplorer32.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft office\office15\OCHelper.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office15\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\surfing protection\browerprotect\ASCPlugin_Protection.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - c:\program files\microsoft office\office15\GROOVEEX.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Adobe Acrobat Registration Service] c:\users\imseolab\appdata\roaming\local\adobe\armhvc.exe
uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [Proxifier] "f:\proxifier\proxifier.exe" aut
uRun: [Advanced SystemCare Ultimate] "c:\program files\iobit\advanced systemcare ultimate 7\ASCTray.exe" /Auto
uRunOnce: [5raxzje9a8] c:\users\imseolab\5raxzje9a8\26202.vbs
mRun: [uSB Security] f:\usb disk security\USBGuard.exe
mRun: [RTHDVCPL] "c:\program files\realtek\audio\hda\RtkNGUI.exe" -s
mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Fences] "f:\fences\Fences.exe" /startup
mRun: [AWiC] "c:\program files\atheros\AWiCMgr.exe" -nogui
mRun: [WordWeb] "c:\program files\wordweb\wweb32.exe" -startup
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [vmware-tray.exe] "c:\program files\vmware\vmware workstation\vmware-tray.exe"
StartupFolder: c:\users\imseolab\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\imseolab\appdata\roaming\micros~1\windows\startm~1\programs\startup\fences.lnk - f:\fences\Fences.exe
StartupFolder: c:\users\imseolab\appdata\roaming\micros~1\windows\startm~1\programs\startup\start.lnk - c:\users\imseolab\5raxzje9a8\26202.vbs
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\avafin~1.lnk - f:\avafind pro\AvaFind.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\instal~1.lnk - c:\program files\common files\lpuninstall.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\launcher.lnk - c:\program files\interneteverywhere\InternetEverywhere_Launcher.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SynchronousMachineGroupPolicy = dword:1
mPolicies-System: SynchronousUserGroupPolicy = dword:1
mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:1
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft office\office15\OCHelper.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office15\ONBttnIELinkedNotes.dll
LSP: %SystemRoot%\system32\PrxerDrv.dll
LSP: %windir%\system32\vsocklib.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{6AB15721-CAB7-4D92-BB73-82E21DC8D72F} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{70BB6D26-DA5B-4AEA-A2A3-9D03D46BF2C6} : DHCPNameServer = 192.168.201.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - c:\program files\microsoft office\office15\MSOSB.DLL
Handler: qv - {0B4BB6DC-D020-4173-97F2-3AD91AFD6559} - c:\program files\quickverse 2010\qvprotwrapper.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - f:\fences\FencesMenu.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: backupper.exe - "c:\program files\tuneup utilities 2014\TUAutoReactivator32.exe"
IFEO: driverbooster.exe - "c:\program files\tuneup utilities 2014\TUAutoReactivator32.exe"
IFEO: unins000.exe - "c:\program files\tuneup utilities 2014\TUAutoReactivator32.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\imseolab\appdata\roaming\mozilla\firefox\profiles\3mgtqajz.default-1396465441559\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\micros~2\office15\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: c:\program files\wordweb\wcapturemoz\plugins\npWCX.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1207148.dll
FF - plugin: c:\windows\system32\macromed\authorwa\np32asw.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 ambakdrv;ambakdrv;c:\windows\system32\ambakdrv.sys [2014-4-17 26424]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2014-1-25 231960]
R0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2014-4-13 61464]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2005-3-16 13696]
R1 MpKsl20b00854;MpKsl20b00854;c:\programdata\microsoft\microsoft antimalware\definition updates\{c2b4d9f8-7b27-4b34-b1e2-1526bda94e30}\MpKsl20b00854.sys [2014-4-25 39464]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\iobit\advanced systemcare ultimate 7\ASCService.exe [2014-3-15 886592]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2014-2-26 87968]
R2 ammntdrv;ammntdrv;c:\windows\system32\ammntdrv.sys [2014-4-17 129720]
R2 amwrtdrv;amwrtdrv;c:\windows\system32\amwrtdrv.sys [2014-4-17 14392]
R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;c:\program files\iobit\advanced systemcare ultimate 7\ASCAvSvc.exe [2014-3-15 647488]
R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2014-2-21 108000]
R2 InternetEverywhere_Service;InternetEverywhere_Service;c:\program files\interneteverywhere\InternetEverywhere_Service.exe [2014-3-5 342984]
R2 MBAMScheduler;MBAMScheduler;f:\malwarebytes' anti-malware\mbamscheduler.exe [2014-4-22 418376]
R2 MBAMService;MBAMService;f:\malwarebytes' anti-malware\mbamservice.exe [2014-4-22 701512]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 104264]
R2 RtkAudioService;Realtek Audio Service;c:\program files\realtek\audio\hda\RtkAudioService.exe [2014-3-16 251096]
R2 Service KMSELDI;Service KMSELDI;c:\program files\kmspico\Service_KMS.exe [2014-2-26 37888]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2014\TuneUpUtilitiesService32.exe [2014-3-20 1773368]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2012-10-11 721048]
R2 VMwareHostd;VMware Workstation Server;c:\program files\vmware\vmware workstation\vmware-hostd.exe [2012-11-1 13234176]
R2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);c:\windows\system32\drivers\vstor2-mntapi10-shared.sys [2011-7-12 22768]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-5-9 24736]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-4-22 22856]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2014-3-11 279776]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2014-3-16 683736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2014\TuneUpUtilitiesDriver32.sys [2013-12-16 12320]
S1 MpKsl64f3890b;MpKsl64f3890b;c:\programdata\microsoft\microsoft antimalware\definition updates\{c2b4d9f8-7b27-4b34-b1e2-1526bda94e30}\MpKsl64f3890b.sys [2014-4-25 39464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\iobit\liveupdate\LiveUpdate.exe [2014-2-26 2153792]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2011-5-9 34976]
S3 AWiCSrvc;AWiCSrvc;c:\program files\atheros\AWiCSrvc.exe [2014-2-27 49152]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BoxSyncUpdateService;Box Sync Update Service;c:\program files\box\box sync\SyncUpdaterService.exe [2014-3-10 27672]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-5-9 259232]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2011-5-9 175776]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2011-5-9 49312]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2011-5-9 141088]
S3 BtFilter;BtFilter;c:\windows\system32\drivers\btfilter.sys [2011-5-9 243872]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 ewsercd;Huawei DataCard USB Serial Port;c:\windows\system32\drivers\ewsercd.sys [2014-3-5 100224]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-4-25 108032]
S3 MDA_NTDRV;MDA_NTDRV;c:\windows\system32\MDA_NTDRV.sys [2013-2-25 18136]
S3 orange_zte_cdc_acm;ZTE Orange CDC-ACM driver;c:\windows\system32\drivers\orange_zte_cdc_acm.sys [2014-4-16 66432]
S3 orange_zte_cpo;ZTE Orange Install;c:\windows\system32\drivers\orange_zte_cpo.sys [2014-4-16 9984]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 15872]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\drivers\RtsPStor.sys [2014-2-26 251496]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-21 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2014-2-26 1343400]
S4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files\bluetooth suite\Ath_CoexAgent.exe [2011-5-9 146592]
S4 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2011-5-9 76960]
S4 Backupper Service;AOMEI Backupper Scheduler Service;c:\program files\aomei backupper\ABService.exe [2014-4-17 29912]
.
=============== Created Last 30 ================
.
