Jump to content

Search the Community

Showing results for tags 'Ads'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Howdy. I joined this forum so that I could find help with this annoying virus. The culprit is this thing called "Search Assist" that seems to have gotten into all of my browsers. What happens is that it finds keywords on any website I visit, highlights them in an orange color, and displays an ad when I hover over them. It even happens on this site. Here are some screens of the problem: I have done numerous scans with Malwarebytes, including ones with my computer in safe mode, and it tells me my pc is clean. There are no new toolbars or extensions in the browsers that could've been installed, and other sites have been less than helpful. Any ideas, guys?
  2. A couple weeks ago I started getting these ads that appear whenever I open Internet explorer or Firefox. It is always in the bottom left of the screen and they cannot be closed out of. The most I can do is click "hide ad" and then you can only see a small amount of it, after a few mins though it will becomes full size again. I have tried malwarebytes to try and get rid of it but that did not work. It doesn't matter what webpages I'm on, the ad is always there and it is significantly slowing down my computer. How do I get rid of this? Please help!
  3. Hello, I just joined this forum and I hope I am posting this in the right forum, please forgive me if it's not. For a while now I've been hearing random ads play in the background especially when youtube is open and whenever I click on a site it keeps popping up random links. It's really annoying. I don't know if I have a malware or spyware or adware e.t.c but here is my log. Please help me from this nightmare, thank you. dds.txt
  4. Hi, I recently experienced ads by this coupondropdown. Ads persists after removing using malwarebytes,though a second scan shows that the coupondropdown does not exist anymore. Also discovered this PUP.installbrain. Appreciate your help. Below the DDS.txt, Attach.txt and RougeKiller 64-bit log. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16635Run by Ong Huan Yi at 1:00:37 on 2013-07-21Microsoft Windows 7 Home Premium 6.1.7601.1.936.65.1033.18.8169.4089 [GMT 8:00].AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Trend Micro Firewall Booster *Disabled* {50C2E989-60CF-0845-AFD3-290B7D301E79}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\FBAgent.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exeC:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\NVIDIA Corporation\Display\NvXDSync.exeC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exeC:\Program Files (x86)\Bluetooth Suite\adminservice.exeC:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exeC:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exeC:\Windows\system32\dmwu.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exeC:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Intel\TurboBoost\TurboBoost.exeC:\Program Files\Web Assistant\ExtensionUpdaterService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Windows\system32\taskhost.exeC:\Program Files (x86)\BlueStacks\HD-Service.exeC:\Windows\system32\Dwm.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\BlueStacks\HD-Network.exeC:\Windows\SysWOW64\jmdp\stij.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\BlueStacks\HD-BlockDevice.exeC:\Program Files (x86)\BlueStacks\HD-SharedFolder.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exeC:\Windows\system32\taskeng.exeC:\Program Files\P4G\BatteryLife.exeC:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exeC:\Program Files (x86)\ASUS\Splendid\ACMON.exeC:\Windows\system32\taskeng.exeC:\Windows\SysWOW64\ACEngSvr.exeC:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exeC:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\Program Files\Elantech\ETDCtrl.exeC:\Program Files (x86)\Bluetooth Suite\BtvStack.exeC:\Program Files\Elantech\ETDCtrlHelper.exeC:\Program Files (x86)\Bluetooth Suite\AthBtTray.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files (x86)\Samsung\Kies\Kies.exeC:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeC:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exeC:\Users\Ong Huan Yi\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exeC:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exeC:\Program Files (x86)\BlueStacks\HD-Agent.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\AsScrPro.exeC:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Trend Micro\Titanium\TiMiniService.exeC:\Program Files\Trend Micro\Titanium\TiResumeSrv.