Malwarebytes blocks outgoing ip, on Firefox only, help needed...

[BajaCapt]

Hi,

I noticed this IP being blocked a few days back, it is a Switzerland IP apparently, the IP number is 212.117.117.190, the popup from Malwarebyts is as follows: Malwarebytes Anti-Malware Succesfully blocked access to a potentially malicious website: 212.117.117.190 Type: outgoing Port: 49200, Process: firefox.exe The port keeps changing but the IP is always the same and like I said before, it only happens on Firefox 11. I did run a full MBAM scan as well as a quick one, they came out clean.

Below is the DDS.txt, any help or direction of this will be highly appreciated, been at this for a couple of days but at a dead end now short of doing a full Windows 7 reinstall...

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29

Run by LumpM17XR2 at 1:57:32 on 2012-03-28

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8180.6299 [GMT -7:00]

.

AV: ESET Smart Security 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}

SP: ESET Smart Security 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files (x86)\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\AESTSr64.exe

C:\Program Files\Alienware\Command Center\AlienFusionService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

C:\Program Files (x86)\OSD\OSD_Service.exe

C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\SysWOW64\nlssrv32.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Alienware\Command Center\AlienFusionController.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\ESET\ESET Smart Security\egui.exe

C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\Dyn Updater\DynTray.exe

C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe

C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\OSD\OSD.exe

C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe

C:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Bar = Preserve

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: FAIESSOHelper Class: {a2f122da-055f-4df7-8f24-7354dbdba85b} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

uRun: [EPSON Artisan 800(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEMA.EXE /FU "C:\Windows\TEMP\E_S44BC.tmp" /EF "HKCU"

uRun: [AdobeBridge]

uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Google Update] "C:\Users\LumpM17XR2\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch_OSD.exe

mRun: [FAStartup]

mRun: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe

mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe

mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DYNUPD~1.LNK - C:\Program Files (x86)\Dyn Updater\DynTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGOCA~1.LNK - C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PROFIL~1.LNK - C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Download with Xilisoft YouTube Video Converter - C:\Program Files (x86)\Xilisoft\YouTube Video Converter\upod_link.HTM

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {9E065E4A-BD9D-4547-8F90-985DC62A5591} - hxxp://192.168.1.116:1025/PlayerPT.cab

DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{5705563A-582C-4B27-A04D-DC9753772177} : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{5705563A-582C-4B27-A04D-DC9753772177}\4646D2772747 : DhcpNameServer = 192.168.199.1

TCP: Interfaces\{5705563A-582C-4B27-A04D-DC9753772177}\84F6D656E4564777F627B6 : DhcpNameServer = 187.141.158.241 187.141.190.241

TCP: Interfaces\{5705563A-582C-4B27-A04D-DC9753772177}\94E46494E4944555D436233373 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{5705563A-582C-4B27-A04D-DC9753772177}\94E46494E4944555D483331323 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{5705563A-582C-4B27-A04D-DC9753772177}\C455D405D26505E4 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{5705563A-582C-4B27-A04D-DC9753772177}\C457D607D26505E4 : DhcpNameServer = 192.168.199.1

TCP: Interfaces\{5705563A-582C-4B27-A04D-DC9753772177}\C696E6B6379737 : DhcpNameServer = 192.168.2.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: FastAccess - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll

LSA: Notification Packages = scecli FAPassSync

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: FAIESSOHelper Class: {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll

BHO-X64: FAIESSO Helper Object - No File

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

mRun-x64: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch_OSD.exe

mRun-x64: [FAStartup]

mRun-x64: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe

mRun-x64: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe

mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\LumpM17XR2\AppData\Roaming\Mozilla\Firefox\Profiles\20pab6ac.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: network.proxy.http - 174.129.122.225

FF - prefs.js: network.proxy.http_port - 80

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\LumpM17XR2\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdflt.sys --> C:\Windows\system32\DRIVERS\stdflt.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/12/21 21:34:39];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-8-26 146928]

R2 Active@ Disk Monitor;Active@ Disk Monitor;C:\Program Files (x86)\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [2010-5-13 1127944]

R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\AESTSr64.exe [2011-1-16 89600]

R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2009-11-10 13624]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 Dyn Updater;Dyn Updater;C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe [2011-11-15 95608]

R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]

R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-3-24 810120]

R2 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys --> C:\Windows\system32\DRIVERS\epfwwfp.sys [?]