2014-04-25 12:40:29 62576 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c2b4d9f8-7b27-4b34-b1e2-1526bda94e30}\offreg.dll
2014-04-25 10:20:47 39464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c2b4d9f8-7b27-4b34-b1e2-1526bda94e30}\MpKsl20b00854.sys
2014-04-25 08:16:59 -------- d-s---w- c:\windows\system32\CompatTel
2014-04-25 05:50:06 361984 ----a-w- c:\windows\system32\aepdu.dll
2014-04-25 05:50:06 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-04-25 05:34:54 514560 ----a-w- c:\windows\system32\qdvd.dll
2014-04-24 20:31:20 8050496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c2b4d9f8-7b27-4b34-b1e2-1526bda94e30}\mpengine.dll
2014-04-24 19:18:49 -------- d-----w- C:\TDSSKiller_Quarantine
2014-04-24 09:50:03 -------- d-----w- c:\users\imseolab\appdata\local\AccountsDominator
2014-04-24 08:33:00 12872 ----a-w- c:\windows\system32\bootdelete.exe
2014-04-24 08:11:45 -------- d-----w- c:\programdata\HitmanPro
2014-04-24 07:35:42 -------- d-----w- C:\Ark
2014-04-23 20:37:34 -------- d-----w- c:\users\imseolab\appdata\roaming\Affilorama
2014-04-23 17:26:01 8050496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-04-22 22:57:36 25400 ----a-w- c:\windows\system32\authuitu.dll
2014-04-22 22:57:31 36152 ----a-w- c:\windows\system32\uxtuneup.dll
2014-04-22 22:57:15 -------- d-----w- c:\users\imseolab\appdata\local\TuneUp Software
2014-04-22 22:49:17 36664 ----a-w- c:\windows\system32\TURegOpt.exe
2014-04-22 22:48:49 -------- d-----w- c:\users\imseolab\appdata\roaming\TuneUp Software
2014-04-22 22:48:06 -------- d-----w- c:\program files\TuneUp Utilities 2014
2014-04-22 22:46:08 -------- d-----w- c:\programdata\TuneUp Software
2014-04-22 22:45:57 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-22 22:45:57 -------- d--h--w- c:\programdata\Common Files
2014-04-22 22:24:20 -------- d-----w- c:\users\imseolab\appdata\roaming\TweetAdder3
2014-04-22 17:17:37 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-21 21:03:54 -------- d-----w- C:\Hman's Login
2014-04-21 16:52:55 6163104 ----a-w- c:\windows\system32\Flash.ocx
2014-04-21 01:47:59 86016 ----a-w- c:\windows\unvise32.exe
2014-04-21 00:07:58 -------- d-----w- c:\users\imseolab\appdata\roaming\FB2
2014-04-20 23:20:07 -------- d-----w- c:\users\imseolab\appdata\roaming\com.jayvenka.qilio
2014-04-20 00:56:46 -------- d-----w- c:\users\imseolab\appdata\local\AccountStreamYahoo
2014-04-19 14:54:12 -------- d-----w- c:\users\imseolab\appdata\roaming\GSA Captcha Breaker
2014-04-19 14:40:12 -------- d-----w- c:\users\imseolab\appdata\roaming\Proxifier
2014-04-19 14:39:25 91240 ----a-w- c:\windows\system32\ProxifierShellExt.dll
2014-04-19 14:39:25 70248 ----a-w- c:\windows\system32\PrxerDrv.dll
2014-04-19 14:39:25 56424 ----a-w- c:\windows\system32\PrxerNsp.dll
2014-04-19 14:39:25 11264 ----a-w- c:\windows\system32\SPORDER.DLL
2014-04-19 14:36:22 -------- d-----w- c:\users\imseolab\appdata\roaming\GSA Search Engine Ranker
2014-04-19 11:51:20 -------- d-----w- c:\users\imseolab\appdata\roaming\BoostFanPageTraffic
2014-04-19 08:48:50 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{adc7bf4b-cd44-4cac-9db3-3476a994dadf}\gapaengine.dll
2014-04-19 08:24:22 6858064 ----a-r- c:\users\imseolab\appdata\roaming\microsoft\installer\{4b523cfd-2b57-403a-973f-920422a0d7f2}\Logos4.exe
2014-04-19 08:20:30 -------- d-----w- c:\users\imseolab\appdata\local\Logos4
2014-04-19 08:19:48 -------- d-----w- c:\program files\Link-AssistantCom
2014-04-19 08:18:49 -------- d-----w- c:\program files\Time Stopper
2014-04-19 08:15:05 -------- d-----w- c:\users\imseolab\appdata\local\TempDIR
2014-04-17 23:51:18 -------- d-----w- c:\users\imseolab\appdata\roaming\SubRepo
2014-04-17 21:13:22 -------- d-----w- c:\users\imseolab\appdata\roaming\PrPowershot
2014-04-17 15:46:00 -------- d-----w- c:\users\imseolab\appdata\local\BlackHatToolz.com
2014-04-17 15:18:24 -------- d-----w- c:\programdata\AomeiBR
2014-04-17 13:42:55 26424 ----a-w- c:\windows\system32\ambakdrv.sys
2014-04-17 13:42:55 14392 ----a-w- c:\windows\system32\amwrtdrv.sys
2014-04-17 13:42:55 129720 ----a-w- c:\windows\system32\ammntdrv.sys
2014-04-17 13:42:47 -------- d-----w- c:\program files\AOMEI Backupper
2014-04-17 13:41:27 86016 ----a-w- c:\windows\system32\atl70.dll
2014-04-17 13:41:27 1355776 ----a-w- c:\windows\system32\msvbvm50.dll
2014-04-17 13:40:31 -------- d-----w- c:\windows\system32\Adobe
2014-04-17 13:38:49 -------- d-----w- c:\program files\SAM CoDeC Pack
2014-04-17 10:36:23 860928 ----a-w- c:\windows\system32\drivers\mod7700.sys
2014-04-17 10:36:22 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2014-04-17 10:36:22 116736 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2014-04-17 10:36:22 106880 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2014-04-17 10:24:01 -------- d-----w- c:\users\imseolab\appdata\roaming\AVAST Software
2014-04-17 10:21:46 -------- d-----w- c:\program files\AVAST Software
2014-04-17 10:21:35 403440 ----a-w- c:\windows\system32\drivers\xumwvxrt.sys
2014-04-17 09:04:25 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2014-04-17 09:04:25 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2014-04-17 09:04:23 82816 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2014-04-17 09:04:23 51456 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2014-04-17 09:04:23 26496 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2014-04-17 09:04:23 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2014-04-17 09:04:22 72576 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2014-04-17 09:04:22 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2014-04-17 06:48:54 -------- d-----w- c:\program files\SupportAppCB
2014-04-16 14:17:40 9984 ----a-w- c:\windows\system32\drivers\orange_zte_cpo.sys
2014-04-16 14:17:40 66432 ----a-w- c:\windows\system32\drivers\orange_zte_cdc_acm.sys
2014-04-16 14:17:40 1461992 ----a-w- c:\windows\system32\drivers\wdfcoinstaller01009.dll
2014-04-16 14:17:40 13312 ----a-w- c:\windows\system32\orange_zte_CPOCoinstaller.dll
2014-04-16 14:17:40 13312 ----a-w- c:\windows\system32\drivers\orange_zte_CPOCoinstaller.dll