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dlluURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>uURLSearchHooks: <No Name>: - LocalServer32 - <no file>mURLSearchHooks: <No Name>: - LocalServer32 - <no file>mURLSearchHooks: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dllmWinlogon: Userinit = userinit.exe,BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dllBHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllEB: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dlluRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-windowuRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preloaduRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startupuRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeuRunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil64_11_5_502_149_ActiveX.exe -update activexmRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /SmRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exemRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exemRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exemRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exemRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exemRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startupmRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exemRun: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exeStartupFolder: C:\Users\ONGHUA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Ong Huan Yi\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exeuPolicies-Explorer: NoDriveAutoRun = dword:0mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dllIE: {807DF5E0-4EF7-48a8-A405-239F3E29FFA9} - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = 192.168.1.254TCP: Interfaces\{9B36DDA8-D01C-4875-A74B-2CAAD909043C} : DHCPNameServer = 192.168.1.254TCP: Interfaces\{9B36DDA8-D01C-4875-A74B-2CAAD909043C}\75962756C6563737043574 : DHCPNameServer = 165.21.83.88TCP: Interfaces\{9B36DDA8-D01C-4875-A74B-2CAAD909043C}\8445340205F627471626C6560284F6473707F647 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{D70A623F-5E52-424C-81BE-8D8BA70B4E91} : DHCPNameServer = 192.168.42.129TCP: Interfaces\{F4129D77-97E2-4B91-B5CB-A1DCE00ADDA5} : DHCPNameServer = 192.168.42.129Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dllHandler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dllx64-BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dllx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exex64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"x64-Run: [setwallpaper] c:\programdata\SetWallpaper.cmdx64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dllx64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dllx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-26 17536]R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\System32\drivers\tmlwf.sys [2013-7-19 194640]R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-8-23 379520]R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-14 138400]R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-14 74912]R2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-5-13 393032]R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-5-13 70984]R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-5-13 384840]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-5-1 181544]R2 IBUpdaterService;IBUpdaterService;C:\Windows\System32\dmwu.exe [2012-9-13 1455408]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-19 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-19 701512]R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-2-27 167424]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-6-5 378472]R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-4-2 67664]R2 tmwfp;Trend Micro WFP Callout Driver;C:\Windows\System32\drivers\tmwfp.sys [2013-7-19 339536]R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-17 13832]R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928]R2 Web Assistant;Web Assistant;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-9-13 188760]R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-6-3 128488]R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-6-3 401896]R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-14 28832]R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-7-11 142632]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-7-19 25928]R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2011-8-23 311400]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-23 413800]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]R3 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-27 241488]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-4-2 267480]S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-14 36000]S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-14 298656]S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-14 201376]S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-14 55456]S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-14 154272]S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-14 280224]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-6 102936]S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-18 48488]S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2012-12-7 36928]S3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\System32\drivers\ewusbfake.sys [2011-12-8 116224]S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-11 57344]S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-11 56832]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-6 203544]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-19 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-19 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-5 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184].