R2 FAService;FAService;C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2009-6-24 2368776]

R2 HappyOSD;HappyOSD;C:\Program Files (x86)\OSD\OSD_Service.exe [2010-1-26 16384]

R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2010-1-26 59904]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-27 652360]

R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\System32\nlssrv32.exe [2009-12-18 57344]

R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Acceler.sys --> C:\Windows\system32\DRIVERS\Acceler.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 .EsetTrialReset;Eset Trial Reset;C:\Windows\reset.exe [2009-3-13 357182]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-18 136176]

S2 rimspci;rimspci;C:\Windows\system32\DRIVERS\rimspe64.sys --> C:\Windows\system32\DRIVERS\rimspe64.sys [?]

S2 risdpcie;risdpcie;C:\Windows\system32\DRIVERS\risdpe64.sys --> C:\Windows\system32\DRIVERS\risdpe64.sys [?]

S2 rixdpcie;rixdpcie;C:\Windows\system32\DRIVERS\rixdpe64.sys --> C:\Windows\system32\DRIVERS\rixdpe64.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-18 136176]

S3 IAMTVE;Driver for Intel® Active Management Technology - KCS;C:\Windows\system32\DRIVERS\IAMTVE.sys --> C:\Windows\system32\DRIVERS\IAMTVE.sys [?]

S3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;C:\Windows\system32\DRIVERS\IAMTXPE.sys --> C:\Windows\system32\DRIVERS\IAMTXPE.sys [?]

S3 ioatdma;Intel® QuickData Technology device;C:\Windows\system32\Drivers\qd260x64.sys --> C:\Windows\system32\Drivers\qd260x64.sys [?]

S3 ioatdma1;ioatdma1;C:\Windows\system32\Drivers\qd162x64.sys --> C:\Windows\system32\Drivers\qd162x64.sys [?]

S3 ioatdma2;Intel® QuickData Technology device ver.2;C:\Windows\system32\Drivers\qd262x64.sys --> C:\Windows\system32\Drivers\qd262x64.sys [?]

S3 iSSetup;iSSetup;C:\Windows\system32\DRIVERS\iSSetup.sys --> C:\Windows\system32\DRIVERS\iSSetup.sys [?]

S3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]

S3 nlscc;Nalpeiron X64 Service;C:\Windows\system32\nlsInterface.exe --> C:\Windows\system32\nlsInterface.exe [?]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.Sys [2011-1-9 16392]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]

S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]

S3 WSDScan;WSD Scan Support via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys --> C:\Windows\system32\DRIVERS\WSDScan.sys [?]

.

=============== Created Last 30 ================

.

2012-03-28 08:53:12 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5623DA98-BCC0-48D9-9AF3-CD038D8CCB1B}\mpengine.dll

2012-03-28 06:41:53 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{BB5B3876-9F77-45EE-B9AC-848BC6E6937D}

2012-03-28 06:41:42 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{9D6C7E67-6A60-407B-B16C-0498E59ACBA9}

2012-03-28 06:37:19 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-03-28 04:13:57 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{DA7E8B3F-3346-49A3-A642-4B0106597DB2}

2012-03-28 04:13:46 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{274C951F-9220-4869-B847-9103DAB0CC70}

2012-03-27 22:32:11 -------- d-----w- C:\Users\LumpM17XR2\AppData\Roaming\Malwarebytes

2012-03-27 22:32:07 -------- d-----w- C:\ProgramData\Malwarebytes

2012-03-27 22:32:06 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-03-27 21:25:14 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-03-27 09:13:11 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{6C8B3209-AF79-40DE-8A40-2D5535D9F35C}

2012-03-27 09:13:00 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{86088360-1CDB-4F95-A978-5556E328A7C6}