2014-04-15 07:16:37 -------- d-----w- c:\users\imseolab\appdata\roaming\Atomic Alarm Clock 6
2014-04-12 22:08:13 -------- d-----w- c:\users\imseolab\appdata\roaming\IDM
2014-04-12 21:43:04 119808 ----a-r- c:\users\imseolab\appdata\roaming\microsoft\installer\{ccf298af-9ce1-4b26-b251-486e98a34789}\icons.exe
2014-04-12 21:25:18 -------- d-----w- c:\users\imseolab\appdata\local\VMware
2014-04-12 21:22:22 63128 ----a-w- c:\windows\system32\vsocklib.dll
2014-04-12 21:22:21 61464 ----a-w- c:\windows\system32\drivers\vsock.sys
2014-04-12 21:21:34 357016 ----a-w- c:\windows\system32\vmnetdhcp.exe
2014-04-12 21:21:30 435864 ----a-w- c:\windows\system32\vmnat.exe
2014-04-12 21:21:29 25752 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2014-04-12 21:21:22 779928 ----a-w- c:\windows\system32\vnetlib.dll
2014-04-12 21:21:16 41496 ----a-w- c:\windows\system32\drivers\hcmon.sys
2014-04-12 21:19:23 -------- d-----w- c:\program files\VMware
2014-04-12 21:19:23 -------- d-----w- c:\program files\common files\VMware
2014-04-12 17:00:48 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-12 17:00:48 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-12 17:00:48 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-12 17:00:48 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-12 17:00:39 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-12 07:47:55 -------- d-----w- c:\program files\Intel Corporation
2014-04-07 22:25:16 -------- d-----w- c:\users\imseolab\appdata\local\Business Plan Pro Samples
2014-04-07 22:21:19 -------- d-----w- c:\users\imseolab\appdata\local\Palo_Alto_Software
2014-04-07 22:21:18 -------- d-----w- c:\users\imseolab\appdata\roaming\bppenu11
2014-04-07 18:02:11 -------- d-----w- c:\users\imseolab\appdata\local\Geckofx
2014-04-07 18:02:01 -------- d-----w- c:\users\imseolab\appdata\roaming\Clyde Software Unlimited
2014-04-07 17:46:50 -------- d-----w- c:\programdata\KeywordOrganizer
2014-04-07 06:03:16 -------- d-----w- c:\users\imseolab\appdata\local\KeywordOrganizer
2014-04-06 20:30:26 -------- d-----w- c:\windows\system32\Hotspot Shield
2014-04-06 09:54:22 -------- d-----w- c:\users\imseolab\appdata\local\Evergreen_Internet_Market
2014-04-05 21:12:43 -------- d-----w- c:\users\imseolab\appdata\roaming\EndNote
2014-04-05 20:52:59 -------- d-----w- c:\program files\common files\Risxtd
2014-04-05 20:52:49 -------- d-----w- c:\program files\common files\ResearchSoft
2014-04-05 20:51:47 -------- d-----w- c:\program files\EndNote X3
2014-04-05 20:51:13 -------- d-----w- c:\programdata\Thomson.ResearchSoft.Installers
2014-04-05 20:48:31 -------- d-----w- c:\windows\86B3F2D6AC2B4E888AE1F2F77F781B0C.TMP
2014-04-05 20:48:22 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2014-04-05 14:07:18 50688 ----a-w- c:\windows\system32\admwprox.dll
2014-04-05 14:07:18 154624 ----a-w- c:\windows\system32\iisRtl.dll
2014-04-05 14:07:17 8192 ----a-w- c:\windows\system32\iisrstap.dll
2014-04-05 14:07:17 26624 ----a-w- c:\windows\system32\ahadmin.dll
2014-04-05 14:07:17 15360 ----a-w- c:\windows\system32\iisreset.exe
2014-04-05 14:07:17 10752 ----a-w- c:\windows\system32\wamregps.dll
2014-04-05 12:34:33 -------- d-----w- c:\users\imseolab\appdata\roaming\IBP
2014-04-05 12:18:22 -------- d-----w- c:\users\imseolab\appdata\local\Downloaded Installations
2014-04-05 09:48:56 -------- d-----w- c:\users\imseolab\appdata\roaming\DigiResults
2014-04-05 09:47:31 -------- d-----w- c:\users\imseolab\appdata\local\Deployment
2014-04-05 08:06:49 -------- d-----w- c:\windows\system32\BestPractices
2014-04-05 08:06:48 -------- d-----w- C:\inetpub
2014-04-04 21:50:03 -------- d-----w- c:\users\imseolab\appdata\local\Mibasoft_Ltd
2014-04-03 21:12:02 -------- d-----w- c:\users\imseolab\appdata\local\A
2014-04-03 09:51:53 -------- d-----w- c:\users\imseolab\appdata\roaming\TideSDK
2014-04-02 21:34:03 -------- d-----w- c:\users\imseolab\appdata\local\Apple Computer
2014-04-02 21:33:53 -------- d-----w- c:\users\imseolab\appdata\roaming\Titanium
2014-04-01 06:27:45 -------- d-----w- c:\users\imseolab\.ScreamingFrogSEOSpider
2014-03-30 15:29:50 -------- d-----w- c:\users\imseolab\appdata\local\SENukeX
2014-03-30 15:29:48 -------- d-----w- c:\users\imseolab\appdata\local\SENukeXUpdateConfig
2014-03-30 13:24:43 -------- d-----w- c:\users\imseolab\appdata\roaming\IsolatedStorage
2014-03-30 13:24:43 -------- d-----w- c:\programdata\IsolatedStorage
2014-03-30 13:24:37 -------- d-----w- c:\users\imseolab\appdata\local\TumbleNinja
2014-03-30 13:24:24 -------- d-----w- c:\programdata\Gibraltar
2014-03-30 13:18:39 -------- d-----w- c:\program files\Share YouTube Videos
2014-03-30 13:17:04 -------- d-----w- c:\users\imseolab\appdata\roaming\Tumblifier
2014-03-30 13:17:04 -------- d-----w- c:\users\imseolab\appdata\local\Tumblifier
2014-03-30 13:14:30 -------- d-----w- c:\users\imseolab\appdata\roaming\ScrapeBoard
2014-03-30 13:10:32 -------- d-----w- c:\users\imseolab\appdata\local\Wicked_Article_Creator
2014-03-30 06:18:40 -------- d-----w- c:\users\imseolab\appdata\local\xTumblrBot.com
2014-03-28 17:11:45 -------- d-sh--w- c:\users\imseolab\wc
2014-03-28 17:11:39 -------- d-----w- c:\users\imseolab\appdata\roaming\Molura
2014-03-28 17:11:38 -------- d-sh--w- c:\users\imseolab\appdata\roaming\wyUpdate AU
2014-03-28 17:10:34 -------- d-----w- c:\users\imseolab\appdata\local\Molura
2014-03-27 19:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-03-27 19:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-03-27 19:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-03-27 19:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-03-27 19:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2014-03-27 19:33:25 -------- d-----w- c:\users\imseolab\appdata\local\Apple
2014-03-27 19:04:45 -------- d-----w- c:\users\imseolab\appdata\local\TechSmith
2014-03-27 08:31:29 -------- d-----w- c:\users\imseolab\dkJpRtTdKlBxAJxdiPPnOgMInfo
2014-03-27 08:31:28 -------- d-----w- c:\users\imseolab\appdata\roaming\com.trafficspy
2014-03-26 20:51:11 -------- d-----w- C:\Quickfire
.
==================== Find3M ====================
.