=============== Created Last 30 ================.2013-07-20 14:22:45 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D577256A-49DE-47A3-8203-58700C074F3D}\offreg.dll2013-07-20 04:43:19 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D577256A-49DE-47A3-8203-58700C074F3D}\mpengine.dll2013-07-19 07:12:23 -------- d-----w- C:\Users\Ong Huan Yi\AppData\Roaming\Malwarebytes2013-07-19 07:12:06 -------- d-----w- C:\ProgramData\Malwarebytes2013-07-19 07:12:04 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-07-19 07:12:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-07-19 07:05:26 339536 ----a-w- C:\Windows\System32\drivers\tmwfp.sys2013-07-19 07:05:26 194640 ----a-w- C:\Windows\System32\drivers\tmlwf.sys2013-07-19 06:55:41 -------- d-----w- C:\Users\Ong Huan Yi\AppData\Local\{3D35FA79-9E60-420C-9AC5-F5C784460116}2013-07-11 06:27:52 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll2013-07-11 06:27:52 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll2013-07-11 06:27:52 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll2013-07-11 06:27:52 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll2013-07-11 06:27:52 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll2013-07-11 06:27:52 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll2013-07-11 06:27:52 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll2013-07-11 06:27:46 624128 ----a-w- C:\Windows\System32\qedit.dll2013-07-11 06:27:46 509440 ----a-w- C:\Windows\SysWow64\qedit.dll2013-07-11 06:27:40 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-11 06:27:40 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-11 06:26:39 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-07-11 06:26:38 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll2013-07-11 06:26:38 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL2013-07-11 06:26:38 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll2013-07-11 06:26:38 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll2013-07-11 06:26:38 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll2013-07-11 06:25:18 1643520 ----a-w- C:\Windows\System32\DWrite.dll2013-07-11 06:25:18 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll.==================== Find3M ====================.2013-07-20 13:00:33 45056 ----a-w- C:\Windows\System32\acovcnt.exe2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-05-01 18:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll.============= FINISH: 1:00:57.57 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 3/9/2011 11:18:09 AMSystem Uptime: 20/7/2013 8:59:56 PM (5 hours ago).Motherboard: ASUSTeK Computer Inc. | | K43SVProcessor: Intel® Core i7-2630QM CPU @ 2.00GHz | CPU 1 | 2001/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 259 GiB total, 161.485 GiB free.D: is FIXED (NTFS) - 312 GiB total, 310.576 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP182: 25/6/2013 8:31:10 PM - Windows UpdateRP183: 28/6/2013 8:34:55 PM - Windows UpdateRP184: 3/7/2013 12:18:51 PM - Windows UpdateRP185: 9/7/2013 2:54:36 PM - Windows UpdateRP186: 11/7/2013 3:16:00 PM - Windows UpdateRP187: 15/7/2013 3:44:12 PM - Windows UpdateRP188: 19/7/2013 2:59:02 PM - 删除了 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)RP191: 19/7/2013 3:00:45 PM - 已移除 適用遠端連線的 Windows Live Mesh ActiveX 控制項RP192: 19/7/2013 3:01:30 PM - Quitado Control ActiveX de Windows Live Mesh para conexiones remotasRP193: 19/7/2013 3:02:01 PM - Removed Windows Live Mesh ActiveX Control for Remote ConnectionsRP194: 20/7/2013 12:42:23 PM - Windows Update.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)7-Zip 9.22betaAdobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAhnLab Online SecurityAsmedia ASM104x USB 3.0 Host Controller DriverASUS AI RecoveryASUS FancyStartASUS K3 Series ScreenSaverASUS LifeFrame3ASUS Live UpdateASUS Power4Gear HybridASUS SmartLogonASUS Splendid Video Enhancement TechnologyASUS Virtual CameraASUS WebStorageAsusVibe2.0Atheros Client Installation ProgramATK PackageBing BarBlueStacks App PlayerBlueStacks Notification CenterBluetooth Win7 Suite (64)Canon MP Navigator 2.0Canon MP450CarbonCyberLink LabelPrintCyberLink Power2GoD3DX10DropboxETDWare PS/2-X64 8.0.5.3_WHQLFast BootGaleria de Fotografias do Windows LiveGalería fotográfica de Windows LiveGalerie de photos Windows LiveGoogle ChromeGoogle Toolbar for Internet ExplorerGoogle Update HelperHotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)HTC BMP USB DriverHTC Driver InstallerHTC SyncIB Updater ServiceIntel® Turbo Boost Technology MonitorIPTInstallerJava Auto UpdaterJava 6 Update 37Junk Mail filter updateMalwarebytes Anti-Malware version 1.75.0.1300MapleStorySEA version v1.06Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office 2010Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Click-to-Run 2010Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Starter 2010 - EnglishMicrosoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Mobile Broadband ModemMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP3 Parser (KB2758694)Nuance PDF ReaderNVIDIA 3D Vision Driver 268.83NVIDIA Control Panel 268.83NVIDIA Graphics Driver 268.83NVIDIA HD Audio Driver 1.2.23.3NVIDIA Install ApplicationNVIDIA Stereoscopic 3D DriverRealtek Ethernet Controller DriverRealtek High Definition Audio DriverRealtek USB 2.0 Reader DriverRemote Access Viewer Ver 4.5.1Samsung KiesSAMSUNG USB Driver for Mobile PhonesSeagate Manager InstallerSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition SimilarSitesSkype? 