Jump to content

Malware closing every programs/delaying windows start/virus or windows problem?


Recommended Posts

Gotta send a college homework tomorrow before 12 PM and I really need this computer to work - This sound pretty harsh but ugh.

Here's my problem;

Since Tuesday I've been having problem with my PC (Windows 7 64 bit).

Everytime I try to open a program, it automatically closes (It doesn't open but I can see in task manager that it was launched) it reaches 1 308 K - similar number and it closes.

Startup programs such as Avira don't start when the PC does.

I tried going in Safemode with networking and open MalwareBytes and ESET Scanner, it worked and detected a virus called 'Deals' and it took care of it but it still doesn't work.

(I currently can only use the PC while in Safemode.)

Malware bytes reported no malwares since last scan - I don't have a log but I could scan again if it's really needed.

Moderator NOTE: Do NOT use the attach feature when posting your logs. ALWAYS Copy & Paste all contents directly into main-body of reply !!!

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK

Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2

Run by Marc at 18:54:29 on 2012-12-21

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.6135.4261 [GMT -5:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}

FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\svchost.exe -k NetworkService

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\Explorer.EXE

C:\Windows\system32\ctfmon.exe

C:\Windows\System32\taskmgr.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Internet Download Manager\IDMan.exe

C:\Windows\explorer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://ca.yahoo.com?fr=fp-comodo

uProxyOverride = <-loopback>

uURLSearchHooks: <no name="">: - LocalServer32 - <no file="">

uURLSearchHooks: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll

uURLSearchHooks: {f3902028-4a21-4793-8e05-793e183d51c2} - <orphaned>

mURLSearchHooks: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll

mURLSearchHooks: <no name="">: - LocalServer32 - <no file="">

dURLSearchHooks: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll

dURLSearchHooks: <no name="">: - LocalServer32 - <no file="">

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

uRun: [GoogleChromeAutoLaunch_DEC2D89A3B6F06ADCC4F89EA2A899238] "C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window

mRun: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

mRunOnce: [MessengerPlusLiveUninstall] "C:\Users\Marc\AppData\Local\Temp\MsgPlusUninstall.exe" /Cleanup

uPolicies-Explorer: NoThumbnailCache = dword:0

uPolicies-Explorer: NoDriveTypeAutoRun = dword:2564

uPolicies-Explorer: NoDrives = dword:0

uPolicies-Explorer: NoRecentDocsNetHood = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:95

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-System: EnableLUA = dword:0

IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: Free YouTube Download - C:\Users\Marc\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

IE: Free YouTube to MP3 Converter - C:\Users\Marc\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-00109-0002-0009-ABCDEFFEDCBC} - <orphaned>

IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 24.201.245.77 24.200.0.1 24.53.0.2

TCP: Interfaces\{3F9E9AF3-23BC-4FB8-ACDA-F74DDEA9FA4E} : DHCPNameServer = 24.200.241.37 24.200.243.189 24.201.245.77

TCP: Interfaces\{A65BE9EF-8D62-47BE-82D0-1769B2F98B7E} : DHCPNameServer = 24.201.245.77 24.200.0.1 24.53.0.2

TCP: Interfaces\{E45A2E3F-6300-48BB-B8E6-95B0CAE96448} : DHCPNameServer = 24.201.245.77 24.200.0.1 24.53.0.2

TCP: Interfaces\{ED07DBD8-3E58-4459-BFAB-6B639E6EBBA9} : DHCPNameServer = 8.8.8.8

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: SDWinLogon - SDWinLogon.dll

AppInit_DLLs= C:\Windows\SysWOW64\guard32.dll

x64-RunOnce: [GrpConv] grpconv -o

x64-DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\4xu78o11.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Marc\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2012-11-18 15:22; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\4xu78o11.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

FF - ExtSQL: 2012-11-18 17:24; bytubed@cs213.cse.iitk.ac.in; C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\4xu78o11.default\extensions\bytubed@cs213.cse.iitk.ac.in

FF - ExtSQL: 2012-11-18 17:24; optout@dubfire.net; C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\4xu78o11.default\extensions\optout@dubfire.net

FF - ExtSQL: 2012-11-18 17:24; {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}; C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\4xu78o11.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi

FF - ExtSQL: 2012-11-18 17:24; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\4xu78o11.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi

.

============= SERVICES / DRIVERS ===============

.

R0 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2012-4-10 14592]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-9-28 55856]

R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2012-10-13 70256]

R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2011-1-6 38144]

R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;C:\Windows\System32\drivers\RtlProt.sys [2011-8-23 31016]

R1 TsLwWfF;WiFi Capture Driver;C:\Windows\System32\drivers\TsLwWfF.sys [2009-10-16 26728]

R3 KeyScrambler;KeyScrambler;C:\Windows\System32\drivers\keyscrambler.sys [2011-6-27 222904]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-9-28 242720]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-28 676968]

R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]

S0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]

S1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-6-2 27760]

S1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2011-1-6 584056]

S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-24 494424]

S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-9-27 239616]

S2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-6-2 86224]

S2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-6-2 110032]

S2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-6-2 98848]

S2 BitMeterCaptureService;BitMeter Capture Service;C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [2011-11-19 85435]

S2 BitMeterWebService;BitMeter Web Service;C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [2011-11-19 141466]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 CS_AutoUpdate;CS_AutoUpdate;C:\Program Files\Cucusoft\AutoUpdate\AutoUpdateSrvc.exe [2012-11-23 44696]

S2 CS_BandwidthGuard;CS_BandwidthGuard;C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc.sys [2012-11-23 216800]

S2 CS_BandwidthGuard64;CS_BandwidthGuard64;C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc64.sys [2012-11-23 285920]

S2 CS_SysMsgProxy64;CS_SysMsgProxy64;C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc64.sys [2012-11-23 324832]

S2 Granola PM Manager;Granola PM Manager;C:\Program Files (x86)\MiserWare\Granola Personal\GranolaManager.exe [2012-8-31 444656]

S2 hippovnc_service;hippovnc_service;C:\Users\Marc\Desktop\HippoVNC\WinVNC.exe [2012-12-15 1692160]

S2 ICQ Service;ICQ Service;C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2011-2-5 247608]

S2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2011-12-20 148104]

S2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-10-19 375728]

S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2012-8-24 15928]

S2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-11-10 72216]

S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-23 399432]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-23 676936]

S2 RealtekUSB;RealtekUSB;C:\Program Files (x86)\RadioLabs\RadioLabs Wireless USB Utility\RtlService.exe [2011-8-23 36864]

S2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-12-18 1103392]

S2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-12-18 1369624]

S2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-12-18 168384]

S2 SessionLauncher;SessionLauncher; [x]

S2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-11-22 3290304]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]

S2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-10-20 2072896]

S2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848]

S2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-8-1 917656]

S2 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-8-15 15680000]

S3 Andbus;LGE Android Platform Composite USB Device;C:\Windows\System32\drivers\lgandbus64.sys [2010-8-2 19456]

S3 AndDiag;LGE Android Platform USB Serial Port;C:\Windows\System32\drivers\lganddiag64.sys [2010-8-2 27648]

S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\Windows\System32\drivers\lgandgps64.sys [2010-8-2 27136]

S3 ANDModem;LGE Android Platform USB Modem;C:\Windows\System32\drivers\lgandmodem64.sys [2010-8-2 33792]

S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\lgandadb.sys [2010-8-2 31744]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-22 90112]

S3 CGVPNCliSrvc;CyberGhost VPN Client;C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2011-10-7 2428968]

S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2012-12-20 21712]

S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2012-1-3 77352]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-2-13 1038088]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-8-19 351136]

S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-8-19 4869024]

S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-1-11 34304]

S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-2-3 25928]

S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-2-22 28160]

S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 128456]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]

S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2011-12-23 31800]

S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]

S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187.sys [2010-1-7 448512]

S3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-6-17 166576]

S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]

S3 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]

S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\System32\drivers\tapoas.sys [2011-8-19 30720]

S3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\System32\drivers\teamviewervpn.sys [2010-12-2 35112]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-18 59392]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-20 11856]

S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);C:\Windows\System32\drivers\vcsvad.sys [2011-9-30 21504]

S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2011-1-18 68440]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-7 1255736]

S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-11-24 14544]

S4 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

S4 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-1-6 331608]

S4 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS --> C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS [?]

S4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-28 13336]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2008-7-10 47128]

S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-9-28 689472]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 370024]

.

=============== Created Last 30 ================

.

2012-12-21 02:32:26 -------- d-----w- C:\Users\Marc\AppData\Local\Rogue Amoeba

2012-12-21 02:22:24 -------- d-----w- C:\Program Files (x86)\Airfoil

2012-12-20 23:53:46 12872 ----a-w- C:\Windows\System32\bootdelete.exe

2012-12-20 23:46:52 -------- d-sh--w- C:\$RECYCLE.BIN

2012-12-20 23:22:50 -------- d-----w- C:\MGtools

2012-12-20 23:22:02 -------- d-----w- C:\Program Files\HitmanPro

2012-12-20 23:13:52 -------- d-----w- C:\ProgramData\HitmanPro

2012-12-20 23:00:00 21712 ----a-w- C:\Windows\SysWow64\drivers\DrvAgent64.SYS

2012-12-20 23:00:00 -------- d-----w- C:\Users\Marc\AppData\Local\eSupport.com

2012-12-20 22:49:20 -------- d-----w- C:\Program Files\Wireshark

2012-12-20 22:03:27 -------- d-----w- C:\ComboFix

2012-12-20 04:29:05 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{69CDA485-7AFF-4499-A04F-C3BA953BC9E6}\mpengine.dll

2012-12-20 04:04:13 98816 ----a-w- C:\Windows\sed.exe

2012-12-20 04:04:13 256000 ----a-w- C:\Windows\PEV.exe

2012-12-20 04:04:13 208896 ----a-w- C:\Windows\MBR.exe

2012-12-20 04:03:02 5012825 ------r- C:\ComboFix.exe

2012-12-18 23:26:52 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-12-18 23:22:37 17272 ----a-w- C:\Windows\System32\sdnclean64.exe

2012-12-18 23:22:34 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2012-12-18 23:22:13 -------- d-----w- C:\Users\Marc\AppData\Local\Programs

2012-12-18 23:06:17 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-12-16 03:10:48 -------- d-----w- C:\Windows\en

2012-12-16 03:05:08 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\266e89321cddb3a04\DSETUP.dll

2012-12-16 03:05:08 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\266e89321cddb3a04\DXSETUP.exe

2012-12-16 03:05:08 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\266e89321cddb3a04\dsetup32.dll

2012-12-16 03:05:05 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\244fe7001cddb3a03\DSETUP.dll

2012-12-16 03:05:05 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\244fe7001cddb3a03\DXSETUP.exe

2012-12-16 03:05:05 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\244fe7001cddb3a03\dsetup32.dll

2012-12-16 03:05:00 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\21963b081cddb3a01\DXSETUP.exe

2012-12-16 03:05:00 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\21963b081cddb3a01\dsetup32.dll

2012-12-16 03:04:59 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\21963b081cddb3a01\DSETUP.dll

2012-12-08 21:04:57 -------- d-----w- C:\Windows\$regcmp$

2012-12-08 15:19:59 -------- d-----w- C:\Users\Marc\AppData\Local\ESN

2012-12-08 02:30:29 -------- d-----w- C:\Users\Marc\AppData\Local\AMV_Software

2012-12-02 20:33:31 -------- d-----w- C:\Program Files (x86)\NCH Software

2012-12-02 20:32:46 -------- d-----w- C:\Program Files (x86)\NCH Swift Sound

2012-11-25 19:31:47 -------- d-----w- C:\Program Files (x86)\SparkIV

2012-11-25 18:38:22 -------- d-----w- C:\ProgramData\BitMeterOS

2012-11-25 18:38:11 -------- d-----w- C:\Program Files (x86)\Codebox

2012-11-24 21:58:33 -------- d-----w- C:\Users\Marc\AppData\Roaming\Hyperdesktop

2012-11-24 21:31:13 157016 ----a-w- C:\Windows\UnDeploy.exe

2012-11-24 21:31:13 -------- d-----w- C:\Program Files (x86)\Just Great Software

2012-11-24 20:40:49 -------- d-----w- C:\Users\Marc\AppData\Roaming\PotPlayerMini

2012-11-24 20:40:49 -------- d-----w- C:\Users\Marc\AppData\Local\Daum

2012-11-24 20:38:31 -------- d-----w- C:\Program Files (x86)\Daum

2012-11-24 19:55:54 -------- d-----w- C:\Users\Marc\AppData\Local\Razer

2012-11-24 04:43:14 -------- d-----w- C:\ProgramData\BSSmartUpdate

2012-11-24 04:43:14 -------- d-----w- C:\BSSmartUpdate

2012-11-24 04:43:04 -------- d-----w- C:\Users\Marc\AppData\Local\Deals Plugin

2012-11-24 04:43:02 -------- d-----w- C:\Program Files (x86)\Deals Plugin

2012-11-23 23:27:21 -------- d-----w- C:\Users\Marc\AppData\Local\New Technology Studio

2012-11-23 18:49:33 -------- d-----w- C:\Users\Marc\AppData\Roaming\NetGuard

2012-11-23 18:49:19 -------- d-----w- C:\ProgramData\Cucusoft

2012-11-23 18:49:13 -------- d-----w- C:\Program Files\Cucusoft

2012-11-23 06:23:28 34624 ----a-w- C:\Windows\System32\TURegOpt.exe

2012-11-23 06:23:27 25920 ----a-w- C:\Windows\System32\authuitu.dll

2012-11-23 06:23:27 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll

2012-11-23 06:23:00 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2012

2012-11-23 06:22:16 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2012-11-23 06:13:38 -------- d-----w- C:\Users\Marc\AppData\Roaming\CleanMyPC Software

2012-11-23 06:13:34 -------- d-----w- C:\Program Files (x86)\CleanMyPC

2012-11-22 23:28:48 90112 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys

2012-11-22 23:14:15 -------- d-----w- C:\Users\Marc\AppData\Roaming\driveridentifier

2012-11-22 23:14:08 -------- d-----w- C:\Program Files (x86)\Driver Identifier

2012-11-22 06:24:10 -------- d-----w- C:\Program Files (x86)\CustoPackTools

.

==================== Find3M ====================

.