2014-04-17 13:39:16 715038 ----a-w- c:\windows\unins000.exe
2014-04-16 14:17:26 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2014-04-03 17:37:50 11149312 ----a-w- c:\program files\common files\lpuninstall.exe
2014-03-23 19:05:21 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-03-19 16:06:59 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-16 19:44:56 76872 ----a-w- c:\windows\system32\RtNicProp32.dll
2014-03-16 19:44:56 683736 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2014-03-16 19:44:56 100896 ----a-w- c:\windows\system32\RTNUninst32.dll
2014-03-16 19:41:46 1892056 ----a-w- c:\windows\system32\RTSndMgr.cpl
2014-03-16 19:41:45 3012056 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2014-03-16 19:41:44 915160 ----a-w- c:\windows\system32\RtkCoInstII.dll
2014-03-16 19:41:44 782040 ----a-w- c:\windows\system32\RtkApoApi.dll
2014-03-16 19:41:44 2559192 ----a-w- c:\windows\system32\RtkPgExt.dll
2014-03-16 19:41:44 13416 ----a-w- c:\windows\system32\RtkCoLDR.dll
2014-03-16 19:41:43 2464472 ----a-w- c:\windows\system32\RtkAPO.dll
2014-03-16 19:41:40 54936064 ----a-w- c:\windows\system32\RCoRes.dat
2014-03-16 19:41:22 92584 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-03-16 19:41:21 95840 ----a-w- c:\windows\system32\AERTARen.dll
2014-03-16 19:41:21 182472 ----a-w- c:\windows\system32\AERTACap.dll
2014-03-11 06:52:30 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-05 10:49:00 100224 ----a-w- c:\windows\system32\drivers\ewsercd.sys
2014-02-28 11:09:55 246804 ----a-w- c:\windows\system32\drivers\AtherosBt.bin
2014-02-07 01:07:56 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04:22 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04:11 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06:47 381440 ----a-w- c:\windows\system32\wer.dll
2014-01-28 02:07:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2013-02-07 12:22:00 50330 ----a-w- c:\program files\AntiDust.exe
.
============= FINISH: 15:48:43.85 ===============
-
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.51.2
Run by IMSEOLab at 13:41:56 on 2014-04-25
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2974.1468 [GMT 3:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Internet Security *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Advanced SystemCare Ultimate *Enabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
SP: avast! Internet Security *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: avast! Internet Security *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCService.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
C:\Program Files\InternetEverywhere\InternetEverywhere_Service.exe
F:\Malwarebytes' Anti-Malware\mbamscheduler.exe
F:\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\KMSpico\Service_KMS.exe
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
C:\Windows\system32\vmnat.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vmnetdhcp.exe
C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
F:\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
F:\USB Disk Security\USBGuard.exe
F:\USB Disk Security\USBGuard.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Atheros\AWiCMgr.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Internet Download Manager\IDMan.exe
F:\Proxifier\Proxifier.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe
F:\AvaFind Pro\AvaFind.exe
C:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Users\IMSEOLab\5raxzje9a8\USfDfXCw.com
C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\WUDFHost.exe
F:\Mobile Partner\Mobile Partner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll
BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\iobit\iobit uninstaller\UninstallExplorer32.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft office\office15\OCHelper.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office15\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\surfing protection\browerprotect\ASCPlugin_Protection.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - c:\program files\microsoft office\office15\GROOVEEX.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Adobe Acrobat Registration Service] c:\users\imseolab\appdata\roaming\local\adobe\armhvc.exe
uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [Proxifier] "f:\proxifier\proxifier.exe" aut
uRun: [Advanced SystemCare Ultimate] "c:\program files\iobit\advanced systemcare ultimate 7\ASCTray.exe" /Auto
uRunOnce: [5raxzje9a8] c:\users\imseolab\5raxzje9a8\26202.vbs
mRun: [uSB Security] f:\usb disk security\USBGuard.exe
mRun: [RTHDVCPL] "c:\program files\realtek\audio\hda\RtkNGUI.exe" -s
mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Fences] "f:\fences\Fences.exe" /startup
mRun: [AWiC] "c:\program files\atheros\AWiCMgr.exe" -nogui
mRun: [WordWeb] "c:\program files\wordweb\wweb32.exe" -startup
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [vmware-tray.exe] "c:\program files\vmware\vmware workstation\vmware-tray.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
StartupFolder: c:\users\imseolab\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\imseolab\appdata\roaming\micros~1\windows\startm~1\programs\startup\fences.lnk - f:\fences\Fences.exe
StartupFolder: c:\users\imseolab\appdata\roaming\micros~1\windows\startm~1\programs\startup\start.lnk - c:\users\imseolab\5raxzje9a8\26202.vbs
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\avafin~1.lnk - f:\avafind pro\AvaFind.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\instal~1.lnk - c:\program files\common files\lpuninstall.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\launcher.lnk - c:\program files\interneteverywhere\InternetEverywhere_Launcher.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SynchronousMachineGroupPolicy = dword:1
mPolicies-System: SynchronousUserGroupPolicy = dword:1
mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:1
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft office\office15\OCHelper.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office15\ONBttnIELinkedNotes.dll
LSP: %SystemRoot%\system32\PrxerDrv.dll
LSP: %windir%\system32\vsocklib.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: Interfaces\{6AB15721-CAB7-4D92-BB73-82E21DC8D72F} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{70BB6D26-DA5B-4AEA-A2A3-9D03D46BF2C6} : DHCPNameServer = 192.168.201.1
TCP: Interfaces\{B9B973A7-4108-42CC-B107-D28B935E1E61} : NameServer = 8.8.8.8 41.191.76.70
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - c:\program files\microsoft office\office15\MSOSB.DLL
Handler: qv - {0B4BB6DC-D020-4173-97F2-3AD91AFD6559} - c:\program files\quickverse 2010\qvprotwrapper.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - f:\fences\FencesMenu.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: backupper.exe - "c:\program files\tuneup utilities 2014\TUAutoReactivator32.exe"
IFEO: driverbooster.exe - "c:\program files\tuneup utilities 2014\TUAutoReactivator32.exe"