6.1Sonic Focussyncables desktop SETrend Micro Titanium Internet SecurityUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596660) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596802) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596848) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)VLC media player 2.0.6Web Assistant 2.0.0.572Windows LiveWindows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Live 影像中心Windows Live 照片库Windows Live 程式集Windows Live 软件包Windows Media Player Firefox PluginWinFlashWireless Console 3.==== Event Viewer Messages From Past Week ========.21/7/2013 12:09:31 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR4.19/7/2013 10:26:06 AM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.18/7/2013 7:26:26 PM, Error: Service Control Manager [7023] - The BlueStacks Android Service service terminated with the following error: An exception occurred in the service when handling the control request.18/7/2013 2:30:12 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.18/7/2013 10:36:23 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR7.18/7/2013 10:35:57 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.18/7/2013 10:35:53 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2..==== End Of File =========================== RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Ong Huan Yi [Admin rights]Mode : Scan -- Date : 07/21/2013 01:11:02| ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤[sERVICE] IBUpdaterService -- C:\Windows\System32\dmwu.exe [x] -> ERROR [1052] ¤¤¤ Registry Entries : 5 ¤¤¤[sERVICE][bLVALUE] HKLM\[...]\CCSet\[...]\Services : IBUpdaterService (C:\Windows\System32\dmwu.exe [7]) -> FOUND[sERVICE][bLVALUE] HKLM\[...]\CS001\[...]\Services : IBUpdaterService (C:\Windows\System32\dmwu.exe [7]) -> FOUND[sERVICE][bLVALUE] HKLM\[...]\CS002\[...]\Services : IBUpdaterService (C:\Windows\System32\dmwu.exe [7]) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS547564A9E384 +++++--- User ---[MBR] 393469542cb348f26f9a89bcd8736cc6[bSP] 2df4e4393ef6efc24351e5bc0934916b : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 265395 Mo2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 595959808 | Size: 319484 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_07212013_011102.txt >>
  5. For a long time, my laptop has been showing ads on every website I visit, and they all look the same. They are either a white box with random words from the website I am at,, a video in a box playing at the bottom left, a facebook chat lookalike, or even inappropriate pictures. What should I do?
  6. HI I am having the same problem below during the last month these annoying square-ads keep popping up in the bottom left or right corner of my browser (doesn't matter if I use Chrome or Firefox, it's basicaly the same). I did full scans with my anti-virus program as well as yours but still no luck thanks bob
  7. Hi! I've had several of my friends try to help me fix my little problem. I was on Deviantart when a (I'm guessing) fake java update popped up. On the phone and only half paying attention, I clicked something like "remind me later" or whatever (I wasn't really paying attention), and about an hour later I start hearing these Ads, but there's nothing there for me to exit out of them. They do not redirect me to anything. It's been about two weeks, and I've literally tried everything I could! Please help, I can't play any computer games because it lags, or the Ads overpower the sound!
  8. Hello, I have an annoying issue, I recently got rid of an annoying re-direct virus around 1-2 weeks ago. A day or two later I started noticing Internet Explorer (IE) as an active process in Task Manager, even though I did not have it actively pulled up. The name of the website also changed, and sometimes there were 3 or 4 different IE processes pulled up. Occasionally I would encounter audio ads. I was unable to try and end the process like you would normally end any program that was not responding or was slow to exit normally. I had to go to processes in order to exit the ads out, however within only a few minutes the random IE programs were running in the background again. I scanned my computer with Malwarebytes, Avast, and Spybot Search and Destroy. Malwarebytes had previously destroyed the re-direct virus, but found nothing when I tried to remove these audio ads. Avast! also found nothing, so I downloaded Spybot Search and Destroy, and it came up with around 84 problems, and I had them fixed, however this still did not remove the problem. Any further help would be greatly appreciated as soon as possible! Thank you for your time.
  9. Alright, i am really new to all of this and have been searching for a solution to my problems for the past couple of days. After reading many forums and this one in specific i found that i should not copy anything that the "expert" had told another individual. I dont know if this is the right place to post this Topic but i am in desperate need of help, i have downloaded a program called "Malwarebytes Anti-Malware" and every problem that it is blocking has a provess "svchost.exe" i have tried to end this process but it keeps starting itself up again. What do i do?