2012-12-16 23:37:14 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2012-12-16 23:37:14 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2012-12-16 23:36:43 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2012-12-16 22:48:01 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex1

2012-12-16 18:37:28 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-12-16 18:37:28 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-12-08 18:15:40 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2012-11-10 20:00:05 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-11-10 20:00:04 821736 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll

2012-11-10 20:00:04 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-11-07 23:38:00 38144 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys

2012-11-07 23:37:59 584056 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys

2012-11-07 23:37:57 22736 ----a-w- C:\Windows\System32\drivers\cmderd.sys

2012-11-07 23:37:36 41240 ----a-w- C:\Windows\System32\cmdcsr.dll

2012-11-07 23:37:34 301264 ----a-w- C:\Windows\SysWow64\guard32.dll

2012-11-07 23:37:31 390392 ----a-w- C:\Windows\System32\guard64.dll

2012-10-29 00:40:19 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex2

2012-10-28 18:59:03 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex3

2012-10-27 16:48:44 391168 ----a-w- C:\Windows\SysWow64\InstaShot.exe

2012-10-21 17:28:08 9575864 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-10-19 23:11:06 88008 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll

2012-10-19 23:10:52 35240 ----a-w- C:\Windows\System32\LMIport.dll

2012-10-19 23:10:50 83880 ----a-w- C:\Windows\System32\LMIinit.dll

2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys

2012-10-14 00:20:17 12184 ----a-w- C:\Windows\fiddrv64.sys

2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll

2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll

2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll

2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll

2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll

2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll

2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll

2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll

2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll

2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll

2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll

2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

2012-09-29 23:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-09-29 00:40:34 2560 ----a-w- C:\Windows\_MSRSTRT.EXE

2012-09-28 22:43:56 90824 ----a-w- C:\Windows\SysWow64\EasyHook32.dll

2012-09-28 22:43:56 109256 ----a-w- C:\Windows\SysWow64\EasyHook64.dll

2012-09-28 20:37:02 221696 ----a-w- C:\Windows\System32\clinfo.exe

2012-09-28 20:36:44 75776 ----a-w- C:\Windows\System32\OpenVideo64.dll

2012-09-28 20:36:40 65536 ----a-w- C:\Windows\SysWow64\OpenVideo.dll

2012-09-28 20:36:36 63488 ----a-w- C:\Windows\System32\OVDecode64.dll

2012-09-28 20:36:34 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll

2012-09-28 20:36:24 32635904 ----a-w- C:\Windows\System32\amdocl64.dll

2012-09-28 20:32:16 27341824 ----a-w- C:\Windows\SysWow64\amdocl.dll

2012-09-28 02:23:00 5557928 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2012-09-28 02:21:20 10697216 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2012-09-28 02:05:38 70144 ----a-w- C:\Windows\System32\coinst_9.002.dll

2012-09-28 02:03:52 163840 ----a-w- C:\Windows\System32\atiapfxx.exe

2012-09-28 02:02:30 51200 ----a-w- C:\Windows\System32\aticalrt64.dll

2012-09-28 02:02:28 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2012-09-28 02:02:22 44544 ----a-w- C:\Windows\System32\aticalcl64.dll

2012-09-28 02:02:20 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2012-09-28 02:02:08 16082432 ----a-w- C:\Windows\System32\aticaldd64.dll

2012-09-28 01:59:56 23825920 ----a-w- C:\Windows\System32\atio6axx.dll

2012-09-28 01:57:20 13703168 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2012-09-28 01:43:28 935424 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2012-09-28 01:41:40 1120768 ----a-w- C:\Windows\System32\aticfx64.dll

2012-09-28 01:41:14 19624960 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2012-09-28 01:39:36 6536192 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2012-09-28 01:39:14 442368 ----a-w- C:\Windows\System32\atidemgy.dll

2012-09-28 01:39:08 538112 ----a-w- C:\Windows\System32\atieclxx.exe

2012-09-28 01:38:16 239616 ----a-w- C:\Windows\System32\atiesrxx.exe

2012-09-28 01:36:50 120320 ----a-w- C:\Windows\System32\atitmm64.dll

2012-09-28 01:36:36 21504 ----a-w- C:\Windows\System32\atimuixx.dll

2012-09-28 01:36:30 59392 ----a-w- C:\Windows\System32\atiedu64.dll

2012-09-28 01:36:26 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2012-09-28 01:31:26 3127296 ----a-w- C:\Windows\System32\atiumd6a.dll

2012-09-28 01:25:24 6704640 ----a-w- C:\Windows\System32\atiumd64.dll

2012-09-28 01:22:42 7167488 ----a-w- C:\Windows\System32\atidxx64.dll

2012-09-28 01:22:30 2691584 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2012-09-28 01:13:40 595456 ----a-w- C:\Windows\System32\atiadlxx.dll

2012-09-28 01:13:30 405504 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2012-09-28 01:13:16 17920 ----a-w- C:\Windows\System32\atig6pxx.dll

2012-09-28 01:13:12 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2012-09-28 01:13:12 14848 ----a-w- C:\Windows\System32\atiglpxx.dll

2012-09-28 01:13:08 41984 ----a-w- C:\Windows\System32\atig6txx.dll

2012-09-28 01:13:00 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2012-09-28 01:12:58 56320 ----a-w- C:\Windows\System32\atimpc64.dll

2012-09-28 01:12:58 56320 ----a-w- C:\Windows\System32\amdpcom64.dll

2012-09-28 01:12:52 460288 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2012-09-28 01:12:48 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll

.

============= FINISH: 18:55:40,00 ===============</orphaned></orphaned></orphaned></no></no></no></no></orphaned></no></no>

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 2010-10-06 19:02:12

System Uptime: 2012-12-21 18:18:36 (0 hours ago)

.

Motherboard: Dell Inc. | | 05DN3X

Processor: Intel® Core i7 CPU 930 @ 2.80GHz | CPU 1 | 2799/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 921 GiB total, 458,685 GiB free.

D: is CDROM ()

F: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {36fc9e60-c465-11cf-8056-444553540000}

Description: eHome Infrared Receiver (USBCIR)

Device ID: USB\VID_04EB&PID_E033\SN:CIR-00080612011700000000

Manufacturer: Microsoft

Name: eHome Infrared Receiver (USBCIR)

PNP Device ID: USB\VID_04EB&PID_E033\SN:CIR-00080612011700000000

Service: usbcir

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}

Description: Consumer IR Devices

Device ID: ROOT\SYSTEM\0001

Manufacturer: Microsoft

Name: Consumer IR Devices

PNP Device ID: ROOT\SYSTEM\0001

Service: circlass

.

Class GUID:

Description:

Device ID: ROOT\VMWVMCIHOSTDEV\0000

Manufacturer:

Name:

PNP Device ID: ROOT\VMWVMCIHOSTDEV\0000

Service:

.

==== System Restore Points ===================

.

RP866: 2012-12-21 18:13:21 - Removed LogMeIn

RP867: 2012-12-21 18:14:39 - Removed LogMeIn

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

.NET Reactor Registration v4.0.0.0

Adobe AIR

Adobe Anchor Service CS4

Adobe Anchor Service x64 CS4

Adobe Bridge CS4

Adobe CMaps CS4

Adobe CMaps x64 CS4

Adobe Color - Photoshop Specific CS4

Adobe Color EU Extra Settings CS4

Adobe Color JA Extra Settings CS4

Adobe Color NA Recommended Settings CS4

Adobe Color Video Profiles CS CS4

Adobe CSI CS4

Adobe CSI CS4 x64

Adobe Default Language CS4

Adobe Device Central CS4

Adobe Drive CS4

Adobe Drive CS4 x64

Adobe ExtendScript Toolkit CS4

Adobe Extension Manager CS4

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Fonts All

Adobe Fonts All x64

Adobe Linguistics CS4

Adobe Linguistics CS4 x64

Adobe Media Player

Adobe Output Module

Adobe PDF Library Files CS4

Adobe PDF Library Files x64 CS4

Adobe Photoshop CS4

Adobe Photoshop CS4 (64 Bit)

Adobe Photoshop CS4 Support

Adobe Reader X (10.1.4) - Français

Adobe Search for Help

Adobe Service Manager Extension

Adobe Setup

Adobe Shockwave Player 11.6

Adobe Type Support CS4

Adobe Type Support x64 CS4

Adobe Update Manager CS4

Adobe WinSoft Linguistics Plugin

Adobe WinSoft Linguistics Plugin x64

Adobe XMP Panels CS4

AdobeColorCommonSetCMYK

AdobeColorCommonSetRGB

Airfoil

Algebra Solved!

Algebrator 5.0

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Media Foundation Decoders

Android SDK Tools

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ARMA 2

Assassin's Creed Brotherhood

ASUS Ai Charger

ATI Catalyst Control Center

µTorrent

Audacity 1.2.6

Audacity 1.3.14 (Unicode)

AV Voice Changer Software DIAMOND 6.0

Avira Free Antivirus

Battlefield 3™

BitMeter OS

Bonjour

Call of Duty - World at War

Call of Duty: Modern Warfare 2 - Multiplayer

Camtasia Studio 7

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Cheat Engine 6.0

CINEMA 4D 13.016

Clavier+ 10.6.3

CleanMyPC - Registry Cleaner

Clownfish for Skype

CommView for WiFi

COMODO Internet Security

Connect

Correctif pour Microsoft Visual Studio 2010 Ultimate - Français (KB2529927)

Correctif pour Microsoft Visual Studio 2010 Ultimate - Français (KB2548139)

Correctif pour Microsoft Visual Studio 2010 Ultimate - Français (KB2549864)

Correctif pour Microsoft Visual Studio 2010 Ultimate - Français (KB2565057)

Correctif pour Microsoft Visual Studio 2010 Ultimate - Français (KB2635973)

Correctif pour Microsoft Visual Studio 2010 Ultimate - Français (KB2736182)

Correctif pour Modèle objet Microsoft Team Foundation Server 2010 - Français (KB2736182)

Counter-Strike: Source

Counter Strike Source Custom Weapon Skins Megapack

Crypto Obfuscator For .Net 2011 R3

Crystal Reports for Visual Studio

Cucusoft Auto Update 1.0.5

Cucusoft Net Guard 2.1.4.0

CyberGhost VPN

D3DX10

Daum PotPlayer 1.5.28025

Defraggler

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell Dock

Dell Edoc Viewer

Dell Getting Started Guide

Dell Support Center (Support Software)

DellTouch

DirectXInstallService

Dotfuscator Software Services - Community Edition

Dotfuscator Software Services - Community Edition - FRA

Driver Robot

DriverIdentifier 4.2.2

Dropbox

EasyBits GO

Elite Proxy Switcher 1.20

EMC 10 Content

EMCGadgets64

eMule

Eraser 6.0.9.2343

ERUNT 1.1j

ESET Online Scanner v3

ESN Sonar

Evaer Video Recorder for Skype 1.2.6.22

EVEREST Home Edition v2.20

Exif Tag Remover 4.01

F.lux

Facebook Messenger 2.1.4651.0

Fiddler

FilExile v1.35

FileZilla Client 3.5.3

Flvto Converter

Folder Size 2.4.0.0

Fraps (remove only)

Free Caller ver 1.0.1 Beta

Free FLV Converter V 6.96.0

Free Studio version 5.5.0

Free YouTube Download version 3.0.20.1228

Game Booster 3

GEAR driver installer 4.019

Glary Utilities Pro 2.46.0.1518

Google Chrome

Google Update Helper

Google Earth

GoToAssist 8.0.0.514

Grand Theft Auto IV

Granola

GTA San Andreas

Hex Workshop v6.7

HitmanPro 3.7

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB945282)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946040)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946308)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946344)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947540)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947789)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB948127)

Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB951708)

Hotfix for Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (KB944899)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)

Hotspot Shield 2.24

iBackupBot for iTunes 3.5.2

iCamSource

ICQ7.5

iDemo

Infra. d'app. de la couche Données Microsoft SQL Server 2008 R2

Intel® Control Center

Intel® Processor ID Utility

Intel® Rapid Storage Technology

Internet Download Manager

Internode Monthly Usage Meter 8.2a

IObit Toolbar v5.3

iPhoneBrowser

iTunes

Java 7 Update 9

Java Auto Updater

Java 6 Update 29

Java 6 Update 29 (64-bit)

Java 7 Update 3 (64-bit)

Java SE Development Kit 7 Update 3 (64-bit)

JavaFX 2.0.3

JavaFX 2.0.3 (64-bit)

JavaFX 2.0.3 SDK (64-bit)

JDownloader 0.9

KeyScrambler

kuler

LAME v3.98.3 for Audacity

LG United Mobile Drivers

LockHunter 2.0 beta 2, 64 bit

Logiciel d'archivage WinRAR

LogMeIn

MagicDisc 2.7.106

Malwarebytes Anti-Malware version 1.65.1.1000

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile FRA Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended FRA Language Pack

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Application Error Reporting

Microsoft ASP.NET MVC 2

Microsoft ASP.NET MVC 2 - FRA

Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools

Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - FRA

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Help Viewer 1.0 Language Pack - FRA

Microsoft Help Viewer 1.1

Microsoft Help Viewer 1.1 Language Pack - FRA

Microsoft Keyboard Layout Creator 1.4

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Search Enhancement Pack

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Silverlight 3 SDK - Français

Microsoft Silverlight 4 SDK - Français

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2008

Microsoft SQL Server 2008 Common Files

Microsoft SQL Server 2008 Database Engine Services

Microsoft SQL Server 2008 Database Engine Shared

Microsoft SQL Server 2008 RsFx Driver

Microsoft SQL Server 2008 Setup Support Files

Microsoft SQL Server Compact 3.5 SP1 Design Tools English

Microsoft SQL Server Compact 3.5 SP1 English

Microsoft SQL Server Compact 3.5 SP2 FRA

Microsoft SQL Server Compact 3.5 SP2 x64 FRA

Microsoft SQL Server Database Publishing Wizard 1.4

Microsoft SQL Server System CLR Types

Microsoft SQL Server System CLR Types (x64)

Microsoft SQL Server VSS Writer

Microsoft Sync Framework Runtime v1.0 SP1 (x64) fr

Microsoft Sync Framework SDK v1.0 SP1 fr

Microsoft Sync Framework Services v1.0 SP1 (x64) fr

Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) fr

Microsoft Team Foundation Server 2010 Object Model - FRA

Microsoft Visual Basic 2008 Express Edition with SP1 - ENU

Microsoft Visual C++ Compilers 2010 Standard - enu - x64

Microsoft Visual C++ Compilers 2010 Standard - enu - x86

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219

Microsoft Visual F# 2.0 Runtime

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140)

Microsoft Visual Studio 2010 IntelliTrace Collection (x64)

Microsoft Visual Studio 2010 Office Developer Tools (x64)

Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - FRA

Microsoft Visual Studio 2010 Performance Collection Tools SP1 - FRA

Microsoft Visual Studio 2010 Service Pack 1

Microsoft Visual Studio 2010 SharePoint Developer Tools

Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA

Microsoft Visual Studio 2010 Ultimate - FRA

Microsoft Visual Studio 2010 Ultimate - Français

Microsoft Visual Studio 6.0 Enterprise Edition

Microsoft Visual Studio Macro Tools

Microsoft Visual Studio Macro Tools - FRA Language Pack

Microsoft Web Publishing Wizard 1.53

Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu

Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32

Mise à jour de sécurité pour Microsoft Visual Studio 2010 Ultimate - Français (KB2645410)

MobileMe Control Panel

Modèle objet Microsoft Team Foundation Server 2010 - Français

Module linguistique de la visionneuse d'aide Microsoft 1.0 - FRA

Module linguistique Microsoft .NET Framework 4 Client Profile FRA

Module linguistique Microsoft .NET Framework 4 Extended FRA

Module linguistique Microsoft Visual F# 2.0 Runtime - FRA

Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA

MorphVOX Pro

Movie Maker

Moyea FLV Editor Lite version: 1.1.1.846

Mozilla Firefox 17.0.1 (x86 en-US)

Mozilla Maintenance Service

Mozilla Thunderbird 17.0 (x86 en-US)

MSVCRT

MSVCRT Redists

MSVCRT110

MSVCRT110_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MySQL Connector/ODBC 5.1

