Jump to content
RoadGuyXTL

pup installer bundle.oi plus issues

Recommended Posts

Hello all,

I am having a problem with my computer. First off, I noticed my Windows Update was not working correctly. I tried fixing the issue from the internet and no success. Then saw that my Windows Key is not activated anymore. I've been running all sorts of scans till finally your software found "Pup Installer Bundle.OI." It got removed successfully but still having those other issues. Can you tell me how to fully remove this and maybe look at my system for me, thanks.

I am running Windows Vista System Pack 2.

Thanks in advance,

-Art

Share this post


Link to post
Share on other sites

Hello all,

I am having a problem with my computer. First off, I noticed my Windows Update was not working correctly. I tried fixing the issue from the internet and no success. Then saw that my Windows Key is not activated anymore. I've been running all sorts of scans till finally your software found "Pup Installer Bundle.OI." It got removed successfully but still having those other issues. Can you tell me how to fully remove this and maybe look at my system for me, thanks.

I am running Windows Vista System Pack 2.

Thanks in advance,

-Art

Here are my logs:

dds.txt

attach.txt

Share this post


Link to post
Share on other sites

Greetings RoadGuyXTL and Welcome to the Forums,

I'm looking over your log(s) and will have some suggestions for you in a short while. Thanks for your patience!

Share this post


Link to post
Share on other sites

Of your installed programs, most noticably, the following need attention:

Dropbox <--Big Time Security Risk...Here's just one article about that but google would show you countless more.

Glary Utilities 2.53.0.1726 <--Registry hack issues...please read more below, in the Blue text.

IObit Malware Fighter <--Untrusted...please read the information provided in This Link for some clear and convincing evidence.

Java™ 6 Update 13 <--Out dated and exploited...for the time being, please uninstall this version...we will install the latest verison later, once we're sure that system is cleaned.

Symantec KB-DocID:2003093015493306 <--I don't know what this is, or why it would be installed on that system since it's apparent ther is no Symantec product installed. Please uninstall this too.

TeamViewer 7 <--This is a "Remote Access" program. Not typically a risk but could certainly become one if you aren't vigilant. Using these type programs is fine so long as you maintain STRONG PASSWORDS.

Viewpoint Media Player Foistware...and perhaps, redundant as are programs like RealPlayer and QuickTime. Unless you use these, please uninstall them...adware supported issues are prevelant among them.

Regarding programs which purport to "clean" and or "enhance" the registry and operating system:

Contrary to a very popular belief, the Windows registry has no need of cleaning.

Trimming down the registry by removing orphaned entries will have such a miniscule effect that any positive result will go unnoticed. I challenge anyone to prove otherwise, as any boot time difference would have to be measured in microseconds.

Unless the user considers themselves to be an expert user, caution with these type programs is strongly urged. More often than not, novice users of these type programs report operating system issues (and software as well) which include blue screen stop errors, unresponsive programs and non booting systems.

For those folks, these type programs became the problem rather than the solution. If you think you are of the "expert" level, then these type programs are fine for you...otherwise, I would suggest that you use the program to navigate to it's "backup" folder, find every registry entry that was removed and restore them. Once you're done that, then please uninstall that program.

For that matter, if it were me, I would uninstall ALL of those programs I listed for you above. On your next reply, please run a fresh DDS scan and post the resulting logs. Thanks!

Share this post


Link to post
Share on other sites

Hello,

Thanks for responding and helping with my issue. I have removed all programs as you requested but when I tried to remove the "Symantec" program I could not find it to remove it. I had no issues deleting the others. Upon checking the attach.txt I found that it is still on there. I am attaching the new logs.

Thanks in advance.

-Ardy R.

attach.txt

dds.txt

Share this post


Link to post
Share on other sites

Hello,

Thanks for responding and helping with my issue. I have removed all programs as you requested but when I tried to remove the "Symantec" program I could not find it to remove it. I had no issues deleting the others. Upon checking the attach.txt I found that it is still on there. I am attaching the new logs.

Thanks in advance.

-Ardy R.

**Reposting without attachments**

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16450

Run by Master Account at 19:19:44 on 2013-02-26

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\System32\mobsync.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k WindowsMobile

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uProxyServer = 133.1.16.172:3124

uProxyOverride = localhost;<local>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:149

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: EnableInstallerDetection = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\mi1933~1\office14\ONBttnIE.dll/105

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

TCP: NameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{8AD7C89A-BAA5-4A17-A476-90D2B6476E5D} : DHCPNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{C588EF40-76B5-493A-94AE-6E83E332C6DB} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{DE391437-147B-40DF-99E4-F602C6E8C27F} : DHCPNameServer = 209.18.47.61 209.18.47.62

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: igfxcui - igfxdev.dll

Notify: VESWinlogon - VESWinlogon.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.97\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\master account\appdata\roaming\mozilla\firefox\profiles\0uutxuxw.default\

FF - plugin: c:\progra~1\mi1933~1\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\mi1933~1\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\master account\appdata\local\google\update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: c:\users\master account\appdata\roaming\move networks\plugins\npqmp071503000010.dll

FF - plugin: c:\users\master account\appdata\roaming\move networks\plugins\npqmp071505000010.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_149.dll

FF - ExtSQL: !HIDDEN! 2009-07-22 01:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

.