2012-03-26 21:12:34 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{9B4BD224-B038-4419-9BB6-462AE5DE15E6}

2012-03-26 21:12:23 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{3A816C61-2D90-4253-A08D-6A81055C628A}

2012-03-26 05:32:45 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{2F7F0AB6-3DA7-493B-AA7D-67E8142C4927}

2012-03-26 05:32:34 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{DC932E7A-6A96-4069-829D-5E0362794201}

2012-03-25 16:03:59 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{826F4981-B803-4352-8E7B-45DDAB3C5BB8}

2012-03-25 16:03:48 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{3856ED8E-9244-45E0-9E5E-6B9D139CB592}

2012-03-24 23:56:26 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{D82B2D2F-CD81-404D-935C-68BCCBF9543E}

2012-03-24 23:56:16 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{F8DC0792-8F41-47AB-A0FB-A81737C33120}

2012-03-24 22:41:50 -------- d-----w- C:\Users\LumpM17XR2\AppData\Roaming\.minecraft

2012-03-24 08:13:33 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{66944AAF-AD35-4708-A496-6F5139806E43}

2012-03-24 08:13:22 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{ACC347B2-D9F0-4D1C-8283-2C9087B5B366}

2012-03-24 01:42:58 -------- d-----w- C:\ProgramData\Xilisoft

2012-03-23 16:55:31 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{182FFE11-5562-4343-90D9-6BFACEFE28DE}

2012-03-23 16:55:20 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{1B48BE26-49F0-4C98-8952-3C849BB741B3}

2012-03-23 04:54:53 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{269CE8E0-3FE2-4FE5-8173-987EC2F77ECC}

2012-03-23 04:54:42 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{A07FF58A-821F-4249-A9DE-5EBD1E47CDD1}

2012-03-22 15:08:18 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{0DFB346E-F734-4A0E-A8C3-3EB492EDC762}

2012-03-22 15:08:06 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{77F9E4B9-8795-47A2-B6F0-85022A01BA3E}

2012-03-22 03:07:41 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{00E91771-6C46-4DBF-9815-FB2A167A351D}

2012-03-22 03:07:30 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{27431610-DAD3-4A11-BF57-AED0C929BE69}

2012-03-21 15:07:05 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{3BA6A9C2-F56E-467E-94CF-72640595FD7B}

2012-03-21 15:06:54 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{4C5C117F-D53F-4BC5-B34A-8DFF346C2335}

2012-03-21 03:06:41 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{916EBA3C-793E-4C24-8F66-576A6B29C04A}

2012-03-21 03:06:30 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{35FEB5D5-3AFF-44F1-B6C4-A55C89AA9149}

2012-03-20 13:53:57 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{65FEEEB2-E741-4F1F-8D5C-FB60EB432B98}

2012-03-20 13:53:47 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{8878983B-53A2-43FB-AF74-7E051C6DAF46}

2012-03-20 01:53:34 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{D994B58E-06BC-467E-9631-07FDA44D5B0F}

2012-03-20 01:53:23 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{2762E5CC-E13D-4D04-8E26-EE5453D89582}

2012-03-19 13:53:11 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{103BAD8D-3076-4FBA-8884-B07C76CBA6A3}

2012-03-19 13:53:00 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{A3E0ACF1-6C7E-4C06-A750-5E6F3C36FDDD}

2012-03-19 01:52:33 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{6A9B1D6B-AA38-42D8-9E11-B9A0C45C2631}

2012-03-19 01:52:22 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{E22CD31E-B205-4FFE-ACF5-4CF471BF76A1}

2012-03-18 13:52:10 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{FAB0BBBB-B052-4C69-8625-8AEB88CC60F6}

2012-03-18 13:51:59 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{99822141-83CA-4999-9A22-21709A549C0D}

2012-03-18 00:32:14 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\Sony

2012-03-18 00:32:14 -------- d-----w- C:\Program Files\Sony

2012-03-17 22:13:45 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll

2012-03-17 22:13:45 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll

2012-03-17 21:38:46 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{45A6E1AA-AB5F-4CC8-99B3-5E69C0853A0F}