MySQL Server 5.5

No-IP DUC

Notepad++

Nucleus Kernel Hotmail MSN Password Recovery ver 4.01

Objets de gestion Microsoft SQL Server 2008 R2

Objets de gestion Microsoft SQL Server 2008 R2 (x64)

ooVoo

Oracle VM VirtualBox 4.1.4

Origin

Outils Microsoft Visual Studio 2010 ADO.NET Entity Framework

p300

Paint.NET v3.5.10

PDF Settings CS4

Personality Voices

PFPortChecker 1.0.39

Photo Common

Photo Gallery

Photo Stamp Remover 4.3

Photoshop Camera Raw

Photoshop Camera Raw_x64

PHP 5.3.8

plist Editor for Windows 1.0.2

PrimoPDF -- brought to you by Nitro PDF Software

Projet d'app. de la couche Données Microsoft SQL Server 2008 R2

ProxyChecker (remove only)

ProxySwitcher Standard

PunkBuster Services

QuickTime

RadioLabs Wireless USB Driver and Utility

Rainmeter

Realtek High Definition Audio Driver

Recuva

RegClean Pro

RegexBuddy 3 v.3.5.4

RegInOut System Utilities

Resource Hacker Version 3.6.0

Revo Uninstaller Pro 2.5.7

Rockstar Games Social Club

Roxio Activation Module

Roxio BackOnTrack

Roxio Central Audio

Roxio Central Copy

Roxio Central Core

Roxio Central Data

Roxio Central Tools

Roxio Easy CD and DVD Burning

Roxio Express Labeler 3

Roxio File Backup

Roxio Update Manager

Sandboxie 3.72 (64-bit)

ScreenSnapr version 3.0.0.3

ScreenSnapr version 4.0.0.2

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition

Security Update for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB2251487)

Security Update for Microsoft Visual Studio Macro Tools (KB2669970)

Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663)

Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870)

Service de langage Transact-SQL de Microsoft SQL Server 2008 R2

Service Pack 3 for SQL Server 2008 (KB2546951)

SimpLite-MSN 2.5

Skins

Skype Click to Call

Skype™ 5.10

Slice Audio File Splitter

SmartAssembly 5

Sniper Elite V2

Socks Proxy Checker 1.09

Sonic CinePlayer Decoder Pack

Sound Control v2.48 BETA

Speccy

Spybot - Search & Destroy

Sql Server Customer Experience Improvement Program

StAPH ver 1.25 - "Rise Of The Themes"

Steam

Suite Shared Configuration CS4

SUPERAntiSpyware

Supertintin 1.2.0.9

SWF & FLV Toolbox 4.0 (build 4.0.479)

swMSM

System Requirements Lab CYRI

TeamSpeak 3 Client

TeamViewer 7

The Sims Complete Collection

THX TruStudio PC

tools-freebsd

tools-linux

tools-netware

tools-solaris

tools-windows

tools-winPre2k

Total Video Converter 3.71 100812

TrueCrypt

TuneUp Utilities 2012

TuneUp Utilities Language Pack (en-US)

Ubisoft Game Launcher

UltraVnc

Unlocker 1.9.1-x64

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VD64Inst

Vegas Pro 10.0 (64-bit)

Ventrilo Client for Windows x64

ViewSonic Monitor Drivers

Virtual Audio Cable 4.10

VirtualCloneDrive

VirusTotal Uploader 2.0

Visual Studio 2010 Prerequisites - English

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA

VLC media player 2.0.4

VMware Workstation

VNC Free Edition 4.1.3

VoiceOver Kit

WavePad Sound Editor

WCF RIA Services V1.0 SP1

Web Deployment Tool

Web Proxy Checker

Winamp

Winamp Detector Plug-in

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Messenger

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Media Player Firefox Plugin

Windows Movie Maker 2.6

WinPatrol

WinPcap 4.1.2

Wireshark 1.8.4 (64-bit)

XAMPP 1.8.1

Xleaner v4.08.707

.

==== Event Viewer Messages From Past Week ========

.

2012-12-21 18:29:10, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.141.2260.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9002.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

2012-12-21 18:29:10, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

2012-12-21 18:21:07, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

2012-12-21 18:19:51, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

2012-12-21 18:19:51, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

2012-12-21 18:19:50, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

2012-12-21 18:19:44, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

2012-12-21 18:19:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

2012-12-21 18:19:07, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avipbb avkmgr cmdGuard discache ElbyCDIO MpFilter RxFilter SASDIFSV SASKUTIL spldr truecrypt VBoxDrv VBoxUSBMon Wanarpv6

2012-12-21 18:19:06, Error: Service Control Manager [7001] - The VMware Workstation Server service depends on the VMware Authorization Service service which failed to start because of the following error: The dependency service or group failed to start.

2012-12-21 18:19:06, Error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

2012-12-21 18:19:06, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: The dependency service or group failed to start.

2012-12-21 18:16:06, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

2012-12-21 18:15:19, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SupportSoft Sprocket Service (DellSupportCenter) service to connect.

2012-12-21 18:15:19, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Service Google Update (gupdate) service to connect.

2012-12-21 18:15:19, Error: Service Control Manager [7000] - The Service Google Update (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:15:17, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

2012-12-21 18:14:18, Error: Service Control Manager [7034] - The LogMeIn service terminated unexpectedly. It has done this 2 time(s).

2012-12-21 18:13:53, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

2012-12-21 18:13:31, Error: Service Control Manager [7034] - The LogMeIn service terminated unexpectedly. It has done this 1 time(s).

2012-12-21 18:13:24, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

2012-12-21 18:13:24, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

2012-12-21 18:13:17, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RxFilter

2012-12-21 18:13:17, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VMware DHCP Service service to connect.

2012-12-21 18:13:17, Error: Service Control Manager [7001] - The VMware Workstation Server service depends on the VMware Authorization Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:13:17, Error: Service Control Manager [7000] - The VMware DHCP Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:13:02, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VMware Authorization Service service to connect.

2012-12-21 18:13:02, Error: Service Control Manager [7000] - The VMware Authorization Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:12:47, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Security Center Service service to connect.

2012-12-21 18:12:47, Error: Service Control Manager [7000] - The Spybot-S&D 2 Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:12:31, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.

2012-12-21 18:12:31, Error: Service Control Manager [7000] - The Spybot-S&D 2 Updating Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:12:15, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VMware NAT Service service to connect.

2012-12-21 18:12:15, Error: Service Control Manager [7000] - The VMware NAT Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:12:00, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TeamViewer 7 service to connect.

2012-12-21 18:12:00, Error: Service Control Manager [7000] - The TeamViewer 7 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:11:44, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Skype Updater service to connect.

2012-12-21 18:11:29, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Skype C2C Service service to connect.

2012-12-21 18:11:14, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

2012-12-21 18:11:14, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:11:14, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the path specified.

2012-12-21 18:10:57, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the RealtekUSB service to connect.

2012-12-21 18:10:57, Error: Service Control Manager [7000] - The RealtekUSB service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:10:42, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PnkBstrB service to connect.

2012-12-21 18:10:42, Error: Service Control Manager [7000] - The PnkBstrB service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:10:27, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PnkBstrA service to connect.

2012-12-21 18:10:27, Error: Service Control Manager [7000] - The PnkBstrA service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:10:11, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MySQL service to connect.

2012-12-21 18:10:11, Error: Service Control Manager [7000] - The MySQL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:09:56, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.

2012-12-21 18:09:56, Error: Service Control Manager [7000] - The SQL Server (SQLEXPRESS) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:09:40, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.

2012-12-21 18:09:40, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:09:25, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.

2012-12-21 18:09:25, Error: Service Control Manager [7000] - The MBAMScheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:09:03, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the ICQ Service service to connect.

2012-12-21 18:08:48, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the hippovnc_service service to connect.

2012-12-21 18:08:48, Error: Service Control Manager [7000] - The hippovnc_service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:08:17, Error: Microsoft-Windows-TaskScheduler [413] - Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147549183.

2012-12-21 18:07:59, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Advanced SystemCare Service 5 service to connect.

2012-12-21 18:07:59, Error: Service Control Manager [7000] - The Advanced SystemCare Service 5 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-21 18:01:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

2012-12-20 22:34:58, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

2012-12-20 19:01:03, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).

2012-12-20 19:01:03, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

2012-12-20 19:01:03, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

2012-12-20 19:01:03, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

2012-12-20 19:01:01, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.

2012-12-20 18:29:27, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004

2012-12-20 18:06:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B68-F52A-11D8-B9A5-505054503030}

2012-12-20 17:16:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}

2012-12-20 17:13:55, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

2012-12-20 17:03:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

2012-12-20 16:57:05, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service SkypeUpdate with arguments "/ComService" in order to run the server: {CC957078-B838-47C4-A7CF-626E7A82FC58}

2012-12-20 16:48:26, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi avipbb avkmgr cmdGuard discache ElbyCDIO MpFilter RxFilter SASDIFSV SASKUTIL spldr sptd truecrypt VBoxDrv VBoxUSBMon Wanarpv6

2012-12-20 16:47:49, Error: sptd [4] - Driver detected an internal error in its data structures for .

2012-12-19 23:51:04, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Granola PM Manager service to connect.

2012-12-19 23:51:04, Error: Service Control Manager [7000] - The Granola PM Manager service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2012-12-19 23:23:21, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx RxFilter

2012-12-19 21:56:02, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswKbd aswSnx aswSP aswTdi avipbb avkmgr cmdGuard discache ElbyCDIO MpFilter RxFilter SASDIFSV SASKUTIL spldr sptd truecrypt VBoxDrv VBoxUSBMon Wanarpv6

2012-12-19 21:56:02, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.

2012-12-19 21:56:01, Error: Service Control Manager [7001] - The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

2012-12-19 21:54:12, Error: Service Control Manager [7023] - The IPsec Policy Agent service terminated with the following error: The authentication service is unknown.

2012-12-18 18:13:47, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi avipbb avkmgr cmdGuard discache ElbyCDIO MpFilter RxFilter spldr sptd truecrypt VBoxDrv VBoxUSBMon Wanarpv6

2012-12-18 18:12:40, Error: Service Control Manager [7001] - The VMware Workstation Server service depends on the VMware USB Arbitration Service service which failed to start because of the following error: The dependency service or group failed to start.

2012-12-18 18:12:40, Error: Service Control Manager [7001] - The VMware USB Arbitration Service service depends on the Windows Management Instrumentation service which failed to start because of the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7001] - The VMware NAT Service service depends on the VMware Network Application Interface service which failed to start because of the following error: The media is write protected.

2012-12-18 18:12:40, Error: Service Control Manager [7001] - The VMware DHCP Service service depends on the VMware Network Application Interface service which failed to start because of the following error: The media is write protected.

2012-12-18 18:12:40, Error: Service Control Manager [7001] - The VMware Authorization Service service depends on the Windows Management Instrumentation service which failed to start because of the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7001] - The IP Helper service depends on the Windows Management Instrumentation service which failed to start because of the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Windows Time service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Windows Image Acquisition (WIA) service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Windows Defender service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Vstor2 MntApi 1.0 Driver (shared) service failed to start due to the following error: The media is write protected.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The VMware Network Application Interface service failed to start due to the following error: The media is write protected.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The TuneUp Utilities Service service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The TeamViewer 7 service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The TCP/IP Registry Compatibility service failed to start due to the following error: The media is write protected.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The SSDP Discovery service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The SQL Server VSS Writer service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The SQL Server (SQLEXPRESS) service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Security Driver service failed to start due to the following error: The media is write protected.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Secure Socket Tunneling Protocol Service service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Secondary Logon service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The RealtekUSB service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Protected Storage service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Program Compatibility Assistant Service service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The PnkBstrB service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The PnkBstrA service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The PEAUTH service failed to start due to the following error: The media is write protected.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Network Location Awareness service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Network Connections service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The NetGroup Packet Filter Driver service failed to start due to the following error: The media is write protected.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The MySQL service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The MBAMScheduler service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:40, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The system cannot find the path specified.

2012-12-18 18:12:36, Error: Service Control Manager [7000] - The LogMeIn Maintenance Service service failed to start due to the following error: The pipe has been ended.

2012-12-18 18:12:35, Error: Service Control Manager [7000] - The LMIGuardianSvc service failed to start due to the following error: The pipe has been ended.

2012-12-18 18:12:34, Error: Service Control Manager [7000] - The Human Interface Device Access service failed to start due to the following error: A system shutdown is in progress.

2012-12-18 18:12:32, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.

2012-12-18 17:02:25, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi avipbb avkmgr cmdGuard discache ElbyCDIO MpFilter RxFilter spldr sptd truecrypt VBoxDrv VBoxUSBMon volmgrx Wanarpv6

.

==== End Of File ===========================

Edited by Maurice Naggar
Link to post
Share on other sites

Hello bobbyjay,

Moderator NOTE: Do NOT use the attach feature when posting your logs. ALWAYS Copy & Paste all contents directly into main-body of reply !!!

One must point out you should have asked for help last Tuesday or even earlier.

Your system has 2 antivirus programs installed: Microsoft Security Essentials + AVIRA. If both are actively monitoring the system, this will lead to deadlocks.

Uninstall one of them !!! Decide which one to keep, and Uninstall the other and when that is done, Logoff and Restart the pc.

Are you getting help elsewhere ? If so, please stop and only get help from 1 forum.

Getting help at more than 1 will lead to conflicts.

Your logs show you have already got HitmanPro

Combofix

Spybot

SUPERAntiSpyware

Has this system ever been without an Antivirus program ?

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


    • Startup Repair
    • System Restore
    • Windows Complete PC Restore
    • Windows Memory Diagnostic Tool
    • Command Prompt i_arrow-l.gif

[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Your logs showed some peer-to-peer filesharing apps: µTorrent.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

Forum policy on peer-to-peer-programs:

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

http://forums.malwarebytes.org/index.php?showtopic=97700

Confirm that all peer-to-peer programs are removed.

Edited by Maurice Naggar
Link to post
Share on other sites

I know, I ask for help Tuesday but I had already tried on an other big forum but they didn't knew how to solve this so I knew you guys were more experts than them and posted here 2 days ago.

I used to have an Avast license that I bought from eBay but the guy send me some weird ass files and I realized it was just a 'cracked' version and uninstalled. (Yes, I know that was dumb... Didn't realize at the time)

Microsoft Essential Security isn't real-time protection, it's set to off and doesn't scan unless I go in the program and click scan.

So to answer your question, I've always had Avira installed and used to have Avast! running also.

I uninstalled uTorrent.

Edited by Maurice Naggar
Link to post
Share on other sites

Sorry, can't edit my post...?!

Also, only SOME programs aren't working such as browsers and some AV like Avira, Search and Destroy (SuperAntiSpyware does work and CCleaner and probably some other softwares...) so I'm guessing this could either be a hardware or virus program but if it was hardware, wouldn't it make all the .exe fail and not just a few?

When starting, by example: Google Chrome, it will go to about 1303 K in memory and stay like this and then close - normally the browsers goes to

Here's a picture of running processes when I boot in normal mode (usually got more than just 8 process when the computer used to run 'normally'): 10 000 - 50 000 K.

Hexdq.jpg

Link to post
Share on other sites

Man, this makes a lot of reply, I'm sorry but I really think there should be an option to edit replies...

I thought I had copied pasted the FRST log in my last reply but I guess it didn't work anyway.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-12-2012

Ran by SYSTEM at 22-12-2012 10:10:37

Running from E:\

Windows 7 Home Premium (X64) OS Language: English(US)

The current controlset is ControlSet003

==================== Registry (Whitelisted) ===================

HKLM-x32\...\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a [433976 2011-12-26] (QFX Software Corporation)

HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [348664 2012-08-10] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3825176 2012-11-13] (Safer-Networking Ltd.)