IFEO: unins000.exe - "c:\program files\tuneup utilities 2014\TUAutoReactivator32.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\imseolab\appdata\roaming\mozilla\firefox\profiles\3mgtqajz.default-1396465441559\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\micros~2\office15\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: c:\program files\wordweb\wcapturemoz\plugins\npWCX.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1207148.dll
FF - plugin: c:\windows\system32\macromed\authorwa\np32asw.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 ambakdrv;ambakdrv;c:\windows\system32\ambakdrv.sys [2014-4-17 26424]
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-4-17 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-4-17 178304]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2014-1-25 231960]
R0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2014-4-13 61464]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2014-4-17 26136]
R1 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\drivers\aswNdisFlt.sys [2014-4-17 259928]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-4-17 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-4-17 403440]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2005-3-16 13696]
R1 MpKsl20b00854;MpKsl20b00854;c:\programdata\microsoft\microsoft antimalware\definition updates\{c2b4d9f8-7b27-4b34-b1e2-1526bda94e30}\MpKsl20b00854.sys [2014-4-25 39464]
R1 MpKsld9840670;MpKsld9840670;c:\programdata\microsoft\microsoft antimalware\definition updates\{c2b4d9f8-7b27-4b34-b1e2-1526bda94e30}\MpKsld9840670.sys [2014-4-25 39464]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\iobit\advanced systemcare ultimate 7\ASCService.exe [2014-3-15 886592]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2014-2-26 87968]
R2 ammntdrv;ammntdrv;c:\windows\system32\ammntdrv.sys [2014-4-17 129720]
R2 amwrtdrv;amwrtdrv;c:\windows\system32\amwrtdrv.sys [2014-4-17 14392]
R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;c:\program files\iobit\advanced systemcare ultimate 7\ASCAvSvc.exe [2014-3-15 647488]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2014-4-17 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-4-17 70384]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-4-17 50344]
R2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2014-4-17 116776]
R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2014-2-21 108000]
R2 InternetEverywhere_Service;InternetEverywhere_Service;c:\program files\interneteverywhere\InternetEverywhere_Service.exe [2014-3-5 342984]
R2 MBAMScheduler;MBAMScheduler;f:\malwarebytes' anti-malware\mbamscheduler.exe [2014-4-22 418376]
R2 MBAMService;MBAMService;f:\malwarebytes' anti-malware\mbamservice.exe [2014-4-22 701512]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 104264]
R2 RtkAudioService;Realtek Audio Service;c:\program files\realtek\audio\hda\RtkAudioService.exe [2014-3-16 251096]
R2 Service KMSELDI;Service KMSELDI;c:\program files\kmspico\Service_KMS.exe [2014-2-26 37888]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2014\TuneUpUtilitiesService32.exe [2014-3-20 1773368]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2012-10-11 721048]
R2 VMwareHostd;VMware Workstation Server;c:\program files\vmware\vmware workstation\vmware-hostd.exe [2012-11-1 13234176]
R2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);c:\windows\system32\drivers\vstor2-mntapi10-shared.sys [2011-7-12 22768]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-5-9 24736]
R3 ewsercd;Huawei DataCard USB Serial Port;c:\windows\system32\drivers\ewsercd.sys [2014-3-5 100224]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-4-22 22856]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2014-3-11 279776]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2014-3-16 683736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2014\TuneUpUtilitiesDriver32.sys [2013-12-16 12320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\iobit\liveupdate\LiveUpdate.exe [2014-2-26 2153792]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2011-5-9 34976]
S3 AWiCSrvc;AWiCSrvc;c:\program files\atheros\AWiCSrvc.exe [2014-2-27 49152]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BoxSyncUpdateService;Box Sync Update Service;c:\program files\box\box sync\SyncUpdaterService.exe [2014-3-10 27672]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-5-9 259232]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2011-5-9 175776]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2011-5-9 49312]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2011-5-9 141088]
S3 BtFilter;BtFilter;c:\windows\system32\drivers\btfilter.sys [2011-5-9 243872]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-4-25 108032]
S3 MDA_NTDRV;MDA_NTDRV;c:\windows\system32\MDA_NTDRV.sys [2013-2-25 18136]
S3 orange_zte_cdc_acm;ZTE Orange CDC-ACM driver;c:\windows\system32\drivers\orange_zte_cdc_acm.sys [2014-4-16 66432]
S3 orange_zte_cpo;ZTE Orange Install;c:\windows\system32\drivers\orange_zte_cpo.sys [2014-4-16 9984]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 15872]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\drivers\RtsPStor.sys [2014-2-26 251496]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-21 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2014-2-26 1343400]
S4 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files\bluetooth suite\Ath_CoexAgent.exe [2011-5-9 146592]
S4 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2011-5-9 76960]
S4 Backupper Service;AOMEI Backupper Scheduler Service;c:\program files\aomei backupper\ABService.exe [2014-4-17 29912]
.
=============== Created Last 30 ================
.
2014-04-25 10:20:47 39464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c2b4d9f8-7b27-4b34-b1e2-1526bda94e30}\MpKsl20b00854.sys
2014-04-25 08:19:29 39464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c2b4d9f8-7b27-4b34-b1e2-1526bda94e30}\MpKsld9840670.sys
2014-04-25 08:16:59 -------- d-s---w- c:\windows\system32\CompatTel
2014-04-25 05:50:06 361984 ----a-w- c:\windows\system32\aepdu.dll
2014-04-25 05:50:06 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-04-25 05:34:54 514560 ----a-w- c:\windows\system32\qdvd.dll
2014-04-24 20:31:20 8050496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c2b4d9f8-7b27-4b34-b1e2-1526bda94e30}\mpengine.dll
2014-04-24 19:18:49 -------- d-----w- C:\TDSSKiller_Quarantine
2014-04-24 09:50:03 -------- d-----w- c:\users\imseolab\appdata\local\AccountsDominator
2014-04-24 08:33:00 12872 ----a-w- c:\windows\system32\bootdelete.exe
2014-04-24 08:11:45 -------- d-----w- c:\programdata\HitmanPro
2014-04-24 07:35:42 -------- d-----w- C:\Ark
2014-04-23 20:37:34 -------- d-----w- c:\users\imseolab\appdata\roaming\Affilorama
2014-04-23 17:26:01 8050496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-04-22 22:57:36 25400 ----a-w- c:\windows\system32\authuitu.dll
2014-04-22 22:57:31 36152 ----a-w- c:\windows\system32\uxtuneup.dll
2014-04-22 22:57:15 -------- d-----w- c:\users\imseolab\appdata\local\TuneUp Software
2014-04-22 22:49:17 36664 ----a-w- c:\windows\system32\TURegOpt.exe
2014-04-22 22:48:49 -------- d-----w- c:\users\imseolab\appdata\roaming\TuneUp Software
2014-04-22 22:48:06 -------- d-----w- c:\program files\TuneUp Utilities 2014
2014-04-22 22:46:08 -------- d-----w- c:\programdata\TuneUp Software