2012-03-17 21:38:35 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{26E42A84-BE5F-453C-BB6C-DF4559F38804}

2012-03-17 09:38:22 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{4F77B26E-0801-4A4D-A413-C60120DAFE8F}

2012-03-17 09:38:11 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{B8AA1B26-A264-4A33-B1F3-5A125C04490F}

2012-03-16 21:37:46 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{F62CF64A-A7BF-4F33-8D72-8F63873E476F}

2012-03-16 21:37:35 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{F3EBE926-51F7-4A98-A68A-0ED43447F5F7}

2012-03-16 08:00:23 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{8DCFB4C7-8723-41DE-9223-56D9C650B96E}

2012-03-16 08:00:12 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{CA50B9F6-559F-40D5-86BE-CCEA5FD14DD1}

2012-03-15 16:59:41 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{363D6A8B-5CA7-4678-843D-280F3717AA15}

2012-03-15 16:59:30 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{BCBA8D83-0E95-4303-BFBE-18817F577DDB}

2012-03-15 04:59:05 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{0294D8F7-C667-4DCE-9C6F-C8244F87EDDA}

2012-03-15 04:58:54 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{60AF6F84-D603-49E2-8EE0-736E8ADBF491}

2012-03-14 16:58:41 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{54E893E1-07A2-4FC8-AA50-06CE0BA130E9}

2012-03-14 16:58:31 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{1D84ECF0-8581-4466-9DF2-6D9B4FE94D3C}

2012-03-14 04:58:17 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{DA4553D5-879A-4010-82FA-8D7E3D015EE0}

2012-03-14 04:58:06 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{42AE495E-9FA8-4B7F-B797-E77759DFBA63}

2012-03-14 00:50:37 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-03-14 00:50:35 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-03-14 00:50:34 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-03-14 00:47:19 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-03-14 00:47:19 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-03-14 00:47:19 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-03-14 00:47:18 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2012-03-14 00:47:18 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-03-14 00:47:16 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-03-14 00:47:15 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-03-14 00:47:14 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-03-14 00:47:14 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-03-14 00:47:14 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-03-13 16:57:42 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{35E5B107-6C95-4126-BA0E-70B13EA5C41A}

2012-03-13 16:57:31 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{3A899B1A-0B39-461E-8C14-3FB2823D16BF}

2012-03-13 04:57:05 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{E8A5E338-483E-49BC-B258-0A4B1A0178E2}

2012-03-13 04:56:54 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{12E95C34-9D1F-4D8A-82DF-E1EA9BAB3DED}

2012-03-12 10:16:08 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{D8F88C61-C3B8-4888-8F75-58BA1649448E}

2012-03-12 10:15:57 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{3D9D5B7B-6F92-4038-8F9F-C63CA559AAB4}

2012-03-10 20:15:50 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{B34BA97C-43E5-4FAC-A691-FA571CE99354}

2012-03-10 20:15:40 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{493827FB-6706-4DC3-A443-DB598B32456C}

2012-03-10 08:15:27 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{A8EFF1A0-3067-4931-A6DD-2E537337B55C}

2012-03-10 08:15:16 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{B03F6C8B-35DB-48C6-B0EF-186402127866}

2012-03-09 20:14:51 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{3EE15861-6E42-4051-93B4-050D82141E2A}

2012-03-09 20:14:40 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{E58841C5-047F-4B5B-A060-F235D1D8F0E1}

2012-03-09 08:10:11 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{26440277-622C-44BD-9136-5C426526C06B}

2012-03-09 08:10:00 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{42BBEB9B-5A8A-418B-B1D1-25964A3AA3A1}

2012-03-08 18:32:31 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{7A0E4DE5-3619-4136-871B-4C8529FFFCB7}

2012-03-08 18:32:20 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{38246E85-DEDA-494D-B7DF-910DDD64C7F2}

2012-03-08 05:15:12 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{5A1E7F95-E1BC-471E-9EF6-8EF8FAA1E9C9}

2012-03-08 05:15:01 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{BB90E0AC-963F-450C-A16F-BFA24543F27A}