HKU\Marc\...\Run: [GoogleChromeAutoLaunch_DEC2D89A3B6F06ADCC4F89EA2A899238] "C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window [1242728 2012-11-27] (Google Inc.)

HKU\Marc\...\Policies\system: [DisableCMD] 0

Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]

Tcpip\Parameters: [DhcpNameServer] 24.201.245.77 24.200.0.1 24.53.0.2

AppInit_DLLs: C:\Windows\System32\guard64.dll C:\Windows\System32\guard64.dll

Startup: C:\Users\Administrator\Start Menu\Programs\Startup\Dell Dock.lnk

ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Guest\Start Menu\Programs\Startup\Dell Dock.lnk

ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Services (Whitelisted) ===================

2 AdvancedSystemCareService5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [494424 2011-12-24] (IObit)

2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [86224 2012-05-01] (Avira Operations GmbH & Co. KG)

2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [110032 2012-05-01] (Avira Operations GmbH & Co. KG)

2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [85435 2011-11-19] ()

2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [141466 2011-11-19] ()

3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2428968 2011-07-05] (mobile concepts GmbH)

2 cmdAgent; "C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" [2828408 2012-11-07] (COMODO)

2 CS_AutoUpdate; C:\Program Files\Cucusoft\AutoUpdate\AutoUpdateSrvc.exe [44696 2012-07-17] (Cucusoft, Inc.)

2 Granola PM Manager; "C:\Program Files (x86)\MiserWare\Granola Personal\GranolaManager.exe" [444656 2012-08-31] ()

4 hshld; C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [331608 2012-01-06] ()

3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [77520 2012-01-06] ()

4 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS [329544 2012-01-04] ()

2 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [247608 2010-11-21] ()

2 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe" [375728 2012-10-19] (LogMeIn, Inc.)

2 LMIMaint; "C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe" [147888 2012-10-19] (LogMeIn, Inc.)

2 LogMeIn; "C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe" [407424 2012-08-24] (LogMeIn, Inc.)

2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)

2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)

2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22072 2012-09-12] (Microsoft Corporation)

2 MySQL; C:\xampp\mysql\bin\mysqld.exe --defaults-file=C:\xampp\mysql\bin\my.ini mysql [5751 2012-09-27] ()

3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [368896 2012-09-12] (Microsoft Corporation)

2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-12-08] ()

2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [281520 2012-12-16] ()

2 RealtekUSB; C:\Program Files (x86)\RadioLabs\RadioLabs Wireless USB Utility\RtlService.exe [36864 2007-07-27] (Realtek)

2 SbieSvc; "C:\Program Files\Sandboxie\SbieSvc.exe" [98576 2012-06-17] (SANDBOXIE L.T.D)

2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)

2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)

2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)

2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe" [2072896 2011-10-20] (TuneUp Software)

3 Visual Studio Analyzer RPC bridge; C:\Program Files (x86)\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [34036 1998-06-05] (Microsoft Corporation)

2 VMwareHostd; "C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml" [32681 2012-10-13] ()

2 hippovnc_service; "C:\Users\Marc\Desktop\HippoVNC\WinVNC.exe" -service [x]

3 rpcapd; "C:\Program Files (x86)\WinPcap\rpcapd.exe" -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini" [x]

==================== Drivers (Whitelisted) =====================

0 AiCharger; C:\Windows\System32\Drivers\AiCharger.sys [14592 2010-05-05] (ASUSTek Computer Inc.)

3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-08-02] (LG Electronics Inc.)

3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-08-02] (LG Electronics Inc.)

3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-08-02] (LG Electronics Inc.)

3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [33792 2010-08-02] (LG Electronics Inc.)

3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [31744 2010-08-02] (Google Inc)

2 avgntflt; C:\Windows\System32\Drivers\avgntflt.sys [98848 2012-04-24] (Avira GmbH)

1 avipbb; C:\Windows\System32\Drivers\avipbb.sys [132832 2012-04-27] (Avira GmbH)

1 avkmgr; C:\Windows\System32\Drivers\avkmgr.sys [27760 2012-05-02] (Avira GmbH)

1 cmdGuard; C:\Windows\System32\Drivers\cmdGuard.sys [584056 2012-11-07] (COMODO)

1 cmdHlp; C:\Windows\System32\Drivers\cmdHlp.sys [38144 2012-11-07] (COMODO)

2 CS_BandwidthGuard; C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc.sys [216800 2012-05-23] (Cucusoft, Inc.)

2 CS_BandwidthGuard64; C:\Program Files\Cucusoft\NetGuard\BandwidthGuardSrvc64.sys [285920 2012-05-23] (Cucusoft, Inc.)

2 CS_SysMsgProxy64; C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc64.sys [324832 2012-05-23] (Cucusoft, Inc.)

1 inspect; C:\Windows\System32\Drivers\inspect.sys [94288 2012-11-07] (COMODO)

3 KeyScrambler; C:\Windows\System32\Drivers\KeyScrambler.sys [222904 2011-12-14] (QFX Software Corporation)

2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2012-08-24] (LogMeIn, Inc.)

3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2012-01-11] (ManyCam LLC)

3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [25928 2012-09-29] (Malwarebytes Corporation)

3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-22] (ManyCam LLC)

0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)

3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)

2 NPF; C:\Windows\System32\Drivers\NPF.sys [35344 2010-06-25] (CACE Technologies, Inc.)

1 RxFilter; C:\Windows\SysWow64\Drivers\RxFilter.sys [65520 2009-06-26] (Sonic Solutions)

1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

3 SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [166576 2012-06-17] (SANDBOXIE L.T.D)

0 SMR311; C:\Windows\System32\Drivers\SMR311.sys [95392 2012-12-21] (Symantec Corporation)

4 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-01-22] (Duplex Secure Ltd.)

3 tapoas; C:\Windows\System32\Drivers\tapoas.sys [30720 2011-08-18] (The OpenVPN Project)

1 TsLwWfF; C:\Windows\System32\Drivers\TsLwWfF.sys [26728 2012-03-26] (TamoSoft)

3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-10-20] (TuneUp Software)

3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)

0 vsock; C:\Windows\System32\Drivers\vsock.sys [70256 2012-07-06] (VMware, Inc.)

3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)

3 catchme; \??\C:\ComboFix\catchme.sys [x]

3 CV2K1; C:\Windows\System32\DRIVERS\cv2k1.sys [x]

2 helpsvc; [x]

2 ImapiService; [x]

2 Irmon; [x]

4 LMIRfsClientNP; [x]

2 SessionLauncher; [x]

2 srservice; [x]

2 UPS; [x]

2 WZCSVC; [x]

==================== NetSvcs (Whitelisted) ====================

==================== One Month Created Files and Folders ========

2012-12-22 10:10 - 2012-12-22 10:10 - 00000000 ____D C:\FRST

2012-12-22 09:52 - 2012-12-22 09:52 - 01461039 ____A (Farbar) C:\Users\Marc\Desktop\FRST64.exe

2012-12-22 00:22 - 2012-12-22 00:22 - 01198952 ____A C:\Users\Administrator\Local Settings\GDIPFONTCACHEV1.DAT

2012-12-22 00:22 - 2012-12-22 00:22 - 01198952 ____A C:\Users\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2012-12-22 00:22 - 2012-12-22 00:22 - 01198952 ____A C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2012-12-22 00:22 - 2012-12-22 00:22 - 00000000 ____D C:\Users\Administrator\Local Settings\Stardock_Corporation

2012-12-22 00:22 - 2012-12-22 00:22 - 00000000 ____D C:\Users\Administrator\Local Settings\Application Data\Stardock_Corporation

2012-12-22 00:22 - 2012-12-22 00:22 - 00000000 ____D C:\Users\Administrator\Application Data\Dell

2012-12-22 00:22 - 2012-12-22 00:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Dell

2012-12-22 00:22 - 2012-12-22 00:22 - 00000000 ____D C:\Users\Administrator\AppData\Local\Stardock_Corporation

2012-12-22 00:15 - 2012-12-22 01:10 - 00013206 ____A C:\Windows\WindowsUpdate.log

2012-12-22 00:13 - 2012-12-22 09:41 - 00000112 ____A C:\Windows\setupact.log

2012-12-22 00:13 - 2012-12-22 00:13 - 00000000 ____A C:\Windows\setuperr.log

2012-12-21 23:32 - 2012-12-21 23:32 - 01345722 ____A (Igor Pavlov) C:\Users\Marc\Desktop\HippoVNC.exe

2012-12-21 19:08 - 2012-12-21 19:08 - 00000000 ____D C:\Users\Marc\Application Data\Runscanner.net

2012-12-21 19:08 - 2012-12-21 19:08 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Runscanner.net

2012-12-21 19:07 - 2012-12-21 19:08 - 02248504 ____A (Runscanner.net) C:\Users\Marc\Downloads\runscanner.exe

2012-12-21 18:46 - 2012-12-21 18:46 - 00000786 ____A C:\Users\Marc\Desktop\startup.txt

2012-12-21 18:45 - 2012-12-21 18:45 - 00388608 ____A (Trend Micro Inc.) C:\Users\Marc\Desktop\HiJackThis.exe

2012-12-21 18:45 - 2012-12-21 18:45 - 00016864 ____A C:\Users\Marc\Desktop\hijackthis.log

2012-12-21 18:44 - 2012-12-21 18:44 - 01402880 ____A C:\Users\Marc\Desktop\HiJackThis.msi

2012-12-21 18:38 - 2012-12-21 18:38 - 00095392 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SMR311.SYS

2012-12-21 18:38 - 2012-12-21 18:05 - 00000000 ____D C:\Users\Marc\Local Settings\NPE

2012-12-21 18:38 - 2012-12-21 18:05 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\NPE

2012-12-21 18:38 - 2012-12-21 18:05 - 00000000 ____D C:\Users\Marc\AppData\Local\NPE

2012-12-21 18:33 - 2012-12-21 18:39 - 02827536 ____A C:\Users\Marc\Desktop\Unconfirmed 836704.crdownload

2012-12-21 17:55 - 2012-12-21 17:55 - 00047343 ____A C:\Users\Marc\Desktop\attach.txt

2012-12-21 17:55 - 2012-12-21 17:55 - 00034114 ____A C:\Users\Marc\Desktop\dds.txt

2012-12-21 17:54 - 2012-12-21 17:54 - 00294216 ____A C:\Users\Marc\Desktop\gmer.zip

2012-12-20 20:50 - 2012-12-20 20:50 - 03787704 ____A (Piriform Ltd) C:\Users\Marc\Desktop\dfsetup212.exe

2012-12-20 20:32 - 2012-12-20 20:32 - 00000000 ____D C:\Users\Marc\Local Settings\Rogue Amoeba

2012-12-20 20:32 - 2012-12-20 20:32 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\Rogue Amoeba

2012-12-20 20:32 - 2012-12-20 20:32 - 00000000 ____D C:\Users\Marc\AppData\Local\Rogue Amoeba

2012-12-20 20:24 - 2012-12-20 20:31 - 00000684 ____A C:\Users\Marc\Desktop\Airfoil_Crash.log

2012-12-20 20:22 - 2012-12-20 20:22 - 00000000 ____D C:\Program Files (x86)\Airfoil

2012-12-20 20:21 - 2012-12-20 20:22 - 07674264 ____A C:\Users\Marc\Desktop\AirfoilInstaller.exe

2012-12-20 18:23 - 2012-12-20 18:23 - 00294400 ____A C:\Users\Marc\Desktop\exeHelper.com

2012-12-20 18:22 - 2012-12-20 18:23 - 00002648 ____A C:\Users\Marc\Desktop\Rkill.txt

2012-12-20 18:22 - 2012-12-20 18:22 - 01754528 ____A (Bleeping Computer, LLC) C:\Users\Marc\Desktop\rkill.exe

2012-12-20 17:53 - 2012-12-20 17:53 - 00012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe

2012-12-20 17:53 - 2012-12-20 17:53 - 00010868 ____A C:\Windows\System32\bootdelete.lst

2012-12-20 17:29 - 2012-12-20 17:29 - 00442818 ____A C:\Users\Marc\Desktop\MGlogs.zip

2012-12-20 17:22 - 2012-12-20 17:29 - 00442818 ____A C:\MGlogs.zip

2012-12-20 17:22 - 2012-12-20 17:29 - 00000000 ____D C:\MGtools

2012-12-20 17:22 - 2012-12-20 17:22 - 00000000 ____D C:\Program Files\HitmanPro

2012-12-20 17:17 - 2012-12-20 17:17 - 00002468 ____A C:\Users\Marc\Desktop\RKreport[1]_S_20122012_181758.txt

2012-12-20 17:16 - 2012-12-20 17:17 - 00000000 ____D C:\Users\Marc\Desktop\RK_Quarantine

2012-12-20 17:13 - 2012-12-20 17:54 - 00000000 ____D C:\Users\All Users\HitmanPro

2012-12-20 17:13 - 2012-12-20 17:54 - 00000000 ____D C:\Users\All Users\Application Data\HitmanPro

2012-12-20 17:12 - 2012-12-20 17:12 - 00002264 ____A C:\Users\Marc\Desktop\HitmanPro_20121216_1828.log

2012-12-20 17:11 - 2012-12-20 17:11 - 00011207 ____A C:\Users\Marc\Desktop\MBRCheck_12.20.12_18.11.11.txt

2012-12-20 17:10 - 2012-12-20 17:10 - 00000020 ____A C:\Users\Marc\defogger_reenable

2012-12-20 17:00 - 2012-12-20 17:00 - 00021712 ____A (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS

2012-12-20 17:00 - 2012-12-20 17:00 - 00000000 ____D C:\Users\Marc\Local Settings\eSupport.com

2012-12-20 17:00 - 2012-12-20 17:00 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\eSupport.com

2012-12-20 17:00 - 2012-12-20 17:00 - 00000000 ____D C:\Users\Marc\AppData\Local\eSupport.com

2012-12-20 16:49 - 2012-12-20 16:49 - 00000000 ____D C:\Program Files\Wireshark

2012-12-20 16:48 - 2012-12-20 16:48 - 26641872 ____A (Wireshark development team) C:\Users\Marc\Desktop\Wireshark-win64-1.8.4.exe

2012-12-20 16:16 - 2012-12-20 16:16 - 00046469 ____A C:\ComboFix.txt

2012-12-20 16:03 - 2012-12-20 16:16 - 00000000 ____D C:\ComboFix

2012-12-19 22:04 - 2012-12-20 16:16 - 00000000 ____D C:\Qoobox

2012-12-19 22:04 - 2011-06-26 00:45 - 00256000 ____A C:\Windows\PEV.exe

2012-12-19 22:04 - 2010-11-07 11:20 - 00208896 ____A C:\Windows\MBR.exe

2012-12-19 22:04 - 2009-04-19 22:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe

2012-12-19 22:04 - 2000-08-30 18:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe

2012-12-19 22:04 - 2000-08-30 18:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe

2012-12-19 22:04 - 2000-08-30 18:00 - 00098816 ____A C:\Windows\sed.exe

2012-12-19 22:04 - 2000-08-30 18:00 - 00080412 ____A C:\Windows\grep.exe

2012-12-19 22:04 - 2000-08-30 18:00 - 00068096 ____A C:\Windows\zip.exe

2012-12-19 22:03 - 2012-12-20 15:59 - 05012825 ____R (Swearware) C:\ComboFix.exe

2012-12-19 22:00 - 2012-12-19 22:00 - 00000000 ____D C:\Users\Marc\Desktop\ERDNT ERUNT Registry backup