  10. I cleaned up my computer today because it kept jumping to other web sites. I used rkill, Mlwaerbytes and AVG Internet Security 2012.They cleaned up several viruses. Now I am hearing ad's in the background. . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 6/15/2012 12:45:05 PM System Uptime: 6/21/2012 11:32:35 AM (6 hours ago) . Motherboard: Dell Inc. | | 0HF42M Processor: Pentium® Dual-Core CPU T4500 @ 2.30GHz | Microprocessor | 2300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 296 GiB total, 206.497 GiB free. D: is FIXED (NTFS) - 2 GiB total, 1.975 GiB free. E: is CDROM () F: is Removable G: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP14: 6/18/2012 5:50:15 AM - Windows Update RP15: 6/18/2012 10:15:29 AM - Windows Update RP16: 6/18/2012 4:19:13 PM - Installed QuickTime RP17: 6/19/2012 4:00:19 AM - Windows Update RP18: 6/19/2012 7:26:53 PM - Installed iTunes RP19: 6/20/2012 8:55:33 AM - Windows Update RP20: 6/20/2012 9:07:53 AM - Windows Update RP21: 6/20/2012 5:50:40 PM - Windows Update RP22: 6/21/2012 3:00:19 AM - Windows Update . ==== Installed Programs ====================== . AC3Filter 1.63b Adobe Acrobat X Pro - English, Français, Deutsch Adobe AIR Adobe Creative Suite 6 Master Collection Adobe Flash Player 11 ActiveX Adobe Help Manager Adobe Widget Browser Apple Application Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver bl Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CyberLink YouCam Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell Digital Delivery DirectX 9 Runtime DivX Setup Face Filter GetFLV Pro 9.0.0.7 Google Talk Plugin Malwarebytes Anti-Malware version 1.61.0.1400 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 PDF Settings CS6 ph PowerISO QuickTime Roxio BackOnTrack Roxio BackOnTrackPE Roxio Burn - Secure Roxio CinePlayer Roxio CinePlayer Decoder Pack Roxio Creator 2012 Pro Roxio System Rollback Recovery Disk Roxio Video Capture USB Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition SmartSound Common Data SmartSound Quicktracks 5 Sure Cuts A Lot 1.016 Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition VC80CRTRedist - 8.0.50727.6195 Visual Studio 2008 x64 Redistributables Vuze Vuze Remote Toolbar WinRAR archiver Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 6/21/2012 9:57:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 6/21/2012 9:57:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 6/21/2012 9:52:44 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 6/21/2012 9:52:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 6/21/2012 9:52:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 6/21/2012 9:52:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 6/21/2012 9:52:30 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21 6/21/2012 9:52:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 6/21/2012 9:52:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache SaibVdAd64 SCDEmu spldr Wanarpv6 6/21/2012 9:52:10 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 6/21/2012 12:23:29 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user BodyRoc-PC\BodyRoc SID (S-1-5-21-2542778820-2784884513-1787564653-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 6/21/2012 12:23:28 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user BodyRoc-PC\BodyRoc SID (S-1-5-21-2542778820-2784884513-1787564653-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 6/21/2012 11:10:49 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 6/21/2012 11:10:49 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 6/21/2012 11:10:34 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 6/21/2012 1:53:45 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 6/21/2012 1:53:45 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 6/20/2012 9:09:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 4 Client Profile for Windows 7 x64-based Systems (KB982670). 6/20/2012 9:07:54 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 6/20/2012 9:05:51 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error. 6/20/2012 6:03:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVG Firewall service to connect. 6/20/2012 6:03:11 PM, Error: Service Control Manager [7000] - The AVG Firewall service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 6/20/2012 5:45:56 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack. 6/20/2012 2:38:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service. 6/19/2012 9:19:14 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 6/19/2012 6:54:08 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. 6/19/2012 4:12:51 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer MCGLOWN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{284B2EF0-773D-47DF-887A-C0F6356C59F5}. The master browser is stopping or an election is being forced. 6/18/2012 9:58:38 AM, Error: Service Control Manager [7023] - 6/18/2012 9:55:36 AM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). 