2012-03-07 17:14:36 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{C1F46A40-10F3-4E32-9439-D934A890D7A5}

2012-03-07 17:14:25 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{D1B8C18B-5073-454B-85F0-4DEE1B8D631D}

2012-03-07 05:14:13 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{DFE7C68F-EC70-438D-AAB9-A5AB37E7696D}

2012-03-07 05:14:02 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{522FEFC8-EEFA-4098-8FB8-F48BAB6F22D6}

2012-03-06 16:03:55 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{D7AD3CB9-453D-4FE7-B6AD-030F2BD3DF42}

2012-03-06 16:03:44 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{4D5ADDEF-D5E3-4BF4-9FD0-E0B42E3B6205}

2012-03-06 04:03:32 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{A17F7A9D-CDD2-4F11-A649-9B35DF25C3A5}

2012-03-06 04:03:21 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{D5823982-2877-4F5A-AEAC-299EB0E57BF8}

2012-03-05 16:02:55 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{9F2ECE75-9E73-4218-9AB6-215A58BE95B7}

2012-03-05 16:02:44 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{C4D2C28F-7409-4466-BDB7-D8C242F88B7B}

2012-03-04 11:55:08 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{30CC748C-EFDA-42AB-BE70-8645D8700AD0}

2012-03-04 11:54:54 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{7B1EA9BF-3570-46F6-B2EC-F16E7BB5F981}

2012-03-03 23:54:42 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{98E208C5-6022-4607-A49D-A42A4DBE6E2D}

2012-03-03 23:54:31 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{52C8A917-E20D-4F0A-B3C0-23A92824DD85}

2012-03-03 11:54:18 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{9E6DE1BA-ABC9-437E-B50C-59B1E5CAE8A0}

2012-03-03 11:54:07 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{7EE5C97F-5F1A-47D1-A55A-C0DD7C3F854D}

2012-03-02 23:53:42 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{A2528BD6-4BCF-4719-B65D-19E54BA76676}

2012-03-02 23:53:30 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{5C29D005-947C-41BD-AE47-BE5D4B292221}

2012-03-02 05:52:42 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{FD6E793F-3340-4C62-AE1F-FFFD5861494F}

2012-03-02 05:52:31 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{72C1D49A-5680-460B-8A92-54F5C06A2A44}

2012-03-01 17:52:07 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{C2249308-3B7C-4F99-98B2-5D6A980CAB6B}

2012-03-01 17:51:56 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{2281BB55-0EE5-4FD2-9C6B-F1D9327CFC77}

2012-03-01 05:51:42 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{469943CE-FAA3-41F1-9901-DF45483FBDB6}

2012-03-01 05:51:31 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{41C3AC61-F63B-433D-AA48-2AA7EF79F8C9}

2012-02-29 17:21:50 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{B00FA088-E70D-4404-8A19-1030F6D5AA5D}

2012-02-29 17:21:39 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{DECCD0E9-A99F-47E4-B64D-BD2D071103F3}

2012-02-29 05:21:27 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{09318FEC-2A19-4487-9613-230C663CBF1F}

2012-02-29 05:21:16 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{C673662D-3E32-46F2-B051-9027AC618661}

2012-02-28 16:43:21 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{6010FF3F-1003-4987-B136-9F5855C299B9}

2012-02-28 16:43:10 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{3EA3D55D-B665-47DC-AA87-BE4D2F749C2C}

2012-02-28 16:05:15 -------- d-----w- C:\Users\LumpM17XR2\AppData\Roaming\DVDVideoSoft

2012-02-28 04:42:57 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{DA1D4291-0EE2-478F-99F7-49D1A6C560B0}

2012-02-28 04:42:46 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{CDE1B53F-57B9-4042-94CF-4D556F604A97}

2012-02-27 15:19:42 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{CCF26039-68A4-417C-AF27-D086169B853B}

2012-02-27 15:19:32 -------- d-----w- C:\Users\LumpM17XR2\AppData\Local\{062164EE-3449-44B7-8F66-297F3F91E51C}

.