2012-12-19 21:59 - 2012-12-19 21:59 - 00000000 ____D C:\Program Files (x86)\ERUNT

2012-12-19 21:58 - 2012-12-19 21:59 - 00791393 ____A (Lars Hederer ) C:\Users\Marc\Downloads\erunt-setup.exe

2012-12-18 19:03 - 2012-12-18 19:21 - 00001531 ____A C:\Users\Marc\Desktop\ivan.txt

2012-12-18 17:26 - 2012-12-18 18:09 - 00000000 ____D C:\Users\All Users\Spybot - Search & Destroy

2012-12-18 17:26 - 2012-12-18 18:09 - 00000000 ____D C:\Users\All Users\Application Data\Spybot - Search & Destroy

2012-12-18 17:22 - 2012-12-18 17:22 - 00000632 ____A C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job

2012-12-18 17:22 - 2012-12-18 17:22 - 00000628 ____A C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

2012-12-18 17:22 - 2012-12-18 17:22 - 00000458 ____A C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

2012-12-18 17:22 - 2012-12-18 17:22 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2012-12-18 17:22 - 2009-01-25 11:14 - 00017272 ____A (Safer Networking Limited) C:\Windows\System32\sdnclean64.exe

2012-12-18 17:21 - 2012-12-18 17:22 - 55454464 ____A (Safer-Networking Ltd. ) C:\Users\Marc\Desktop\SpybotSD2.exe

2012-12-18 16:50 - 2012-12-18 16:50 - 00003554 ____A C:\Users\Marc\Desktop\Activate Sound in SafeMode.reg

2012-12-18 16:23 - 2012-12-21 18:38 - 00000000 ____D C:\Users\Marc\Desktop\Tools

2012-12-18 16:23 - 2012-12-18 16:23 - 00856731 ____A C:\Users\Marc\Desktop\SecurityCheck.exe

2012-12-18 16:19 - 2012-12-18 16:19 - 00448512 ____A (OldTimer Tools) C:\Users\Marc\Desktop\TFC.exe

2012-12-18 16:14 - 2012-12-18 16:14 - 22754648 ____A (SUPERAntiSpyware.com) C:\Users\Marc\Desktop\SUPERAntiSpyware.exe

2012-12-17 20:25 - 2012-11-12 16:43 - 02322184 ____A (ESET) C:\Users\Marc\Desktop\esetsmartinstaller_enu.exe

2012-12-16 19:10 - 2012-12-16 22:04 - 00000455 ____A C:\Users\Marc\Desktop\Etude histoire.txt

2012-12-16 18:30 - 2012-12-16 18:30 - 07744114 ____A C:\Users\Marc\Desktop\Son premier téléphone portable.flv

2012-12-16 16:45 - 2012-12-16 16:45 - 00015584 ____A C:\Users\Marc\Desktop\pbgame.htm

2012-12-16 16:45 - 2012-12-16 16:45 - 00000065 ____A C:\Users\Marc\Desktop\pbuser.htm

2012-12-16 16:45 - 2012-09-20 05:43 - 02211840 ____A C:\Users\Marc\Desktop\pbsetup.exe

2012-12-16 14:39 - 2012-12-16 14:39 - 00000000 ____D C:\Users\Marc\Desktop\Check HF PM

2012-12-16 13:30 - 2012-12-16 13:30 - 00000114 ____A C:\Users\Marc\Desktop\Account that noamyaday gave me (ORIGIN).txt

2012-12-15 21:10 - 2012-12-15 21:10 - 00000000 ____D C:\Windows\en

2012-12-14 19:09 - 2012-12-14 19:09 - 00000000 ____D C:\Users\Administrator\Application Data\TuneUp Software

2012-12-14 19:09 - 2012-12-14 19:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TuneUp Software

2012-12-09 20:34 - 2012-12-09 20:34 - 00020033 ____A C:\Users\Marc\Desktop\Upload N sell

2012-12-09 15:28 - 2012-12-09 15:28 - 00015224 ____A C:\Users\Marc\Downloads\UploadNSell Tools.zip

2012-12-09 15:28 - 2012-12-09 15:28 - 00000000 ____D C:\Users\Marc\Desktop\Upload N Sell Exploit

2012-12-08 21:23 - 2012-12-08 21:23 - 00063049 ____A C:\Users\Marc\My Documents\password-export-2012-12-08.xml

2012-12-08 21:23 - 2012-12-08 21:23 - 00063049 ____A C:\Users\Marc\Documents\password-export-2012-12-08.xml

2012-12-08 15:04 - 2012-12-08 15:05 - 00000000 ____D C:\Windows\$regcmp$

2012-12-08 09:19 - 2012-12-08 09:19 - 00000000 ____D C:\Users\Marc\Local Settings\ESN

2012-12-08 09:19 - 2012-12-08 09:19 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\ESN

2012-12-08 09:19 - 2012-12-08 09:19 - 00000000 ____D C:\Users\Marc\AppData\Local\ESN

2012-12-07 22:02 - 2012-12-07 22:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2012-12-07 20:30 - 2012-12-07 20:30 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\AMV_Software

2012-12-07 20:30 - 2012-12-07 20:30 - 00000000 ____D C:\Users\Marc\Local Settings\AMV_Software

2012-12-07 20:30 - 2012-12-07 20:30 - 00000000 ____D C:\Users\Marc\AppData\Local\AMV_Software

2012-12-02 14:33 - 2012-12-02 14:33 - 00000000 ____D C:\Program Files (x86)\NCH Software

2012-12-02 14:32 - 2012-12-02 14:32 - 00000000 ____D C:\Program Files (x86)\NCH Swift Sound

2012-12-01 23:51 - 2012-12-02 00:14 - 00002725 ____A C:\Users\Marc\Desktop\Strogoff.txt

2012-12-01 16:45 - 2012-12-01 16:45 - 00000000 ____D C:\Users\Marc\Desktop\CWM S3 Dbox

2012-12-01 13:41 - 2012-12-01 13:49 - 00000116 ____A C:\Windows\System32\OS X Mountain Lion.vmx

2012-11-30 20:55 - 2012-11-30 20:55 - 00001022 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-686323078-885633931-4158594877-1001Core1cdcf6f587be7f2.job

2012-11-26 19:36 - 2012-11-26 19:36 - 00000000 ____D C:\Users\Marc\Desktop\Facebook like clickjacking

2012-11-25 13:31 - 2012-11-25 13:33 - 00000000 ____D C:\Program Files (x86)\SparkIV

2012-11-25 12:38 - 2012-12-22 09:43 - 00000000 ____D C:\Users\All Users\BitMeterOS

2012-11-25 12:38 - 2012-12-22 09:43 - 00000000 ____D C:\Users\All Users\Application Data\BitMeterOS

2012-11-25 12:38 - 2012-11-25 12:38 - 00000000 ____D C:\Program Files (x86)\Codebox

2012-11-24 23:36 - 2012-11-24 23:36 - 06691804 ____A C:\Users\Marc\Downloads\dSploit-1.0.31b.apk

2012-11-24 23:24 - 2012-11-24 23:24 - 00339849 ____A C:\Users\Marc\Downloads\WiFiKill-1.7.apk

2012-11-24 23:00 - 2012-11-24 23:00 - 01198701 ____A C:\Users\Marc\Downloads\WiFi-Hacker-2.0 - (appzstore.org).apk

2012-11-24 21:03 - 2012-11-24 21:45 - 00000000 ____D C:\Users\Marc\Downloads\FaceNiff Files

2012-11-24 15:58 - 2012-11-24 15:58 - 00316000 ____A (Hyperdesktop) C:\Users\Marc\Downloads\hyperdesktop.exe

2012-11-24 15:31 - 2012-11-24 15:31 - 00000000 ____D C:\Program Files (x86)\Just Great Software

2012-11-24 15:31 - 2011-12-01 14:05 - 00157016 ____A (Just Great Software) C:\Windows\UnDeploy.exe

2012-11-24 15:25 - 2012-11-24 15:25 - 00000000 ____D C:\Users\Marc\Downloads\RegexBuddy v3.5.4

2012-11-24 14:40 - 2012-11-24 14:40 - 00000000 ____D C:\Users\Marc\Local Settings\Daum

2012-11-24 14:40 - 2012-11-24 14:40 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\Daum

2012-11-24 14:40 - 2012-11-24 14:40 - 00000000 ____D C:\Users\Marc\Application Data\PotPlayerMini

2012-11-24 14:40 - 2012-11-24 14:40 - 00000000 ____D C:\Users\Marc\AppData\Roaming\PotPlayerMini

2012-11-24 14:40 - 2012-11-24 14:40 - 00000000 ____D C:\Users\Marc\AppData\Local\Daum

2012-11-24 14:38 - 2012-11-24 14:38 - 00000000 ____D C:\Program Files (x86)\Daum

2012-11-24 13:55 - 2012-11-24 13:55 - 00000000 ____D C:\Users\Marc\Local Settings\Razer

2012-11-24 13:55 - 2012-11-24 13:55 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\Razer

2012-11-24 13:55 - 2012-11-24 13:55 - 00000000 ____D C:\Users\Marc\AppData\Local\Razer

2012-11-24 13:55 - 2012-11-24 13:55 - 00000000 ____D C:\Users\All Users\Razer

2012-11-24 13:55 - 2012-11-24 13:55 - 00000000 ____D C:\Users\All Users\Application Data\Razer

2012-11-24 13:55 - 2012-11-24 13:55 - 00000000 ____D C:\Program Files (x86)\Razer

2012-11-24 13:49 - 2012-11-24 14:05 - 00000000 ____D C:\Users\Marc\Downloads\Cops.S24E12.[x264].720p-SPASTiKUS-

2012-11-24 13:22 - 2012-11-24 13:24 - 00000000 ____D C:\Users\Marc\Downloads\Cops Season 23 HDTV

2012-11-23 22:43 - 2012-12-18 04:16 - 00000000 ____D C:\Program Files (x86)\Deals Plugin

2012-11-23 22:43 - 2012-11-23 22:43 - 00000167 ____A C:\Windows\SysWOW64\BSSUConfig.ini

2012-11-23 22:43 - 2012-11-23 22:43 - 00000000 ____D C:\Users\Marc\Local Settings\Deals Plugin

2012-11-23 22:43 - 2012-11-23 22:43 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\Deals Plugin

2012-11-23 22:43 - 2012-11-23 22:43 - 00000000 ____D C:\Users\Marc\AppData\Local\Deals Plugin

2012-11-23 22:43 - 2012-11-23 22:43 - 00000000 ____D C:\Users\All Users\BSSmartUpdate

2012-11-23 22:43 - 2012-11-23 22:43 - 00000000 ____D C:\Users\All Users\Application Data\BSSmartUpdate

2012-11-23 22:43 - 2012-11-23 22:43 - 00000000 ____D C:\BSSmartUpdate

2012-11-23 17:27 - 2012-11-23 17:27 - 00000000 ____D C:\Users\Marc\Local Settings\New Technology Studio

2012-11-23 17:27 - 2012-11-23 17:27 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\New Technology Studio

2012-11-23 17:27 - 2012-11-23 17:27 - 00000000 ____D C:\Users\Marc\AppData\Local\New Technology Studio

2012-11-23 13:05 - 2012-11-23 13:05 - 00000000 ____D C:\Users\Marc\My Documents\Cucusoft

2012-11-23 13:05 - 2012-11-23 13:05 - 00000000 ____D C:\Users\Marc\Documents\Cucusoft

2012-11-23 12:49 - 2012-11-23 13:05 - 00000000 ____D C:\Users\Marc\Application Data\NetGuard

2012-11-23 12:49 - 2012-11-23 13:05 - 00000000 ____D C:\Users\Marc\AppData\Roaming\NetGuard

2012-11-23 12:49 - 2012-11-23 12:49 - 00000000 ____D C:\Users\All Users\Cucusoft

2012-11-23 12:49 - 2012-11-23 12:49 - 00000000 ____D C:\Users\All Users\Application Data\Cucusoft

2012-11-23 12:49 - 2012-11-23 12:49 - 00000000 ____D C:\Program Files\Cucusoft

2012-11-23 00:23 - 2012-11-23 00:23 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2012

2012-11-23 00:23 - 2011-10-20 14:05 - 00034624 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe

2012-11-23 00:23 - 2011-10-20 14:04 - 00025920 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll

2012-11-23 00:23 - 2011-10-20 14:04 - 00021312 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll

2012-11-23 00:22 - 2012-11-23 00:22 - 00000000 __SHD C:\Users\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2012-11-23 00:22 - 2012-11-23 00:22 - 00000000 __SHD C:\Users\All Users\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2012-11-23 00:13 - 2012-11-23 00:13 - 00000000 ____D C:\Users\Marc\Application Data\CleanMyPC Software

2012-11-23 00:13 - 2012-11-23 00:13 - 00000000 ____D C:\Users\Marc\AppData\Roaming\CleanMyPC Software

2012-11-23 00:13 - 2012-11-23 00:13 - 00000000 ____D C:\Program Files (x86)\CleanMyPC

2012-11-22 23:55 - 2012-11-22 23:55 - 00000000 ____D C:\Users\Marc\Downloads\TuneUp.Utilities.2012.v12.0.2030.10.Incl.Keygen-Lz0

2012-11-22 23:29 - 2012-11-22 23:39 - 00000000 ____D C:\Users\Marc\Downloads\DRPSu12.3-Final

2012-11-22 23:27 - 2012-11-22 23:30 - 00000000 ____D C:\Users\Marc\Downloads\Avast! Antivirus Pro & Internet Security v7.0.1473 Final Incl License ,Patch,Crack @ Only By THE RAIN {HKRG}

2012-11-22 23:23 - 2012-12-20 17:53 - 00000000 ____D C:\Users\Marc\Downloads\CleanMyPC.Registry.Cleaner.v4.41.Incl.Keygen.X64-Lz0

2012-11-22 17:28 - 2012-11-22 17:28 - 00000000 ____D C:\Users\Marc\Downloads\chipset-win8

2012-11-22 17:28 - 2012-07-27 20:11 - 00090112 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\AtihdW76.sys

2012-11-22 17:14 - 2012-11-22 17:14 - 00000000 ____D C:\Users\Marc\Application Data\driveridentifier

2012-11-22 17:14 - 2012-11-22 17:14 - 00000000 ____D C:\Users\Marc\AppData\Roaming\driveridentifier

2012-11-22 17:14 - 2012-11-22 17:14 - 00000000 ____D C:\Program Files (x86)\Driver Identifier

2012-11-22 00:24 - 2012-11-22 13:47 - 00000000 ____D C:\Program Files (x86)\CustoPackTools

==================== One Month Modified Files and Folders =======

2012-12-22 10:10 - 2012-12-22 10:10 - 00000000 ____D C:\FRST

2012-12-22 09:55 - 2011-01-21 23:02 - 00000000 ____D C:\Users\Marc\Application Data\uTorrent

2012-12-22 09:55 - 2011-01-21 23:02 - 00000000 ____D C:\Users\Marc\AppData\Roaming\uTorrent

2012-12-22 09:53 - 2009-07-13 23:13 - 00891522 ____A C:\Windows\System32\PerfStringBackup.INI

2012-12-22 09:52 - 2012-12-22 09:52 - 01461039 ____A (Farbar) C:\Users\Marc\Desktop\FRST64.exe

2012-12-22 09:43 - 2012-11-25 12:38 - 00000000 ____D C:\Users\All Users\BitMeterOS