2014-04-22 22:45:57 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-04-22 22:45:57 -------- d--h--w- c:\programdata\Common Files
2014-04-22 22:24:20 -------- d-----w- c:\users\imseolab\appdata\roaming\TweetAdder3
2014-04-22 17:17:37 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-21 21:03:54 -------- d-----w- C:\Hman's Login
2014-04-21 16:52:55 6163104 ----a-w- c:\windows\system32\Flash.ocx
2014-04-21 01:47:59 86016 ----a-w- c:\windows\unvise32.exe
2014-04-21 00:07:58 -------- d-----w- c:\users\imseolab\appdata\roaming\FB2
2014-04-20 23:20:07 -------- d-----w- c:\users\imseolab\appdata\roaming\com.jayvenka.qilio
2014-04-20 00:56:46 -------- d-----w- c:\users\imseolab\appdata\local\AccountStreamYahoo
2014-04-19 14:54:12 -------- d-----w- c:\users\imseolab\appdata\roaming\GSA Captcha Breaker
2014-04-19 14:40:12 -------- d-----w- c:\users\imseolab\appdata\roaming\Proxifier
2014-04-19 14:39:25 91240 ----a-w- c:\windows\system32\ProxifierShellExt.dll
2014-04-19 14:39:25 70248 ----a-w- c:\windows\system32\PrxerDrv.dll
2014-04-19 14:39:25 56424 ----a-w- c:\windows\system32\PrxerNsp.dll
2014-04-19 14:39:25 11264 ----a-w- c:\windows\system32\SPORDER.DLL
2014-04-19 14:36:22 -------- d-----w- c:\users\imseolab\appdata\roaming\GSA Search Engine Ranker
2014-04-19 11:51:20 -------- d-----w- c:\users\imseolab\appdata\roaming\BoostFanPageTraffic
2014-04-19 08:48:50 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{adc7bf4b-cd44-4cac-9db3-3476a994dadf}\gapaengine.dll
2014-04-19 08:24:22 6858064 ----a-r- c:\users\imseolab\appdata\roaming\microsoft\installer\{4b523cfd-2b57-403a-973f-920422a0d7f2}\Logos4.exe
2014-04-19 08:20:30 -------- d-----w- c:\users\imseolab\appdata\local\Logos4
2014-04-19 08:19:48 -------- d-----w- c:\program files\Link-AssistantCom
2014-04-19 08:18:49 -------- d-----w- c:\program files\Time Stopper
2014-04-19 08:15:05 -------- d-----w- c:\users\imseolab\appdata\local\TempDIR
2014-04-17 23:51:18 -------- d-----w- c:\users\imseolab\appdata\roaming\SubRepo
2014-04-17 21:13:22 -------- d-----w- c:\users\imseolab\appdata\roaming\PrPowershot
2014-04-17 15:46:00 -------- d-----w- c:\users\imseolab\appdata\local\BlackHatToolz.com
2014-04-17 15:18:24 -------- d-----w- c:\programdata\AomeiBR
2014-04-17 13:42:55 26424 ----a-w- c:\windows\system32\ambakdrv.sys
2014-04-17 13:42:55 14392 ----a-w- c:\windows\system32\amwrtdrv.sys
2014-04-17 13:42:55 129720 ----a-w- c:\windows\system32\ammntdrv.sys
2014-04-17 13:42:47 -------- d-----w- c:\program files\AOMEI Backupper
2014-04-17 13:41:27 86016 ----a-w- c:\windows\system32\atl70.dll
2014-04-17 13:41:27 1355776 ----a-w- c:\windows\system32\msvbvm50.dll
2014-04-17 13:40:31 -------- d-----w- c:\windows\system32\Adobe
2014-04-17 13:38:49 -------- d-----w- c:\program files\SAM CoDeC Pack
2014-04-17 10:36:23 860928 ----a-w- c:\windows\system32\drivers\mod7700.sys
2014-04-17 10:36:22 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2014-04-17 10:36:22 116736 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2014-04-17 10:36:22 106880 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2014-04-17 10:24:01 -------- d-----w- c:\users\imseolab\appdata\roaming\AVAST Software
2014-04-17 10:22:33 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-17 10:22:33 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-17 10:22:32 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-17 10:22:31 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-17 10:22:27 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-17 10:22:24 26136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-04-17 10:22:15 43152 ----a-w- c:\windows\avastSS.scr
2014-04-17 10:22:06 259928 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-04-17 10:21:46 -------- d-----w- c:\program files\AVAST Software
2014-04-17 10:21:35 403440 ----a-w- c:\windows\system32\drivers\xumwvxrt.sys
2014-04-17 10:21:12 -------- d-----w- c:\programdata\AVAST Software
2014-04-17 09:04:25 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2014-04-17 09:04:25 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2014-04-17 09:04:23 82816 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2014-04-17 09:04:23 51456 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2014-04-17 09:04:23 26496 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2014-04-17 09:04:23 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2014-04-17 09:04:22 72576 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2014-04-17 09:04:22 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2014-04-17 06:48:54 -------- d-----w- c:\program files\SupportAppCB
2014-04-16 14:17:40 9984 ----a-w- c:\windows\system32\drivers\orange_zte_cpo.sys
2014-04-16 14:17:40 66432 ----a-w- c:\windows\system32\drivers\orange_zte_cdc_acm.sys
2014-04-16 14:17:40 1461992 ----a-w- c:\windows\system32\drivers\wdfcoinstaller01009.dll
2014-04-16 14:17:40 13312 ----a-w- c:\windows\system32\orange_zte_CPOCoinstaller.dll
2014-04-16 14:17:40 13312 ----a-w- c:\windows\system32\drivers\orange_zte_CPOCoinstaller.dll
2014-04-15 07:16:37 -------- d-----w- c:\users\imseolab\appdata\roaming\Atomic Alarm Clock 6
2014-04-12 22:08:13 -------- d-----w- c:\users\imseolab\appdata\roaming\IDM
2014-04-12 21:43:04 119808 ----a-r- c:\users\imseolab\appdata\roaming\microsoft\installer\{ccf298af-9ce1-4b26-b251-486e98a34789}\icons.exe
2014-04-12 21:25:18 -------- d-----w- c:\users\imseolab\appdata\local\VMware
2014-04-12 21:22:22 63128 ----a-w- c:\windows\system32\vsocklib.dll
2014-04-12 21:22:21 61464 ----a-w- c:\windows\system32\drivers\vsock.sys
2014-04-12 21:21:34 357016 ----a-w- c:\windows\system32\vmnetdhcp.exe
2014-04-12 21:21:30 435864 ----a-w- c:\windows\system32\vmnat.exe
2014-04-12 21:21:29 25752 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2014-04-12 21:21:22 779928 ----a-w- c:\windows\system32\vnetlib.dll
2014-04-12 21:21:16 41496 ----a-w- c:\windows\system32\drivers\hcmon.sys
2014-04-12 21:19:23 -------- d-----w- c:\program files\VMware
2014-04-12 21:19:23 -------- d-----w- c:\program files\common files\VMware
2014-04-12 17:00:48 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-12 17:00:48 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-12 17:00:48 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-12 17:00:48 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-12 17:00:39 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-12 07:47:55 -------- d-----w- c:\program files\Intel Corporation
2014-04-07 22:25:16 -------- d-----w- c:\users\imseolab\appdata\local\Business Plan Pro Samples
2014-04-07 22:21:19 -------- d-----w- c:\users\imseolab\appdata\local\Palo_Alto_Software
2014-04-07 22:21:18 -------- d-----w- c:\users\imseolab\appdata\roaming\bppenu11
2014-04-07 18:02:11 -------- d-----w- c:\users\imseolab\appdata\local\Geckofx
2014-04-07 18:02:01 -------- d-----w- c:\users\imseolab\appdata\roaming\Clyde Software Unlimited
2014-04-07 17:46:50 -------- d-----w- c:\programdata\KeywordOrganizer
2014-04-07 06:03:16 -------- d-----w- c:\users\imseolab\appdata\local\KeywordOrganizer
2014-04-06 20:30:26 -------- d-----w- c:\windows\system32\Hotspot Shield
2014-04-06 09:54:22 -------- d-----w- c:\users\imseolab\appdata\local\Evergreen_Internet_Market