==================== Find3M ====================

.

2012-03-20 15:28:26 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-23 16:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-01-16 22:58:43 897520 ----a-w- C:\Users\LumpM17XR2\DynUpSetup.exe

2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll

2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll

2012-01-02 19:46:36 1359824 ----a-w- C:\Users\LumpM17XR2\pc-decrapifier-2.2.8.exe

2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl

2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl

.

============= FINISH: 1:58:43.13 ===============

And below is the Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 2/4/2010 6:47:45 PM

System Uptime: 3/28/2012 1:54:02 AM (0 hours ago)

.

Motherboard: Alienware | |

Processor: Intel® Core™ i7 CPU Q 720 @ 1.60GHz | CPU 1 | 1597/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 245 GiB total, 70.088 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 206 GiB total, 106.053 GiB free.

G: is CDROM ()

H: is FIXED (NTFS) - 466 GiB total, 171.306 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Description: ITECIR Infrared Receiver (EC)

Device ID: ACPI\ITE8708\1

Manufacturer: ITE Tech.Inc.

Name: ITECIR Infrared Receiver (EC)

PNP Device ID: ACPI\ITE8708\1

Service: itecir

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: facap, FastAccess Video Capture

Device ID: ROOT\IMAGE\0000

Manufacturer: Sensible Vision

Name: facap, FastAccess Video Capture

PNP Device ID: ROOT\IMAGE\0000

Service: FACAP

.

Class GUID:

Description:

Device ID: PCI\VEN_1180&DEV_E230&SUBSYS_043A1028&REV_01\4&1F21EBDD&0&01E3

Manufacturer:

Name:

PNP Device ID: PCI\VEN_1180&DEV_E230&SUBSYS_043A1028&REV_01\4&1F21EBDD&0&01E3

Service:

.

Class GUID:

Description:

Device ID: PCI\VEN_1180&DEV_E852&SUBSYS_043A1028&REV_01\4&1F21EBDD&0&02E3

Manufacturer:

Name:

PNP Device ID: PCI\VEN_1180&DEV_E852&SUBSYS_043A1028&REV_01\4&1F21EBDD&0&02E3

Service:

.

==== System Restore Points ===================

.

RP470: 3/22/2012 11:29:31 PM - Scheduled Checkpoint

RP471: 3/23/2012 6:06:14 AM - Windows Update

RP472: 3/27/2012 5:02:49 AM - Windows Update

RP473: 3/27/2012 3:19:48 PM - Restore Operation

RP474: 3/27/2012 9:51:50 PM - Removed Vegas Pro 11.0 (64-bit)

RP475: 3/27/2012 11:09:29 PM - Restore Operation

RP476: 3/28/2012 1:45:35 AM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

µTorrent

Abrosoft FantaMorph 4.1

Accelerometer

ACDSee Pro 2.5

Active@ Hard Disk Monitor

Adobe After Effects CS5

Adobe After Effects CS5 Third Party Content

Adobe After Effects CS5 Third Party Royalty Content

Adobe AIR

Adobe Anchor Service CS4

Adobe Bridge CS4

Adobe CMaps CS4

Adobe Color EU Extra Settings CS4

Adobe Color JA Extra Settings CS4

Adobe Color NA Recommended Settings CS4

Adobe Community Help

Adobe CSI CS4

Adobe Default Language CS4

Adobe ExtendScript Toolkit CS4

Adobe Extension Manager CS4

Adobe Fonts All

Adobe InDesign CS4

Adobe InDesign CS4 Application Feature Set Files (Roman)