2012-12-22 09:43 - 2012-11-25 12:38 - 00000000 ____D C:\Users\All Users\Application Data\BitMeterOS

2012-12-22 09:41 - 2012-12-22 00:13 - 00000112 ____A C:\Windows\setupact.log

2012-12-22 09:41 - 2009-07-13 23:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2012-12-22 01:10 - 2012-12-22 00:15 - 00013206 ____A C:\Windows\WindowsUpdate.log

2012-12-22 00:51 - 2011-01-19 17:51 - 00001064 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2012-12-22 00:34 - 2012-06-26 09:16 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2012-12-22 00:26 - 2009-07-13 22:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2012-12-22 00:26 - 2009-07-13 22:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2012-12-22 00:22 - 2012-12-22 00:22 - 01198952 ____A C:\Users\Administrator\Local Settings\GDIPFONTCACHEV1.DAT

2012-12-22 00:22 - 2012-12-22 00:22 - 01198952 ____A C:\Users\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2012-12-22 00:22 - 2012-12-22 00:22 - 01198952 ____A C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2012-12-22 00:22 - 2012-12-22 00:22 - 00000000 ____D C:\Users\Administrator\Local Settings\Stardock_Corporation

2012-12-22 00:22 - 2012-12-22 00:22 - 00000000 ____D C:\Users\Administrator\Local Settings\Application Data\Stardock_Corporation

2012-12-22 00:22 - 2012-12-22 00:22 - 00000000 ____D C:\Users\Administrator\Application Data\Dell

2012-12-22 00:22 - 2012-12-22 00:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Dell

2012-12-22 00:22 - 2012-12-22 00:22 - 00000000 ____D C:\Users\Administrator\AppData\Local\Stardock_Corporation

2012-12-22 00:19 - 2012-02-18 08:47 - 01198952 ____A C:\Users\Guest\Local Settings\GDIPFONTCACHEV1.DAT

2012-12-22 00:19 - 2012-02-18 08:47 - 01198952 ____A C:\Users\Guest\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2012-12-22 00:19 - 2012-02-18 08:47 - 01198952 ____A C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT

2012-12-22 00:14 - 2012-11-10 13:39 - 00000000 ____D C:\Users\All Users\LogMeIn

2012-12-22 00:14 - 2012-11-10 13:39 - 00000000 ____D C:\Users\All Users\Application Data\LogMeIn

2012-12-22 00:13 - 2012-12-22 00:13 - 00000000 ____A C:\Windows\setuperr.log

2012-12-22 00:12 - 2010-10-22 15:32 - 00000000 ____D C:\Users\Marc\Application Data\Notepad++

2012-12-22 00:12 - 2010-10-22 15:32 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Notepad++

2012-12-21 23:33 - 2012-08-21 15:03 - 00000000 ____D C:\Users\Marc\Downloads\Postal III-English

2012-12-21 23:32 - 2012-12-21 23:32 - 01345722 ____A (Igor Pavlov) C:\Users\Marc\Desktop\HippoVNC.exe

2012-12-21 22:59 - 2012-02-12 00:41 - 00000000 ____D C:\Program Files (x86)\Supertintin for Skype

2012-12-21 20:29 - 2011-12-25 16:34 - 00000000 ____D C:\Users\Marc\Application Data\IDM

2012-12-21 20:29 - 2011-12-25 16:34 - 00000000 ____D C:\Users\Marc\AppData\Roaming\IDM

2012-12-21 19:08 - 2012-12-21 19:08 - 00000000 ____D C:\Users\Marc\Application Data\Runscanner.net

2012-12-21 19:08 - 2012-12-21 19:08 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Runscanner.net

2012-12-21 19:08 - 2012-12-21 19:07 - 02248504 ____A (Runscanner.net) C:\Users\Marc\Downloads\runscanner.exe

2012-12-21 18:53 - 2011-02-25 18:22 - 00002590 ____A C:\Windows\Sandboxie.ini

2012-12-21 18:46 - 2012-12-21 18:46 - 00000786 ____A C:\Users\Marc\Desktop\startup.txt

2012-12-21 18:45 - 2012-12-21 18:45 - 00388608 ____A (Trend Micro Inc.) C:\Users\Marc\Desktop\HiJackThis.exe

2012-12-21 18:45 - 2012-12-21 18:45 - 00016864 ____A C:\Users\Marc\Desktop\hijackthis.log

2012-12-21 18:44 - 2012-12-21 18:44 - 01402880 ____A C:\Users\Marc\Desktop\HiJackThis.msi

2012-12-21 18:39 - 2012-12-21 18:33 - 02827536 ____A C:\Users\Marc\Desktop\Unconfirmed 836704.crdownload

2012-12-21 18:38 - 2012-12-21 18:38 - 00095392 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SMR311.SYS

2012-12-21 18:38 - 2012-12-18 16:23 - 00000000 ____D C:\Users\Marc\Desktop\Tools

2012-12-21 18:38 - 2011-10-12 15:37 - 00000000 ____D C:\Users\All Users\Norton

2012-12-21 18:38 - 2011-10-12 15:37 - 00000000 ____D C:\Users\All Users\Application Data\Norton

2012-12-21 18:05 - 2012-12-21 18:38 - 00000000 ____D C:\Users\Marc\Local Settings\NPE

2012-12-21 18:05 - 2012-12-21 18:38 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\NPE

2012-12-21 18:05 - 2012-12-21 18:38 - 00000000 ____D C:\Users\Marc\AppData\Local\NPE

2012-12-21 17:56 - 2011-02-28 16:28 - 00000000 ____D C:\Users\Marc\Application Data\DMCache

2012-12-21 17:56 - 2011-02-28 16:28 - 00000000 ____D C:\Users\Marc\AppData\Roaming\DMCache

2012-12-21 17:55 - 2012-12-21 17:55 - 00047343 ____A C:\Users\Marc\Desktop\attach.txt

2012-12-21 17:55 - 2012-12-21 17:55 - 00034114 ____A C:\Users\Marc\Desktop\dds.txt

2012-12-21 17:54 - 2012-12-21 17:54 - 00294216 ____A C:\Users\Marc\Desktop\gmer.zip

2012-12-21 17:54 - 2011-12-25 16:34 - 00000000 ____D C:\Users\Marc\Downloads\Compressed

2012-12-21 17:07 - 2011-11-10 19:56 - 00000000 ____D C:\Program Files (x86)\Ad Muncher

2012-12-21 17:07 - 2011-08-15 20:53 - 00000000 ____D C:\Program Files\Defraggler

2012-12-21 17:03 - 2012-02-03 19:30 - 00000000 ____D C:\Users\All Users\AVAST Software

2012-12-21 17:03 - 2012-02-03 19:30 - 00000000 ____D C:\Users\All Users\Application Data\AVAST Software

2012-12-21 17:03 - 2011-12-28 17:15 - 00000000 ____D C:\Users\Marc\Local Settings\Conduit

2012-12-21 17:03 - 2011-12-28 17:15 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\Conduit

2012-12-21 17:03 - 2011-12-28 17:15 - 00000000 ____D C:\Users\Marc\AppData\Local\Conduit

2012-12-20 20:50 - 2012-12-20 20:50 - 03787704 ____A (Piriform Ltd) C:\Users\Marc\Desktop\dfsetup212.exe

2012-12-20 20:33 - 2011-01-27 21:24 - 00000000 ____D C:\Users\Marc\My Documents\Visual Studio 2010

2012-12-20 20:33 - 2011-01-27 21:24 - 00000000 ____D C:\Users\Marc\Documents\Visual Studio 2010

2012-12-20 20:32 - 2012-12-20 20:32 - 00000000 ____D C:\Users\Marc\Local Settings\Rogue Amoeba

2012-12-20 20:32 - 2012-12-20 20:32 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\Rogue Amoeba

2012-12-20 20:32 - 2012-12-20 20:32 - 00000000 ____D C:\Users\Marc\AppData\Local\Rogue Amoeba

2012-12-20 20:31 - 2012-12-20 20:24 - 00000684 ____A C:\Users\Marc\Desktop\Airfoil_Crash.log

2012-12-20 20:22 - 2012-12-20 20:22 - 00000000 ____D C:\Program Files (x86)\Airfoil

2012-12-20 20:22 - 2012-12-20 20:21 - 07674264 ____A C:\Users\Marc\Desktop\AirfoilInstaller.exe

2012-12-20 20:13 - 2012-04-06 15:00 - 00000000 ____D C:\Users\Marc\Downloads\iPhone Backup Extractor 2.5.6.0 Incl Keygen [vokeon]

2012-12-20 18:23 - 2012-12-20 18:23 - 00294400 ____A C:\Users\Marc\Desktop\exeHelper.com

2012-12-20 18:23 - 2012-12-20 18:22 - 00002648 ____A C:\Users\Marc\Desktop\Rkill.txt

2012-12-20 18:22 - 2012-12-20 18:22 - 01754528 ____A (Bleeping Computer, LLC) C:\Users\Marc\Desktop\rkill.exe

2012-12-20 17:54 - 2012-12-20 17:13 - 00000000 ____D C:\Users\All Users\HitmanPro

2012-12-20 17:54 - 2012-12-20 17:13 - 00000000 ____D C:\Users\All Users\Application Data\HitmanPro

2012-12-20 17:53 - 2012-12-20 17:53 - 00012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe

2012-12-20 17:53 - 2012-12-20 17:53 - 00010868 ____A C:\Windows\System32\bootdelete.lst

2012-12-20 17:53 - 2012-11-22 23:23 - 00000000 ____D C:\Users\Marc\Downloads\CleanMyPC.Registry.Cleaner.v4.41.Incl.Keygen.X64-Lz0

2012-12-20 17:53 - 2011-10-13 20:02 - 00000000 ____D C:\Users\Marc\Desktop\Client

2012-12-20 17:53 - 2011-02-28 08:54 - 00000000 ____D C:\Users\Marc\Desktop\My Folder - Visual Basic

2012-12-20 17:33 - 2011-01-16 10:14 - 00000000 ____D C:\Users\Marc\Application Data\Skype

2012-12-20 17:33 - 2011-01-16 10:14 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Skype

2012-12-20 17:29 - 2012-12-20 17:29 - 00442818 ____A C:\Users\Marc\Desktop\MGlogs.zip

2012-12-20 17:29 - 2012-12-20 17:22 - 00442818 ____A C:\MGlogs.zip

2012-12-20 17:29 - 2012-12-20 17:22 - 00000000 ____D C:\MGtools

2012-12-20 17:22 - 2012-12-20 17:22 - 00000000 ____D C:\Program Files\HitmanPro

2012-12-20 17:17 - 2012-12-20 17:17 - 00002468 ____A C:\Users\Marc\Desktop\RKreport[1]_S_20122012_181758.txt

2012-12-20 17:17 - 2012-12-20 17:16 - 00000000 ____D C:\Users\Marc\Desktop\RK_Quarantine

2012-12-20 17:12 - 2012-12-20 17:12 - 00002264 ____A C:\Users\Marc\Desktop\HitmanPro_20121216_1828.log

2012-12-20 17:11 - 2012-12-20 17:11 - 00011207 ____A C:\Users\Marc\Desktop\MBRCheck_12.20.12_18.11.11.txt

2012-12-20 17:10 - 2012-12-20 17:10 - 00000020 ____A C:\Users\Marc\defogger_reenable

2012-12-20 17:10 - 2010-10-06 17:02 - 00000000 ____D C:\users\Marc

2012-12-20 17:06 - 2012-08-22 23:26 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro

2012-12-20 17:00 - 2012-12-20 17:00 - 00021712 ____A (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS

2012-12-20 17:00 - 2012-12-20 17:00 - 00000000 ____D C:\Users\Marc\Local Settings\eSupport.com

2012-12-20 17:00 - 2012-12-20 17:00 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\eSupport.com

2012-12-20 17:00 - 2012-12-20 17:00 - 00000000 ____D C:\Users\Marc\AppData\Local\eSupport.com

2012-12-20 16:49 - 2012-12-20 16:49 - 00000000 ____D C:\Program Files\Wireshark

2012-12-20 16:48 - 2012-12-20 16:48 - 26641872 ____A (Wireshark development team) C:\Users\Marc\Desktop\Wireshark-win64-1.8.4.exe

2012-12-20 16:31 - 2011-03-14 14:37 - 00000000 ____D C:\Users\Marc\AppData\Local\Apps\2.0

2012-12-20 16:16 - 2012-12-20 16:16 - 00046469 ____A C:\ComboFix.txt

2012-12-20 16:16 - 2012-12-20 16:03 - 00000000 ____D C:\ComboFix

2012-12-20 16:16 - 2012-12-19 22:04 - 00000000 ____D C:\Qoobox

2012-12-20 16:13 - 2009-07-13 20:34 - 00000000 ____A C:\Windows\system.ini

2012-12-20 15:59 - 2012-12-19 22:03 - 05012825 ____R (Swearware) C:\ComboFix.exe

2012-12-19 22:00 - 2012-12-19 22:00 - 00000000 ____D C:\Users\Marc\Desktop\ERDNT ERUNT Registry backup

2012-12-19 21:59 - 2012-12-19 21:59 - 00000000 ____D C:\Program Files (x86)\ERUNT

2012-12-19 21:59 - 2012-12-19 21:58 - 00791393 ____A (Lars Hederer ) C:\Users\Marc\Downloads\erunt-setup.exe

2012-12-19 21:56 - 2012-11-18 16:25 - 00000000 ____D C:\Users\Marc\Application Data\Abine

2012-12-19 21:56 - 2012-11-18 16:25 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Abine

2012-12-18 19:21 - 2012-12-18 19:03 - 00001531 ____A C:\Users\Marc\Desktop\ivan.txt

2012-12-18 18:09 - 2012-12-18 17:26 - 00000000 ____D C:\Users\All Users\Spybot - Search & Destroy

2012-12-18 18:09 - 2012-12-18 17:26 - 00000000 ____D C:\Users\All Users\Application Data\Spybot - Search & Destroy

2012-12-18 17:23 - 2010-10-24 18:25 - 00000000 ____D C:\Program Files (x86)\Steam

2012-12-18 17:22 - 2012-12-18 17:22 - 00000632 ____A C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job

2012-12-18 17:22 - 2012-12-18 17:22 - 00000628 ____A C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

2012-12-18 17:22 - 2012-12-18 17:22 - 00000458 ____A C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

2012-12-18 17:22 - 2012-12-18 17:22 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2012-12-18 17:22 - 2012-12-18 17:21 - 55454464 ____A (Safer-Networking Ltd. ) C:\Users\Marc\Desktop\SpybotSD2.exe

2012-12-18 16:50 - 2012-12-18 16:50 - 00003554 ____A C:\Users\Marc\Desktop\Activate Sound in SafeMode.reg

2012-12-18 16:23 - 2012-12-18 16:23 - 00856731 ____A C:\Users\Marc\Desktop\SecurityCheck.exe

2012-12-18 16:19 - 2012-12-18 16:19 - 00448512 ____A (OldTimer Tools) C:\Users\Marc\Desktop\TFC.exe

2012-12-18 16:14 - 2012-12-18 16:14 - 22754648 ____A (SUPERAntiSpyware.com) C:\Users\Marc\Desktop\SUPERAntiSpyware.exe

2012-12-18 16:14 - 2011-04-13 17:59 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2012-12-18 04:16 - 2012-11-23 22:43 - 00000000 ____D C:\Program Files (x86)\Deals Plugin