6/18/2012 9:55:32 AM, Error: Service Control Manager [7034] - The vToolbarUpdater11.1.0 service terminated unexpectedly. It has done this 1 time(s). 6/18/2012 9:55:31 AM, Error: Service Control Manager [7034] - The BOT4Service service terminated unexpectedly. It has done this 1 time(s). 6/18/2012 9:55:29 AM, Error: Service Control Manager [7034] - The Roxio SAIB Service service terminated unexpectedly. It has done this 1 time(s). 6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2563227). 6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2560656). 6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2425227). 6/18/2012 9:46:07 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356). 6/18/2012 9:40:06 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0. 6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2703157). 6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845). 6/18/2012 10:00:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521). 6/17/2012 11:48:16 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x0000000000000008, 0x0000000080050031, 0x00000000000406f8, 0xfffff8800401da9e). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 061712-21808-01. 6/15/2012 4:12:49 PM, Error: Service Control Manager [7030] - The RoxMediaDB13 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 6/15/2012 4:12:49 PM, Error: Service Control Manager [7030] - The Roxio Hard Drive Watcher 12 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 6/15/2012 12:42:16 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147467243. . ==== End Of File =========================== . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by BodyRoc at 17:00:10 on 2012-06-21 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4056.1427 [GMT -4:00] . AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgfws.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files (x86)\AVG\AVG2012\avgemca.exe C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Users\BodyRoc\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler64.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\ping.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\ping.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\ping.exe C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll mWinlogon: Userinit=userinit.exe, BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} uRun: [Google Update] "C:\Users\BodyRoc\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [AdobeBridge] uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s mRun: [<NO NAME>] mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" mRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler mRun: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll LSP: mswsock.dll TCP: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43 TCP: Interfaces\{284B2EF0-773D-47DF-887A-C0F6356C59F5} : DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll BHO-X64: 0x1 - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO-X64: Increase performance and video formats for your HTML5 <video> - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll BHO-X64: Vuze Remote - No File BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: SmartSelect - No File BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll BHO-X64: Yontoo Layers - No File TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun-x64: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s mRun-x64: [(Default)] mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" mRun-x64: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler mRun-x64: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 Sahdad64;HDD Filter Driver;C:\Windows\system32\Drivers\Sahdad64.sys --> C:\Windows\system32\Drivers\Sahdad64.sys [?] R0 Saibad64;Volume Filter Driver;C:\Windows\system32\Drivers\Saibad64.sys --> C:\Windows\system32\Drivers\Saibad64.sys [?] R0 SysCow;SysCow;C:\Windows\system32\drivers\syscowad64v.sys --> C:\Windows\system32\drivers\syscowad64v.sys [?] R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\system32\Drivers\SaibVdAd64.sys --> C:\Windows\system32\Drivers\SaibVdAd64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-2-9 457200] R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776] R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-7-15 21488] R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-10 166912] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-21 654408] R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-6-16 935480] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C60x64.sys --> C:\Windows\system32\DRIVERS\L1C60x64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-7-13 340976] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-18 257224] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-7-13 1095664] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 BOTService;BOTService;C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-7-14 211440] . =============== Created Last 30 ================ . 