2014-04-05 21:12:43 -------- d-----w- c:\users\imseolab\appdata\roaming\EndNote
2014-04-05 20:52:59 -------- d-----w- c:\program files\common files\Risxtd
2014-04-05 20:52:49 -------- d-----w- c:\program files\common files\ResearchSoft
2014-04-05 20:51:47 -------- d-----w- c:\program files\EndNote X3
2014-04-05 20:51:13 -------- d-----w- c:\programdata\Thomson.ResearchSoft.Installers
2014-04-05 20:48:31 -------- d-----w- c:\windows\86B3F2D6AC2B4E888AE1F2F77F781B0C.TMP
2014-04-05 20:48:22 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2014-04-05 14:07:18 50688 ----a-w- c:\windows\system32\admwprox.dll
2014-04-05 14:07:18 154624 ----a-w- c:\windows\system32\iisRtl.dll
2014-04-05 14:07:17 8192 ----a-w- c:\windows\system32\iisrstap.dll
2014-04-05 14:07:17 26624 ----a-w- c:\windows\system32\ahadmin.dll
2014-04-05 14:07:17 15360 ----a-w- c:\windows\system32\iisreset.exe
2014-04-05 14:07:17 10752 ----a-w- c:\windows\system32\wamregps.dll
2014-04-05 12:34:33 -------- d-----w- c:\users\imseolab\appdata\roaming\IBP
2014-04-05 12:18:22 -------- d-----w- c:\users\imseolab\appdata\local\Downloaded Installations
2014-04-05 09:48:56 -------- d-----w- c:\users\imseolab\appdata\roaming\DigiResults
2014-04-05 09:47:31 -------- d-----w- c:\users\imseolab\appdata\local\Deployment
2014-04-05 08:06:49 -------- d-----w- c:\windows\system32\BestPractices
2014-04-05 08:06:48 -------- d-----w- C:\inetpub
2014-04-04 21:50:03 -------- d-----w- c:\users\imseolab\appdata\local\Mibasoft_Ltd
2014-04-03 21:12:02 -------- d-----w- c:\users\imseolab\appdata\local\A
2014-04-03 09:51:53 -------- d-----w- c:\users\imseolab\appdata\roaming\TideSDK
2014-04-02 21:34:03 -------- d-----w- c:\users\imseolab\appdata\local\Apple Computer
2014-04-02 21:33:53 -------- d-----w- c:\users\imseolab\appdata\roaming\Titanium
2014-04-01 06:27:45 -------- d-----w- c:\users\imseolab\.ScreamingFrogSEOSpider
2014-03-30 15:29:50 -------- d-----w- c:\users\imseolab\appdata\local\SENukeX
2014-03-30 15:29:48 -------- d-----w- c:\users\imseolab\appdata\local\SENukeXUpdateConfig
2014-03-30 13:24:43 -------- d-----w- c:\users\imseolab\appdata\roaming\IsolatedStorage
2014-03-30 13:24:43 -------- d-----w- c:\programdata\IsolatedStorage
2014-03-30 13:24:37 -------- d-----w- c:\users\imseolab\appdata\local\TumbleNinja
2014-03-30 13:24:24 -------- d-----w- c:\programdata\Gibraltar
2014-03-30 13:18:39 -------- d-----w- c:\program files\Share YouTube Videos
2014-03-30 13:17:04 -------- d-----w- c:\users\imseolab\appdata\roaming\Tumblifier
2014-03-30 13:17:04 -------- d-----w- c:\users\imseolab\appdata\local\Tumblifier
2014-03-30 13:14:30 -------- d-----w- c:\users\imseolab\appdata\roaming\ScrapeBoard
2014-03-30 13:10:32 -------- d-----w- c:\users\imseolab\appdata\local\Wicked_Article_Creator
2014-03-30 06:18:40 -------- d-----w- c:\users\imseolab\appdata\local\xTumblrBot.com
2014-03-28 17:11:45 -------- d-sh--w- c:\users\imseolab\wc
2014-03-28 17:11:39 -------- d-----w- c:\users\imseolab\appdata\roaming\Molura
2014-03-28 17:11:38 -------- d-sh--w- c:\users\imseolab\appdata\roaming\wyUpdate AU
2014-03-28 17:10:34 -------- d-----w- c:\users\imseolab\appdata\local\Molura
2014-03-27 19:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-03-27 19:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-03-27 19:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-03-27 19:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-03-27 19:35:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2014-03-27 19:33:25 -------- d-----w- c:\users\imseolab\appdata\local\Apple
2014-03-27 19:04:45 -------- d-----w- c:\users\imseolab\appdata\local\TechSmith
2014-03-27 08:31:29 -------- d-----w- c:\users\imseolab\dkJpRtTdKlBxAJxdiPPnOgMInfo
2014-03-27 08:31:28 -------- d-----w- c:\users\imseolab\appdata\roaming\com.trafficspy
2014-03-26 20:51:11 -------- d-----w- C:\Quickfire
.
==================== Find3M ====================
.
2014-04-17 13:39:16 715038 ----a-w- c:\windows\unins000.exe
2014-04-16 14:17:26 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2014-04-03 17:37:50 11149312 ----a-w- c:\program files\common files\lpuninstall.exe
2014-03-23 19:05:21 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-03-19 16:06:59 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-16 19:44:56 76872 ----a-w- c:\windows\system32\RtNicProp32.dll
2014-03-16 19:44:56 683736 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2014-03-16 19:44:56 100896 ----a-w- c:\windows\system32\RTNUninst32.dll
2014-03-16 19:41:46 1892056 ----a-w- c:\windows\system32\RTSndMgr.cpl
2014-03-16 19:41:45 3012056 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2014-03-16 19:41:44 915160 ----a-w- c:\windows\system32\RtkCoInstII.dll
2014-03-16 19:41:44 782040 ----a-w- c:\windows\system32\RtkApoApi.dll
2014-03-16 19:41:44 2559192 ----a-w- c:\windows\system32\RtkPgExt.dll
2014-03-16 19:41:44 13416 ----a-w- c:\windows\system32\RtkCoLDR.dll
2014-03-16 19:41:43 2464472 ----a-w- c:\windows\system32\RtkAPO.dll
2014-03-16 19:41:40 54936064 ----a-w- c:\windows\system32\RCoRes.dat
2014-03-16 19:41:22 92584 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-03-16 19:41:21 95840 ----a-w- c:\windows\system32\AERTARen.dll
2014-03-16 19:41:21 182472 ----a-w- c:\windows\system32\AERTACap.dll
2014-03-11 06:52:30 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-05 10:49:00 100224 ----a-w- c:\windows\system32\drivers\ewsercd.sys
2014-02-28 11:09:55 246804 ----a-w- c:\windows\system32\drivers\AtherosBt.bin
2014-02-07 01:07:56 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04:22 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04:11 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06:47 381440 ----a-w- c:\windows\system32\wer.dll
2014-01-28 02:07:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2013-02-07 12:22:00 50330 ----a-w- c:\program files\AntiDust.exe
.
============= FINISH: 13:49:44.37 ===============
-
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 2/26/2014 12:03:42 AM
System Uptime: 4/25/2014 1:20:03 PM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 3676
Processor: Celeron® Dual-Core CPU T3500 @ 2.10GHz | CPU | 2094/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 85 GiB total, 13.78 GiB free.
E: is FIXED (NTFS) - 111 GiB total, 10.643 GiB free.
F: is FIXED (NTFS) - 20 GiB total, 18.916 GiB free.
G: is CDROM ()
I: is Removable
K: is CDROM ()
L: is CDROM ()
M: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VMware Virtual Ethernet Adapter for VMnet1
Device ID: ROOT\VMWARE\0000
Manufacturer: VMware, Inc.
Name: VMware Virtual Ethernet Adapter for VMnet1
PNP Device ID: ROOT\VMWARE\0000
Service: VMnetAdapter
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VMware Virtual Ethernet Adapter for VMnet8
Device ID: ROOT\VMWARE\0001
Manufacturer: VMware, Inc.
Name: VMware Virtual Ethernet Adapter for VMnet8
PNP Device ID: ROOT\VMWARE\0001
Service: VMnetAdapter
.
==== System Restore Points ===================
.
RP138: 4/25/2014 10:26:35 AM - Removed Camtasia Studio 8
RP139: 4/25/2014 11:05:48 AM - Removed FiverrBot
RP140: 4/25/2014 11:07:50 AM - Removed PrPowershot
.
==== Installed Programs ======================
.