2012-12-18 01:38 - 2012-11-12 20:42 - 00002120 ____A C:\scu.dat

2012-12-17 22:03 - 2012-08-05 00:06 - 00000000 ____D C:\users\Administrator

2012-12-17 22:03 - 2012-02-18 08:46 - 00000000 ____D C:\users\Guest

2012-12-17 22:03 - 2011-11-20 16:20 - 00000000 ____D C:\Users\Marc\Application Data\vlc

2012-12-17 22:03 - 2011-11-20 16:20 - 00000000 ____D C:\Users\Marc\AppData\Roaming\vlc

2012-12-17 22:03 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration

2012-12-16 22:04 - 2012-12-16 19:10 - 00000455 ____A C:\Users\Marc\Desktop\Etude histoire.txt

2012-12-16 18:30 - 2012-12-16 18:30 - 07744114 ____A C:\Users\Marc\Desktop\Son premier téléphone portable.flv

2012-12-16 17:37 - 2011-07-05 23:55 - 00281520 ____A C:\Windows\SysWOW64\PnkBstrB.xtr

2012-12-16 17:37 - 2011-07-05 23:15 - 00281520 ____A C:\Windows\SysWOW64\PnkBstrB.exe

2012-12-16 17:36 - 2011-07-05 23:15 - 00281520 ____A C:\Windows\SysWOW64\PnkBstrB.ex0

2012-12-16 16:56 - 2011-04-03 09:00 - 00000000 ____D C:\Users\All Users\VMware

2012-12-16 16:56 - 2011-04-03 09:00 - 00000000 ____D C:\Users\All Users\Application Data\VMware

2012-12-16 16:48 - 2011-07-05 23:15 - 00281520 ____A C:\Windows\SysWOW64\PnkBstrB.ex1

2012-12-16 16:45 - 2012-12-16 16:45 - 00015584 ____A C:\Users\Marc\Desktop\pbgame.htm

2012-12-16 16:45 - 2012-12-16 16:45 - 00000065 ____A C:\Users\Marc\Desktop\pbuser.htm

2012-12-16 16:19 - 2011-09-29 14:46 - 00000000 ____D C:\Users\All Users\Origin

2012-12-16 16:19 - 2011-09-29 14:46 - 00000000 ____D C:\Users\All Users\Application Data\Origin

2012-12-16 16:03 - 2011-09-29 14:46 - 00000000 ____D C:\Users\Marc\Application Data\Origin

2012-12-16 16:03 - 2011-09-29 14:46 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Origin

2012-12-16 15:15 - 2010-11-23 20:51 - 00000000 ____D C:\Users\Marc\My Documents\Visual Studio 2008

2012-12-16 15:15 - 2010-11-23 20:51 - 00000000 ____D C:\Users\Marc\Documents\Visual Studio 2008

2012-12-16 15:06 - 2011-02-05 15:58 - 00000000 ____D C:\Users\Marc\Application Data\ICQ

2012-12-16 15:06 - 2011-02-05 15:58 - 00000000 ____D C:\Users\Marc\AppData\Roaming\ICQ

2012-12-16 14:39 - 2012-12-16 14:39 - 00000000 ____D C:\Users\Marc\Desktop\Check HF PM

2012-12-16 13:30 - 2012-12-16 13:30 - 00000114 ____A C:\Users\Marc\Desktop\Account that noamyaday gave me (ORIGIN).txt

2012-12-16 13:13 - 2010-10-23 17:15 - 00000000 ____D C:\Users\Marc\Local Settings\Windows Live

2012-12-16 13:13 - 2010-10-23 17:15 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\Windows Live

2012-12-16 13:13 - 2010-10-23 17:15 - 00000000 ____D C:\Users\Marc\AppData\Local\Windows Live

2012-12-16 12:37 - 2012-06-26 09:16 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2012-12-16 12:37 - 2011-07-06 21:25 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2012-12-15 21:10 - 2012-12-15 21:10 - 00000000 ____D C:\Windows\en

2012-12-15 21:10 - 2010-09-28 10:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2012-12-15 21:09 - 2012-01-01 21:03 - 00000000 ____D C:\Program Files (x86)\Windows Live

2012-12-15 21:08 - 2009-07-13 21:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2012-12-15 18:47 - 2012-01-05 12:43 - 00000000 ____D C:\Users\Marc\Desktop\Important or funny Photos

2012-12-15 18:47 - 2011-01-22 16:26 - 00000000 ____D C:\Users\Marc\Desktop\GTA SA and other mods

2012-12-15 18:46 - 2011-04-28 19:15 - 00000000 ____D C:\Users\Marc\Desktop\Picture

2012-12-15 18:44 - 2011-01-29 12:42 - 00000000 ____D C:\Users\Marc\Desktop\eBook

2012-12-14 19:09 - 2012-12-14 19:09 - 00000000 ____D C:\Users\Administrator\Application Data\TuneUp Software

2012-12-14 19:09 - 2012-12-14 19:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\TuneUp Software

2012-12-10 15:31 - 2012-05-26 10:16 - 07533008 ____A C:\Windows\System32\FNTCACHE.DAT

2012-12-09 20:34 - 2012-12-09 20:34 - 00020033 ____A C:\Users\Marc\Desktop\Upload N sell

2012-12-09 20:06 - 2012-05-26 10:45 - 01198952 ____A C:\Users\Marc\Local Settings\GDIPFONTCACHEV1.DAT

2012-12-09 20:06 - 2012-05-26 10:45 - 01198952 ____A C:\Users\Marc\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2012-12-09 20:06 - 2012-05-26 10:45 - 01198952 ____A C:\Users\Marc\AppData\Local\GDIPFONTCACHEV1.DAT

2012-12-09 15:28 - 2012-12-09 15:28 - 00015224 ____A C:\Users\Marc\Downloads\UploadNSell Tools.zip

2012-12-09 15:28 - 2012-12-09 15:28 - 00000000 ____D C:\Users\Marc\Desktop\Upload N Sell Exploit

2012-12-08 21:23 - 2012-12-08 21:23 - 00063049 ____A C:\Users\Marc\My Documents\password-export-2012-12-08.xml

2012-12-08 21:23 - 2012-12-08 21:23 - 00063049 ____A C:\Users\Marc\Documents\password-export-2012-12-08.xml

2012-12-08 21:03 - 2011-02-27 18:55 - 00000000 ____D C:\Users\Marc\Desktop\Photoshop - Photography - Video editing stuff

2012-12-08 18:34 - 2012-10-13 22:03 - 00000000 ____D C:\Users\Marc\Local Settings\VMware

2012-12-08 18:34 - 2012-10-13 22:03 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\VMware

2012-12-08 18:34 - 2012-10-13 22:03 - 00000000 ____D C:\Users\Marc\AppData\Local\VMware

2012-12-08 18:34 - 2011-04-03 09:17 - 00000000 ____D C:\Users\Marc\Application Data\VMware

2012-12-08 18:34 - 2011-04-03 09:17 - 00000000 ____D C:\Users\Marc\AppData\Roaming\VMware

2012-12-08 15:09 - 2011-10-01 10:31 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins

2012-12-08 15:05 - 2012-12-08 15:04 - 00000000 ____D C:\Windows\$regcmp$

2012-12-08 14:38 - 2011-10-13 18:27 - 00000000 ____D C:\Users\Marc\Local Settings\CrashDumps

2012-12-08 14:38 - 2011-10-13 18:27 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\CrashDumps

2012-12-08 14:38 - 2011-10-13 18:27 - 00000000 ____D C:\Users\Marc\AppData\Local\CrashDumps

2012-12-08 12:15 - 2011-07-05 23:15 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe

2012-12-08 10:36 - 2012-08-05 14:12 - 00000000 ____D C:\Users\Marc\Desktop\Steam

2012-12-08 09:47 - 2011-09-29 14:46 - 00000000 ____D C:\Program Files (x86)\Origin Games

2012-12-08 09:19 - 2012-12-08 09:19 - 00000000 ____D C:\Users\Marc\Local Settings\ESN

2012-12-08 09:19 - 2012-12-08 09:19 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\ESN

2012-12-08 09:19 - 2012-12-08 09:19 - 00000000 ____D C:\Users\Marc\AppData\Local\ESN

2012-12-08 09:05 - 2012-05-19 16:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2012-12-07 23:48 - 2011-09-29 14:46 - 00000000 ____D C:\Program Files (x86)\Origin

2012-12-07 22:02 - 2012-12-07 22:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2012-12-07 20:30 - 2012-12-07 20:30 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\AMV_Software

2012-12-07 20:30 - 2012-12-07 20:30 - 00000000 ____D C:\Users\Marc\Local Settings\AMV_Software

2012-12-07 20:30 - 2012-12-07 20:30 - 00000000 ____D C:\Users\Marc\AppData\Local\AMV_Software

2012-12-07 20:28 - 2012-01-29 12:28 - 00000000 ____D C:\VulcanQuarantine

2012-12-02 14:33 - 2012-12-02 14:33 - 00000000 ____D C:\Program Files (x86)\NCH Software

2012-12-02 14:32 - 2012-12-02 14:32 - 00000000 ____D C:\Program Files (x86)\NCH Swift Sound

2012-12-02 12:59 - 2011-01-16 10:14 - 00000000 ____D C:\Users\All Users\Skype

2012-12-02 12:59 - 2011-01-16 10:14 - 00000000 ____D C:\Users\All Users\Application Data\Skype

2012-12-02 01:06 - 2012-02-17 18:57 - 00000600 ____A C:\Users\Marc\Application Data\winscp.rnd

2012-12-02 01:06 - 2012-02-17 18:57 - 00000600 ____A C:\Users\Marc\AppData\Roaming\winscp.rnd

2012-12-02 00:14 - 2012-12-01 23:51 - 00002725 ____A C:\Users\Marc\Desktop\Strogoff.txt

2012-12-01 18:51 - 2011-02-05 19:14 - 00000000 ____D C:\Users\Marc\Local Settings\Paint.NET

2012-12-01 18:51 - 2011-02-05 19:14 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\Paint.NET

2012-12-01 18:51 - 2011-02-05 19:14 - 00000000 ____D C:\Users\Marc\AppData\Local\Paint.NET

2012-12-01 16:45 - 2012-12-01 16:45 - 00000000 ____D C:\Users\Marc\Desktop\CWM S3 Dbox

2012-12-01 13:49 - 2012-12-01 13:41 - 00000116 ____A C:\Windows\System32\OS X Mountain Lion.vmx

2012-11-30 20:55 - 2012-11-30 20:55 - 00001022 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-686323078-885633931-4158594877-1001Core1cdcf6f587be7f2.job

2012-11-26 19:36 - 2012-11-26 19:36 - 00000000 ____D C:\Users\Marc\Desktop\Facebook like clickjacking

2012-11-25 20:26 - 2011-02-05 11:17 - 00000000 ____D C:\Program Files (x86)\Fiddler2

2012-11-25 20:23 - 2012-04-07 18:12 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\_

2012-11-25 20:23 - 2012-04-07 18:12 - 00000000 ____D C:\Users\Marc\Local Settings\_

2012-11-25 20:23 - 2012-04-07 18:12 - 00000000 ____D C:\Users\Marc\AppData\Local\_

2012-11-25 15:01 - 2010-09-28 10:18 - 00000000 ____D C:\Users\All Users\Application Data\Adobe

2012-11-25 15:01 - 2010-09-28 10:18 - 00000000 ____D C:\Users\All Users\Adobe

2012-11-25 13:33 - 2012-11-25 13:31 - 00000000 ____D C:\Program Files (x86)\SparkIV

2012-11-25 12:38 - 2012-11-25 12:38 - 00000000 ____D C:\Program Files (x86)\Codebox

2012-11-24 23:36 - 2012-11-24 23:36 - 06691804 ____A C:\Users\Marc\Downloads\dSploit-1.0.31b.apk

2012-11-24 23:24 - 2012-11-24 23:24 - 00339849 ____A C:\Users\Marc\Downloads\WiFiKill-1.7.apk

2012-11-24 23:00 - 2012-11-24 23:00 - 01198701 ____A C:\Users\Marc\Downloads\WiFi-Hacker-2.0 - (appzstore.org).apk

2012-11-24 21:45 - 2012-11-24 21:03 - 00000000 ____D C:\Users\Marc\Downloads\FaceNiff Files

2012-11-24 19:39 - 2011-05-28 09:28 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab

2012-11-24 19:38 - 2011-02-17 22:36 - 00000000 ____D C:\Users\Marc\Application Data\SystemRequirementsLab

2012-11-24 19:38 - 2011-02-17 22:36 - 00000000 ____D C:\Users\Marc\AppData\Roaming\SystemRequirementsLab

2012-11-24 17:41 - 2011-02-10 18:06 - 00000000 ____D C:\Users\Marc\Local Settings\Thunderbird

2012-11-24 17:41 - 2011-02-10 18:06 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\Thunderbird

2012-11-24 17:41 - 2011-02-10 18:06 - 00000000 ____D C:\Users\Marc\AppData\Local\Thunderbird

2012-11-24 17:41 - 2011-02-10 18:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

2012-11-24 16:27 - 2010-10-17 19:06 - 00000000 ____D C:\Users\All Users\Microsoft Help

2012-11-24 16:27 - 2010-10-17 19:06 - 00000000 ____D C:\Users\All Users\Application Data\Microsoft Help

2012-11-24 15:58 - 2012-11-24 15:58 - 00316000 ____A (Hyperdesktop) C:\Users\Marc\Downloads\hyperdesktop.exe

2012-11-24 15:31 - 2012-11-24 15:31 - 00000000 ____D C:\Program Files (x86)\Just Great Software

2012-11-24 15:25 - 2012-11-24 15:25 - 00000000 ____D C:\Users\Marc\Downloads\RegexBuddy v3.5.4

2012-11-24 14:40 - 2012-11-24 14:40 - 00000000 ____D C:\Users\Marc\Local Settings\Daum

2012-11-24 14:40 - 2012-11-24 14:40 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\Daum

2012-11-24 14:40 - 2012-11-24 14:40 - 00000000 ____D C:\Users\Marc\Application Data\PotPlayerMini

2012-11-24 14:40 - 2012-11-24 14:40 - 00000000 ____D C:\Users\Marc\AppData\Roaming\PotPlayerMini

2012-11-24 14:40 - 2012-11-24 14:40 - 00000000 ____D C:\Users\Marc\AppData\Local\Daum

2012-11-24 14:38 - 2012-11-24 14:38 - 00000000 ____D C:\Program Files (x86)\Daum

2012-11-24 14:05 - 2012-11-24 13:49 - 00000000 ____D C:\Users\Marc\Downloads\Cops.S24E12.[x264].720p-SPASTiKUS-

2012-11-24 13:55 - 2012-11-24 13:55 - 00000000 ____D C:\Users\Marc\Local Settings\Razer

2012-11-24 13:55 - 2012-11-24 13:55 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\Razer

2012-11-24 13:55 - 2012-11-24 13:55 - 00000000 ____D C:\Users\Marc\AppData\Local\Razer

2012-11-24 13:55 - 2012-11-24 13:55 - 00000000 ____D C:\Users\All Users\Razer

2012-11-24 13:55 - 2012-11-24 13:55 - 00000000 ____D C:\Users\All Users\Application Data\Razer

2012-11-24 13:55 - 2012-11-24 13:55 - 00000000 ____D C:\Program Files (x86)\Razer

2012-11-24 13:24 - 2012-11-24 13:22 - 00000000 ____D C:\Users\Marc\Downloads\Cops Season 23 HDTV