2012-06-21 15:28:07 -------- d--h--w- C:\$AVG 2012-06-21 14:03:02 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Malwarebytes 2012-06-21 14:02:23 -------- d-----w- C:\ProgramData\Malwarebytes 2012-06-21 14:02:20 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-21 14:02:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-06-21 01:07:33 902656 ----a-w- C:\Windows\System32\d2d1.dll 2012-06-21 01:07:33 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2012-06-21 01:07:33 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2012-06-20 21:59:33 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA% 2012-06-20 20:53:41 580096 ----a-w- C:\Windows\System32\ac3filter64.acm 2012-06-20 20:53:41 -------- d-----w- C:\Program Files (x86)\AC3Filter 2012-06-20 20:44:47 -------- d-----w- C:\Program Files (x86)\Craft Edge 2012-06-20 19:48:17 -------- d-----w- C:\Program Files (x86)\GetFLV 2012-06-20 18:34:08 -------- d-----w- C:\video_output 2012-06-19 23:28:06 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-06-19 23:28:06 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll 2012-06-19 23:28:06 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll 2012-06-19 23:27:30 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2012-06-19 23:27:30 -------- d-----w- C:\Program Files\iTunes 2012-06-19 23:27:30 -------- d-----w- C:\Program Files\iPod 2012-06-19 23:27:30 -------- d-----w- C:\Program Files (x86)\iTunes 2012-06-19 23:26:15 -------- d-----w- C:\Program Files\Bonjour 2012-06-19 23:26:15 -------- d-----w- C:\Program Files (x86)\Bonjour 2012-06-19 19:09:36 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Elephant Games 2012-06-19 19:09:36 -------- d-----w- C:\ProgramData\Elephant Games 2012-06-19 00:20:33 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-19 00:20:33 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-19 00:18:20 -------- d-----w- C:\Program Files (x86)\Yahoo! 2012-06-18 21:35:55 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Sonic_Solutions 2012-06-18 20:23:49 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apple Computer 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2012-06-18 20:20:27 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2012-06-18 20:18:47 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apple 2012-06-18 20:17:00 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Roxio Burn 2012-06-18 13:54:28 -------- d-----w- C:\Windows\SysWow64\Wat 2012-06-18 13:54:28 -------- d-----w- C:\Windows\System32\Wat 2012-06-18 09:57:00 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\ERS Game Studios 2012-06-18 09:52:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-06-18 09:52:50 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-06-18 09:52:50 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-06-18 09:52:50 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-06-18 09:52:50 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-06-18 09:52:50 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-06-18 09:52:50 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-06-17 22:53:48 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Blue Tea Games 2012-06-17 19:09:18 -------- d-----w- C:\Users\BodyRoc\AppData\Local\AVG Secure Search 2012-06-16 21:31:59 -------- d-----w- C:\Users\BodyRoc\AppData\Local\ElevatedDiagnostics 2012-06-16 18:51:22 -------- d-----w- C:\ProgramData\AVG Secure Search 2012-06-16 18:40:07 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2012-06-16 18:29:30 -------- d-----w- C:\ProgramData\ALM 2012-06-16 18:25:18 -------- d-----w- C:\Users\BodyRoc\Adobe Flash Builder 4.6 2012-06-16 18:16:00 -------- d-----w- C:\Program Files (x86)\My Company Name 2012-06-16 18:02:22 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Adobe 2012-06-16 17:39:07 -------- d-----w- C:\Users\BodyRoc\AppData\Local\DDMSettings 2012-06-16 15:41:51 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2012-06-16 15:41:51 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll 2012-06-16 15:39:57 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe 2012-06-16 15:38:50 197120 ----a-w- C:\Windows\System32\d3d10_1.dll 2012-06-16 15:38:50 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2012-06-16 15:38:48 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2012-06-16 15:38:48 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2012-06-16 15:38:47 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-06-16 15:38:47 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2012-06-16 15:38:47 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2012-06-16 15:38:42 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-06-16 15:38:42 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-06-16 15:38:31 77312 ----a-w- C:\Windows\System32\packager.dll 2012-06-16 15:38:31 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-06-16 15:34:25 -------- d-----w- C:\System Rollback Data 2012-06-15 23:37:44 