Adobe InDesign CS4 Common Base Files

Adobe InDesign CS4 Icon Handler

Adobe Linguistics CS4

Adobe Media Player

Adobe Output Module

Adobe PDF Library Files CS4

Adobe Photoshop CS5

Adobe Reader 9.1.2

Adobe Search for Help

Adobe Service Manager Extension

Adobe Setup

Adobe SGM CS4

Adobe SING CS4

Adobe Type Support CS4

Adobe Update Manager CS4

Adobe WinSoft Linguistics Plugin

Adobe XMP Panels CS4

AdobeColorCommonSetCMYK

Advertising Center

AnyDVD

Application Profiles

Auslogics BoostSpeed

Auslogics Disk Defrag

Battlefield 3™

Battlelog Web Plugins

BlackBerry Desktop Software 5.0.1

BlackBerry Desktop Software 6.1

BlackBerry Device Software Updater

BlackBerry Device Software v4.6.1 for the BlackBerry 8350i smartphone

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

ClearSea

Command Center

Connect

Crysis® 2

CyberLink PowerDVD 10

CyberLink YouCam

D3DX10

Dead Space™ 2

Deus Ex Human Revolution - The Missing Link

DiRT 3

Dyn Updater

Epson Event Manager

Epson Print CD

EPSON Scan

EpsonNet Print

ESN Sonar

EVEREST Ultimate Edition v4.60

Eye-One Match 3.6.2

Fallout New Vegas

Fences Pro

ffdshow [rev 3222] [2010-01-23]

Fraps (remove only)

Google Chrome

Google Earth

Google Update Helper

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

HydraVision

i1_driver_installer_utility_i1Match version 1.0

IDT Audio

ImagXpress

ImgBurn

Intel A/V Codecs V2.0

iZotope Ozone 4

Japanese Fonts Support For Adobe Reader 9

Java Auto Updater

Java™ 6 Update 29

Junk Mail filter update

KaraFun 1.18

kuler

Linksys Surveillance Utility

Malwarebytes Anti-Malware version 1.60.1.1000

Marine Aquarium

Media Downloader

Microlife BPA 3.2 English

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (Spanish)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

MilkDrop for Winamp 2x (remove only)

MKV Converter Studio V2.0.1

Motorola Driver Installation

Mozilla Firefox 11.0 (x86 en-US)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyFreeCodec

Nero 9 Essentials

Nero BurnRights

Nero BurnRights Help

Nero ControlCenter

Nero CoverDesigner

Nero CoverDesigner Help

Nero DiscSpeed

Nero DiscSpeed Help

Nero DriveSpeed

Nero DriveSpeed Help

Nero Express Help

Nero InfoTool

Nero InfoTool Help

Nero Installer

Nero Online Upgrade

Nero Rescue Agent

Nero StartSmart

Nero StartSmart Help

NeroExpress

neroxml

NOOK for PC

NVIDIA PhysX

OpenAL

Origin

OSD Setup

oZone3D.Net FurMark v1.8.0

PDF Settings CS4

PDF Settings CS5

Photoshop Camera Raw

Plug-in Suite 5.1

Portal

PunkBuster Services

Rage

Renesas Electronics USB 3.0 Host Controller Driver

Samsung Kies

ScreenSaverGift Blue Pool Paradise

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Skype Click to Call

Skype™ 5.5

StarCraft II

Steam

StreamTorrent 1.0

Suite Shared Configuration CS4

The KMPlayer (remove only)

Thief - Deadly Shadows

Thief - Deadly Shadows Collective Texture Pack by John P., ver. 1.0.3

Topaz ReMask 3

Topaz ReMask 3 (64-bit)

Ubisoft Game Launcher

Ulead GIF Animator 5

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VirtualCloneDrive

VisualRoute

Viveza 2

VLC media player 1.1.4

WaveLab 6

Weight-By-Date Pro

Winamp

Winamp Detector Plug-in

Windows 7 USB/DVD Download Tool

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

Xilisoft DivX Converter

Xilisoft YouTube Video Converter

Yahoo! Messenger

.

==== Event Viewer Messages From Past Week ========

.

3/28/2012 1:54:59 AM, Error: Service Control Manager [7000] - The rixdpcie service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

3/28/2012 1:54:58 AM, Error: Service Control Manager [7000] - The risdpcie service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

3/28/2012 1:54:58 AM, Error: Service Control Manager [7000] - The rimspci service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

3/28/2012 1:54:39 AM, Error: Service Control Manager [7000] - The PDIHWCTL service failed to start due to the following error: The system cannot find the file specified.