2012-11-23 22:43 - 2012-11-23 22:43 - 00000167 ____A C:\Windows\SysWOW64\BSSUConfig.ini

2012-11-23 22:43 - 2012-11-23 22:43 - 00000000 ____D C:\Users\Marc\Local Settings\Deals Plugin

2012-11-23 22:43 - 2012-11-23 22:43 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\Deals Plugin

2012-11-23 22:43 - 2012-11-23 22:43 - 00000000 ____D C:\Users\Marc\AppData\Local\Deals Plugin

2012-11-23 22:43 - 2012-11-23 22:43 - 00000000 ____D C:\Users\All Users\BSSmartUpdate

2012-11-23 22:43 - 2012-11-23 22:43 - 00000000 ____D C:\Users\All Users\Application Data\BSSmartUpdate

2012-11-23 22:43 - 2012-11-23 22:43 - 00000000 ____D C:\BSSmartUpdate

2012-11-23 22:42 - 2011-09-08 16:48 - 00000000 ____D C:\Program Files (x86)\ooVoo

2012-11-23 17:27 - 2012-11-23 17:27 - 00000000 ____D C:\Users\Marc\Local Settings\New Technology Studio

2012-11-23 17:27 - 2012-11-23 17:27 - 00000000 ____D C:\Users\Marc\Local Settings\Application Data\New Technology Studio

2012-11-23 17:27 - 2012-11-23 17:27 - 00000000 ____D C:\Users\Marc\AppData\Local\New Technology Studio

2012-11-23 17:27 - 2011-12-10 12:11 - 00000000 ____D C:\Users\Marc\Application Data\New Technology Studio

2012-11-23 17:27 - 2011-12-10 12:11 - 00000000 ____D C:\Users\Marc\AppData\Roaming\New Technology Studio

2012-11-23 13:05 - 2012-11-23 13:05 - 00000000 ____D C:\Users\Marc\My Documents\Cucusoft

2012-11-23 13:05 - 2012-11-23 13:05 - 00000000 ____D C:\Users\Marc\Documents\Cucusoft

2012-11-23 13:05 - 2012-11-23 12:49 - 00000000 ____D C:\Users\Marc\Application Data\NetGuard

2012-11-23 13:05 - 2012-11-23 12:49 - 00000000 ____D C:\Users\Marc\AppData\Roaming\NetGuard

2012-11-23 12:49 - 2012-11-23 12:49 - 00000000 ____D C:\Users\All Users\Cucusoft

2012-11-23 12:49 - 2012-11-23 12:49 - 00000000 ____D C:\Users\All Users\Application Data\Cucusoft

2012-11-23 12:49 - 2012-11-23 12:49 - 00000000 ____D C:\Program Files\Cucusoft

2012-11-23 02:04 - 2010-10-06 17:09 - 00000000 ____A C:\Windows\SysWOW64\config.nt

2012-11-23 00:57 - 2011-01-28 20:33 - 00000000 ____D C:\Program Files (x86)\proXPN

2012-11-23 00:56 - 2012-08-25 01:25 - 00000000 ____D C:\Program Files (x86)\Gyazo

2012-11-23 00:23 - 2012-11-23 00:23 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2012

2012-11-23 00:23 - 2011-08-22 15:56 - 00000000 ____D C:\Users\Marc\Application Data\TuneUp Software

2012-11-23 00:23 - 2011-08-22 15:56 - 00000000 ____D C:\Users\Marc\AppData\Roaming\TuneUp Software

2012-11-23 00:23 - 2011-08-22 15:55 - 00000000 ____D C:\Users\All Users\TuneUp Software

2012-11-23 00:23 - 2011-08-22 15:55 - 00000000 ____D C:\Users\All Users\Application Data\TuneUp Software

2012-11-23 00:22 - 2012-11-23 00:22 - 00000000 __SHD C:\Users\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2012-11-23 00:22 - 2012-11-23 00:22 - 00000000 __SHD C:\Users\All Users\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2012-11-23 00:13 - 2012-11-23 00:13 - 00000000 ____D C:\Users\Marc\Application Data\CleanMyPC Software

2012-11-23 00:13 - 2012-11-23 00:13 - 00000000 ____D C:\Users\Marc\AppData\Roaming\CleanMyPC Software

2012-11-23 00:13 - 2012-11-23 00:13 - 00000000 ____D C:\Program Files (x86)\CleanMyPC

2012-11-22 23:55 - 2012-11-22 23:55 - 00000000 ____D C:\Users\Marc\Downloads\TuneUp.Utilities.2012.v12.0.2030.10.Incl.Keygen-Lz0

2012-11-22 23:41 - 2012-02-03 19:30 - 00000000 ____D C:\Program Files\AVAST Software

2012-11-22 23:39 - 2012-11-22 23:29 - 00000000 ____D C:\Users\Marc\Downloads\DRPSu12.3-Final

2012-11-22 23:30 - 2012-11-22 23:27 - 00000000 ____D C:\Users\Marc\Downloads\Avast! Antivirus Pro & Internet Security v7.0.1473 Final Incl License ,Patch,Crack @ Only By THE RAIN {HKRG}

2012-11-22 23:25 - 2012-08-28 07:51 - 00000000 ____D C:\found.001

2012-11-22 17:28 - 2012-11-22 17:28 - 00000000 ____D C:\Users\Marc\Downloads\chipset-win8

2012-11-22 17:14 - 2012-11-22 17:14 - 00000000 ____D C:\Users\Marc\Application Data\driveridentifier

2012-11-22 17:14 - 2012-11-22 17:14 - 00000000 ____D C:\Users\Marc\AppData\Roaming\driveridentifier

2012-11-22 17:14 - 2012-11-22 17:14 - 00000000 ____D C:\Program Files (x86)\Driver Identifier

2012-11-22 13:47 - 2012-11-22 00:24 - 00000000 ____D C:\Program Files (x86)\CustoPackTools

==================== Known DLLs (Whitelisted) =================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-12-21 17:14:14

Restore point made on: 2012-12-21 17:14:48

Restore point made on: 2012-12-21 18:51:44

==================== Memory info ===========================

Percentage of memory in use: 12%

Total physical RAM: 6134.93 MB

Available physical RAM: 5357.62 MB

Total Pagefile: 6133.07 MB

Available Pagefile: 5346.54 MB

Total Virtual: 8192 MB

Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:920.59 GB) (Free:463.4 GB) NTFS

3 Drive e: () (Removable) (Total:0.49 GB) (Free:0.49 GB) FAT

4 Drive f: (RECOVERY) (Fixed) (Total:10.88 GB) (Free:4.69 GB) NTFS ==>[system with boot components (obtained from reading drive)]

9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 931 GB 0 B

Disk 1 Online 501 MB 0 B

Disk 2 No Media 0 B 0 B

Disk 3 No Media 0 B 0 B

Disk 4 No Media 0 B 0 B

Disk 5 No Media 0 B 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 39 MB 31 KB

Partition 2 Primary 10 GB 40 MB

Partition 3 Primary 920 GB 10 GB

==================================================================================

Disk: 0

Partition 1

Type : DE

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 8 FAT Partition 39 MB Healthy Hidden

=========================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 F RECOVERY NTFS Partition 10 GB Healthy

=========================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C OS NTFS Partition 920 GB Healthy

=========================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 501 MB 16 KB

==================================================================================

Disk: 1

Partition 1

Type : 06

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 E FAT Removable 501 MB Healthy

=========================================================

Last Boot: 2011-10-02 07:05

==================== End Of Log =============================

Edited by Maurice Naggar
Link to post
Share on other sites

Advanced SystemCare is of dubious value. I would suggest you uninstall it.

While we try to or attempt tries to "fix" your system, see about turning off Spybot from auto-starting with your system.

Next:

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.


Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.

More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html

Step 2

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 3

To show all files:

  • Go to your Desktop
  • Double-Click the Computer icon.
  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 4

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download AdwCleaner © Xplode from >>here<< and save it on your Desktop.

If your are running Windows XP, double click adwcleaner.exe to start it.

Otherwise, Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

Now click on the Search tab.

Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\AdwCleaner[XX].txt where XX Denotes the number of times the application has been ran, so in this should be something like R1.

Step 5

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 6

  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on Scan button at upper right of screen.
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller

Do NOT click any FIX buttons !

Step 7

RE-Enable your antivirus program. excl.png

Then copy/paste the following into your post (in order):

  • the contents of C:\AdwCleaner[R1].txt;
  • the contents of TDSSKILLER log;
  • the contents of RKReport log;

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Link to post
Share on other sites

Do your assignment and get it done.

Just do not use this system for any web-surfing or online games, etc.

At your next opportunity,

  • Close any open documents/programs & all internet browsers you have running.
  • Please start AdwCleaner
  • Click on Delete button.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
  • Note: You can find the logfile at C:\AdwCleaner[s1]

Step 2

Download aswMBR.exe ( 511KB ) to your desktop.

On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.

On Windows XP, double click the exe to start.

change the a-v scan to None.

uncheck trace disk IO calls

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Link to post
Share on other sites

AdwCleaner log:

# AdwCleaner v2.101 - Logfile created 12/22/2012 at 11:46:15

# Updated 16/12/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Marc - PC

# Boot Mode : Safe mode with networking

# Running from : C:\Users\Marc\Desktop\Tools\adwcleaner.exe

# Option [Delete]

***** [services] *****

Stopped & Deleted : ICQ Service

***** [Files / Folders] *****

File Deleted : C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\4xu78o11.default\searchplugins\Askcom.xml

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\Deals Plugin

Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar

Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com

Folder Deleted : C:\ProgramData\Ask

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar

Folder Deleted : C:\ProgramData\InstallMate

Folder Deleted : C:\Users\Marc\AppData\Local\APN

Folder Deleted : C:\Users\Marc\AppData\Local\Conduit

Folder Deleted : C:\Users\Marc\AppData\Local\Deals Plugin

Folder Deleted : C:\Users\Marc\AppData\LocalLow\BabylonToolbar

Folder Deleted : C:\Users\Marc\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Marc\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\Marc\AppData\LocalLow\Search Settings

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKCU\Software\AppDataLow\Software\Deals Plugin

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}

Key Deleted : HKCU\Software\Search Settings

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}

Key Deleted : HKLM\Software\Application Updater

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe

Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL

Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook

Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3070524

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\PIP

Key Deleted : HKLM\Software\Search Settings

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011461137}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v17.0.1 (en-US)

Profile name : default

File : C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\4xu78o11.default\prefs.js

Deleted : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v23.0.1271.95

File : C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.8] : homepage = "hxxp://search.avira.com/?l=dis&o=APN10400&gct=hp&dc=US&locale=fr_CA"

Deleted [l.72] : icon_url = "hxxp://www.ask.com/favicon.ico",

Deleted [l.75] : keyword = "ask.com",

Deleted [l.78] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-3&o=APN10400&locale=f[...]

Deleted [l.79] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]

Deleted [l.2686] : homepage = "hxxp://search.avira.com/?l=dis&o=APN10400&gct=hp&dc=US&locale=fr_CA",

*************************

AdwCleaner[R1].txt - [5902 octets] - [22/12/2012 11:25:31]

AdwCleaner[R2].txt - [5962 octets] - [22/12/2012 11:25:51]

AdwCleaner[R3].txt - [6028 octets] - [22/12/2012 11:46:08]

AdwCleaner[s1].txt - [5529 octets] - [22/12/2012 11:46:15]

########## EOF - C:\AdwCleaner[s1].txt - [5589 octets] ##########

As for aswMBR.exe when I launched it it asked if I wanted to use Avast! virus definition, I clicked no and pressed Scan as there were no place to change the AV scan to 'None' like you said.

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

Run date: 2012-12-22 11:54:02

-----------------------------

11:54:02.914 OS Version: Windows x64 6.1.7601 Service Pack 1

11:54:02.914 Number of processors: 8 586 0x1A05

11:54:02.915 ComputerName: PC UserName:

11:54:07.842 Initialize success

11:54:13.135 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

11:54:13.135 Disk 0 Vendor: ST310005 CC46 Size: 953869MB BusType: 3

11:54:13.150 Disk 0 MBR read successfully

11:54:13.182 Disk 0 MBR scan

11:54:13.182 Disk 0 Windows VISTA default MBR code

11:54:13.182 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63

11:54:13.182 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 11142 MB offset 81920

11:54:13.182 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 942686 MB offset 22900736

11:54:13.213 Disk 0 scanning C:\Windows\system32\drivers

11:54:20.512 Service scanning

11:54:37.754 Modules scanning

11:54:37.759 Scan finished successfully

11:54:44.326 Disk 0 MBR has been saved successfully to "C:\Users\Marc\Desktop\Tools\MBR.dat"

11:54:44.326 The log file has been saved successfully to "C:\Users\Marc\Desktop\Tools\aswMBR.txt"

Link to post
Share on other sites

Still have the same problems, browsers, AVs and games etc not working, CCleaner and AntiSuperSpyware works tho etc.

Comodo is simply my firewall, it is disabled most of the time as it blocks games connections... should I uninstall it?

Also, since we both have no idea and can't see any virus/problems causing this, what would be my best solution? Reformat? This is a XPS 9100 Desktop and no Windows 7 CD came with this :wacko:

Link to post
Share on other sites

You have Comodo firewall plus other Comodo features as well.

A wipe of the HDD partitions and a clean install of Windows, plus antivirus, plus all your programs would be the safest for the long term.

Make sure you save your personal files and documents beforehand, on offline media (like external drive, or DVDs).

If you check with your manufacturer support, they will have information on how to do a factory restore.

Be sure you are aware that means this takes you go back to Day 1 out of the factory, and you lose all your personal files added since then.

When you do do the factory restore, make sure 1st you uninstall any pre-packaged McAfee or Norton antivirus, and then reboot and add-on your own choice of antivirus.

Let me know what you decide.

Like I said, check with DELL support first !!

As a general "template" only, ...... I would suggest you see this page How to Do a Clean Installation with Windows 7.

I suggest you delete all existing partitions on the HDD as part of the new Windows 7 install.

Link to post
Share on other sites

But this happened randomly and I'm afraid it will happen again.

As for everything else well I'd like to format but since I don't have the Windows 7 disc and I have no idea why in the ******* world retailers don't give it when buying the PC and my PC's warranty has expired, even more trouble adding to all this BS.

Is there a way to do this without the CD and just the serial key or something? I'm sure it's located somewhere under/behind the PC tower...

Thanks brother.

Link to post
Share on other sites

When you do -do- the clean re-install, it must be done the proper way, in the proper sequence, AND thereafter, you must practice safer computing practices.

Go and use DELL support forum on how to start and how to do the factory restore procedure. Start at http://en.community.dell.com/

Your pc has a hidden factory restore partition. That is where Windows will be restored from.

Have the setup program for -your- antivirus downloaded and saved somewhere offline, like a new USB-thumb-drive or onto a CD.

Once Windows is restored, the 1st order of business is to a) de-install the Dell pre-packaged A-V, then b) install your own.

As to the product key for Windows ( which you never post on any open forum)..... it will be on a Certificate of Authenticity label { COA} usually on the back of the case.

Safer practices & malware prevention

Link to post
Share on other sites

Awesome, thank you for your help!

I've seen the hidden partition tutorial on Dell's website, I guess that's what I will do and then restore files and drivers from USB/DVD.

Also, just like that - what would be your recommendation for a good Anti Virus that doesn't use a lot of CPU and is free?

I use Malware Bytes as a scanner but need real-time protection too...

-BobbyJay

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.