7-Zip 9.20
Adobe AIR
Adobe Flash Player 12 ActiveX & Plugin
Adobe Reader XI (11.0.06)
Adobe Shockwave Player + Authorware Web Player
Advanced SystemCare Ultimate 7
AOMEI Backupper
Apple Application Support
Apple Software Update
Atheros for Acer MyAllm Driver v7.1.0.90 Installation Program
Ava Find Pro
avast! Internet Security
Bluetooth Win7 Suite
Box Sync
Business Plan Pro 15th Anniversary Edition
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
ClickBankGoldminer
ClickingAgent
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition
Dell Wireless WLAN Card
Driver Booster
DriverPack Solution Updater
ERUNT 1.1j
Fences 2
FlipBook Maker Pro 3.6.1
Friend Bomber
Google Chrome
Google Drive
Google Update Helper
GSA Captcha Breaker v2.47
GSA Search Engine Ranker v7.85
iCare Data Recovery enterprise license 5.1
IM-Magic Partition Resizer Professional 2013
Income Jacker
InstantArticleWizard
Intel® Graphics Media Accelerator Driver
Intel® Processor ID Utility
Internet Download Manager
Internet Everywhere
IObit Uninstaller
iSEEK AnswerWorks English Runtime
Java 7 Update 51
Java Auto Updater
Java 6 Update 45
K-Lite Codec Pack 8.4.0 (Full)
KeywordSnatcher
KMSpico 4.1
Lagarith Lossless Codec (1.3.27)
LastPass (uninstall only)
Logos 4 Prerequisites
Logos Bible Software 4
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5.1
Microsoft Access MUI (English) 2013
Microsoft Access Setup Metadata MUI (English) 2013
Microsoft DCF MUI (English) 2013
Microsoft Excel MUI (English) 2013
Microsoft Groove MUI (English) 2013
Microsoft InfoPath MUI (English) 2013
Microsoft Lync MUI (English) 2013
Microsoft Office OSM MUI (English) 2013
Microsoft Office OSM UX MUI (English) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (English) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Shared MUI (English) 2013
Microsoft Office Shared Setup Metadata MUI (English) 2013
Microsoft OneNote MUI (English) 2013
Microsoft Outlook MUI (English) 2013
Microsoft PowerPoint MUI (English) 2013
Microsoft Publisher MUI (English) 2013
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 False
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 False
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 False
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft Word MUI (English) 2013
Mobile Partner
Mozilla Firefox 28.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Outils de vérification linguistique 2013 de Microsoft Office - Français
Proxifier version 3.21
Quicken 2014
QuickTime 7
QuickVerse 2010
Realtek High Definition Audio Driver
SAM CoDeC Pack
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Excel 2013 (KB2827238) 32-Bit Edition
Security Update for Microsoft Office 2013 (KB2768005) 32-Bit Edition
Security Update for Microsoft Office 2013 (KB2810009) 32-Bit Edition
Security Update for Microsoft Office 2013 (KB2850064) 32-Bit Edition
Security Update for Microsoft Word 2013 (KB2827224) 32-Bit Edition
SEO PowerSuite
Share YouTube Videos version 1
SpeedCommander 15
Surfing Protection
TeraCopy 2.3 beta 2
Time Stopper
tools-freebsd
tools-linux
tools-netware
tools-solaris
tools-windows
tools-winPre2k
TumblingJazz version 1.131
TuneUp Utilities 2014
TuneUp Utilities 2014 (en-US)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2767850) 32-Bit Edition
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition
USB Disk Security
Ut Video Codec Suite
VirtualCloneDrive
VLC media player 1.1.5
VMware Workstation
Windows 7 Manager
Windows 7 USB/DVD Download Tool
WinRAR 5.01 (32-bit)
WordWeb Pro
x264vfw - H.264/MPEG-4 AVC codec (remove only)
Xvid MPEG-4 Video Codec
.
==== Event Viewer Messages From Past Week ========
.
4/25/2014 11:21:03 AM, Error: Service Control Manager [7043] - The TuneUp Utilities Service service did not shut down properly after receiving a preshutdown control.
4/25/2014 10:56:37 AM, Error: Service Control Manager [7034] - The Hotspot Shield Monitoring Service service terminated unexpectedly. It has done this 1 time(s).
4/25/2014 10:55:44 AM, Error: Service Control Manager [7034] - The Hotspot Shield Service service terminated unexpectedly. It has done this 1 time(s).
4/25/2014 1:43:26 PM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
4/25/2014 1:43:15 PM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): '\??\C:\Users\IMSEOLab\ntuser.dat'.
4/25/2014 1:43:14 PM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
4/25/2014 1:43:14 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
4/25/2014 1:20:23 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
4/24/2014 6:13:43 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR4.
4/24/2014 11:47:47 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
4/24/2014 11:35:58 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
4/24/2014 11:15:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
4/24/2014 11:15:14 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/24/2014 11:15:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/24/2014 10:37:12 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.173.438.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10502.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
4/24/2014 10:37:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
4/24/2014 10:09:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/24/2014 10:09:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/24/2014 10:09:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/24/2014 10:08:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/24/2014 10:08:28 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm BIOS discache ElbyCDIO MpFilter spldr Wanarpv6
4/24/2014 10:08:26 PM, Error: Service Control Manager [7001] - The VMware Workstation Server service depends on the VMware Authorization Service service which failed to start because of the following error: The dependency service or group failed to start.
4/24/2014 10:08:26 PM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/23/2014 7:28:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.173.297.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
4/23/2014 6:25:11 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
4/23/2014 11:38:23 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.173.297.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10502.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
4/23/2014 11:32:55 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
4/23/2014 11:24:25 AM, Error: Service Control Manager [7022] - The VMware USB Arbitration Service service hung on starting.
4/23/2014 11:23:03 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VMware Authorization Service service to connect.
4/23/2014 11:23:03 AM, Error: Service Control Manager [7001] - The VMware Workstation Server service depends on the VMware Authorization Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
4/23/2014 11:23:03 AM, Error: Service Control Manager [7000] - The VMware Authorization Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/23/2014 1:57:34 AM, Error: Service Control Manager [7000] - The TuneUp Theme Extension service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service.
4/23/2014 1:39:43 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.173.297.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
4/23/2014 1:09:30 PM, Error: Service Control Manager [7034] - The TuneUp Utilities Service service terminated unexpectedly. It has done this 1 time(s).
4/21/2014 3:23:07 PM, Error: Schannel [36887] - The following fatal alert was received: 40.
4/20/2014 8:57:08 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
4/20/2014 8:56:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.
4/20/2014 8:56:08 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
4/19/2014 3:56:53 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR7.
4/19/2014 3:23:08 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR6.
4/19/2014 10:23:27 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.171.148.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10501.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
4/18/2014 4:43:44 AM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
4/18/2014 10:03:17 AM, Error: Service Control Manager [7001] - The VMware Workstation Server service depends on the VMware USB Arbitration Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2014 10:03:17 AM, Error: Service Control Manager [7000] - The VMware USB Arbitration Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/18/2014 10:03:16 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VMware USB Arbitration Service service to connect.
.
==== End Of File ===========================
-
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
Database version: v2014.04.25.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16521
IMSEOLab :: IMSEOLAB-PC [administrator]
Protection: Enabled
4/25/2014 9:15:43 AM
mbam-log-2014-04-25 (09-15-43).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 313246
Time elapsed: 13 minute(s), 27 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\runonce|5raxzje9a8 (Trojan.Agent.AIVB) -> Data: C:\Users\IMSEOLab\5raxzje9a8\26202.vbs -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
I have tried using malwarebytes to remove the Backdoor Win32/Fynloski.A but to no avail, please help
I need Help removing Backdoor Win32/Fynloski.A
in Resolved Malware Removal Logs
Posted
I dont know why the links to your preventative posts wont work for me, will keep trying though.