3/28/2012 1:54:28 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Eset Trial Reset service to connect.

3/28/2012 1:54:28 AM, Error: Service Control Manager [7000] - The Eset Trial Reset service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/27/2012 8:23:58 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

3/27/2012 8:23:19 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

3/27/2012 8:17:49 PM, Error: Service Control Manager [7034] - The HappyOSD service terminated unexpectedly. It has done this 1 time(s).

3/27/2012 11:45:31 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004

3/27/2012 11:27:01 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Alienware Fusion Service service to connect.

3/27/2012 11:27:01 PM, Error: Service Control Manager [7000] - The Alienware Fusion Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/27/2012 11:21:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

3/27/2012 11:20:41 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

3/27/2012 11:20:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

3/27/2012 11:20:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

3/27/2012 11:20:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

3/27/2012 11:20:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

3/27/2012 11:20:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

3/27/2012 11:20:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

3/27/2012 11:20:16 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache ElbyCDIO NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl

3/27/2012 11:20:13 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

3/27/2012 11:20:13 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

3/27/2012 11:20:13 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

3/27/2012 11:20:13 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

3/27/2012 11:20:13 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

3/27/2012 11:20:13 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

3/27/2012 11:20:13 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

3/27/2012 11:20:13 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

3/27/2012 11:20:13 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

3/27/2012 11:20:13 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

3/27/2012 11:20:13 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

3/27/2012 11:19:14 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

3/27/2012 11:19:14 PM, Error: Service Control Manager [7038] - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

3/27/2012 11:19:14 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The data is invalid.

3/27/2012 11:19:14 PM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The service did not start due to a logon failure.

3/27/2012 11:19:14 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure.

3/27/2012 11:19:12 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.

3/27/2012 11:16:38 PM, Error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/26/2012 10:34:01 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{D90EEDCB-50C5-42C4-8916-BEBD419DA489} because another computer on the network has the same name. The server could not start.

3/26/2012 10:18:02 AM, Error: Service Control Manager [7034] - The Media Center Extender Service service terminated unexpectedly. It has done this 2 time(s).

3/24/2012 8:58:44 PM, Error: Service Control Manager [7034] - The Remote Registry service terminated unexpectedly. It has done this 3 time(s).

3/24/2012 8:57:44 PM, Error: Service Control Manager [7031] - The Remote Registry service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/24/2012 8:56:44 PM, Error: Service Control Manager [7031] - The Remote Registry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/22/2012 11:46:10 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

.

==== End Of File ===========================

[D-FRED-BROWN]

Hello BajaCapt and welcome to Malwarebytes!

I am D-FRED-BROWN and I will be helping you.

Please print or save this topic: it will make it easier for you to follow the instructions and complete all of the necessary steps.

-------------

Please download to your Desktop:

• TDSSKiller.zip from here and extract it (right click on it => "Extract here").
  

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.

• Click on the Start Scan button and wait for the scan and disinfection process to be over.
  
• If an infected file is detected, the default action will be Cure, click on Continue
  
• If a suspicious file is detected, the default action will be Skip, click on Continue
  
• If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  
• If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.
  

In your next reply, please include the following (you may need to use two posts to get it all in):

• TDSSKiller_log.txt
  

how the PC is running now?

-------------

Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.

Also, please let me know if any problems still remain.

-------------

Please download Security Check by screen317 from here or here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  

-------------

In your next reply, please include:

• TDSSKiller logfile
  
• C:\ComboFix.txt
  
• Security Check checkup.txt
  

How is your computer running now?

[BajaCapt]

D-Fred, wow, I had forgotten I was on queue for help here, I posted this request for assistance 2 months ago, I didn't realized it would take this long to get help. Just want to say thanks anyways for your reply and help, I ended up doing a full clean Windows 7 re-install, but I will make sure to save your advice for future reference in case I ever need it in the future. I got my full copy of Malwarebytes, would not use my laptop without it

Thanks again!

Jose.

[D-FRED-BROWN]

No problem. I'm sorry we couldn't help you, but I'm happy to hear the issue is resolved.

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!