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Diagnostics 2012-06-15 22:48:10 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-06-15 22:48:10 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-06-15 22:48:10 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-06-15 20:29:54 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Rovi_Corporation 2012-06-15 20:16:54 -------- d-----w- C:\ProgramData\Uninstall 2012-06-15 20:16:40 -------- d-----w- C:\ProgramData\eSellerate 2012-06-15 20:15:23 27632 ------w- C:\Windows\System32\drivers\SaibVdAd64.sys 2012-06-15 20:15:23 27120 ------w- C:\Windows\System32\drivers\Sahdad64.sys 2012-06-15 20:15:22 19952 ------w- C:\Windows\System32\drivers\Saibad64.sys 2012-06-15 20:15:05 -------- d-----w- C:\Program Files (x86)\Roxio 2012-06-15 20:06:51 -------- d-----w- C:\Program Files\Roxio 2012-06-15 20:06:36 -------- d-----w- C:\Users\BodyRoc\AppData\Local\CyberLink 2012-06-15 20:06:32 56208 ------w- C:\Windows\System32\drivers\PxHlpa64.sys 2012-06-15 20:06:32 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys 2012-06-15 20:06:32 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys 2012-06-15 20:06:31 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared 2012-06-15 20:06:18 -------- d-----w- C:\Program Files (x86)\SmartSound Software 2012-06-15 20:06:17 -------- d-----w- C:\ProgramData\SmartSound Software Inc 2012-06-15 20:03:35 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Roxio Log Files 2012-06-15 19:25:25 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine 2012-06-15 19:25:22 -------- d-----w- C:\Program Files\DivX 2012-06-15 19:25:14 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared 2012-06-15 19:25:02 -------- d-----w- C:\Program Files (x86)\DivX 2012-06-15 19:24:48 -------- d-----w- C:\ProgramData\DivX 2012-06-15 19:12:10 -------- d-----w- C:\Program Files (x86)\Yontoo 2012-06-15 19:12:09 -------- d-----w- C:\ProgramData\Tarma Installer 2012-06-15 19:11:21 -------- d-----w- C:\Program Files (x86)\1ClickDownload 2012-06-15 19:06:55 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery 2012-06-15 18:51:58 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2012-06-15 18:51:38 -------- d-----w- C:\Windows\PCHEALTH 2012-06-15 18:51:38 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-06-15 18:50:12 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2012-06-15 18:49:30 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2012-06-15 18:48:58 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Microsoft Help 2012-06-15 18:38:36 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\AVG2012 2012-06-15 18:38:11 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search 2012-06-15 18:38:11 -------- d-----w- C:\Program Files (x86)\AVG Secure Search 2012-06-15 18:38:09 -------- d--h--w- C:\ProgramData\Common Files 2012-06-15 18:38:04 -------- d-----w- C:\Windows\SysWow64\drivers\AVG 2012-06-15 18:37:37 -------- d-----w- C:\Windows\System32\drivers\AVG 2012-06-15 18:37:37 -------- d-----w- C:\ProgramData\AVG2012 2012-06-15 18:37:08 -------- d-----w- C:\Program Files (x86)\AVG 2012-06-15 18:35:34 -------- d-----w- C:\ProgramData\MFAData 2012-06-15 18:16:24 -------- d-----w- C:\Users\BodyRoc\.swt 2012-06-15 18:16:22 -------- d-----w- C:\Users\BodyRoc\AppData\Roaming\Azureus 2012-06-15 18:15:49 -------- d-----w- C:\Program Files (x86)\Vuze 2012-06-15 18:15:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\CRE 2012-06-15 18:15:41 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Conduit 2012-06-15 18:15:41 -------- d-----w- C:\Program Files (x86)\Conduit 2012-06-15 18:15:40 -------- d-----w- C:\Program Files (x86)\Vuze_Remote 2012-06-15 18:12:38 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Google 2012-06-15 18:10:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Deployment 2012-06-15 18:10:45 -------- d-----w- C:\Users\BodyRoc\AppData\Local\Apps 2012-06-15 17:39:03 -------- d-----w- C:\Windows\Panther 2012-06-15 17:38:49 -------- d-sh--w- C:\Boot 2012-06-15 17:38:29 -------- d-----w- C:\Program Files (x86)\Cisco 2012-06-15 17:37:39 -------- d-sh--w- C:\Windows\Installer 2012-06-15 17:37:07 1089024 ----a-w- C:\Windows\System32\BCMLogon.dll 2012-06-15 16:59:15 125376 ----a-w- C:\Windows\System32\drivers\scdemu.sys 2012-06-15 16:59:15 -------- d-----w- C:\Program Files (x86)\PowerISO 2012-06-15 16:52:24 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e 2012-06-15 16:52:03 76912 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys 2012-06-15 16:52:03 75888 ----a-w- C:\Windows\System32\drivers\L1C60x64.sys 2012-06-15 16:52:02 -------- d-----w- C:\dell . ==================== Find3M ==================== . 2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-25 17:11:36 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2012-04-25 17:11:36 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ============= FINISH: 17:02:15.89 =============== Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.