---- FIREFOX POLICIES ----

FF - user.js: browser.cache.memory.capacity - 16000

FF - user.js: browser.chrome.favicons - fales

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.max.tokenizing.time - 3000000

FF - user.js: content.maxtextrun - 4095

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 1000000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 1000000

FF - user.js: dom.disable_window_status_change - true

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 1000

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

.

============= SERVICES / DRIVERS ===============

.

R? AdvancedSystemCareService5;Advanced SystemCare Service 5

R? AdvancedSystemCareService6;Advanced SystemCare Service 6

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? fssfltr;fssfltr

R? fsssvc;Windows Live Family Safety Service

R? MatSvc;Microsoft Automated Troubleshooting Service

R? mferkdk;McAfee Inc. mferkdk

R? mfesmfk;McAfee Inc. mfesmfk

R? SBRE;SBRE

R? Symantec Core LC;Symantec Core LC

R? uts_bus;UTStarcom USB Composite Device driver (WDM)

R? uts_mdfl;UTStarcom USB Modem Filter

R? uts_mdm;UTStarcom USB Modem Drivers

R? uts_serd;UTStarcom USB Diagnostic Serial Port (WDM)

R? wlcrasvc;Windows Live Mesh remote connections service

R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0

S? ASO3DiskOptimizer;ASO3DiskOptimizer

S? aswFsBlk;aswFsBlk

S? aswMonFlt;aswMonFlt

S? aswSnx;aswSnx

S? aswSP;aswSP

S? avast! Antivirus;avast! Antivirus

S? FontCache;Windows Font Cache Service

S? SmartDefragDriver;SmartDefragDriver

S? ti21sony;ti21sony

.

=============== File Associations ===============

.

ShellExec: pi11.exe: Open="c:\program files\microsoft digital image 2006\pi.exe" "%1"

.

=============== Created Last 30 ================

.

2013-02-26 05:07:58 -------- d-----w- C:\MGADiagToolOutput

2013-02-26 04:14:17 -------- d-----w- c:\programdata\Kaspersky Lab

2013-02-25 05:43:35 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-02-25 05:21:35 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-02-25 05:21:29 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-02-25 05:20:35 41224 ----a-w- c:\windows\avastSS.scr

2013-02-25 05:19:35 -------- d-----w- c:\programdata\AVAST Software

2013-02-25 05:19:35 -------- d-----w- c:\program files\AVAST Software

2013-02-24 06:47:11 -------- d-----w- c:\users\master account\appdata\roaming\GlarySoft

2013-02-24 05:25:07 -------- d-----w- c:\users\master account\appdata\local\Microsoft Corporation

2013-02-24 05:22:01 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor

2013-02-24 04:01:12 -------- d-----w- c:\users\master account\appdata\local\FixItCenter

2013-02-24 03:19:30 -------- d-----w- c:\program files\CCleaner

2013-02-23 23:13:04 -------- d-----w- c:\users\master account\appdata\roaming\OmniTechSupport

2013-02-23 23:12:18 16752 ----a-w- c:\windows\system32\roboot.exe

2013-02-23 23:12:16 17136 ----a-w- c:\windows\system32\sasnative32.exe

2013-02-23 23:11:43 -------- d-----w- c:\programdata\omnitechsupport

2013-02-23 23:11:43 -------- d-----w- c:\program files\Advanced System Optimizer 3

2013-02-23 19:36:40 -------- d-----w- c:\users\master account\appdata\local\{F0AB0861-D0D8-4BE5-881B-B889E918E919}

2013-02-23 18:59:40 -------- d-----w- c:\programdata\GFI Software

2013-02-18 11:46:45 -------- d-----w- c:\windows\CheckSur

2013-02-18 06:27:20 -------- d-----w- c:\programdata\Geek Squad

2013-02-18 05:50:51 -------- d-----w- c:\programdata\WRData

2013-02-18 05:43:42 -------- d-----w- c:\users\master account\appdata\local\LogMeIn Rescue Applet

2013-02-18 03:42:06 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe

2013-02-18 03:42:04 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys

2013-02-18 03:27:27 -------- d-----w- c:\windows\MATS

2013-02-18 03:27:11 -------- d-----w- c:\program files\Microsoft Fix it Center

2013-02-18 01:39:50 -------- d-----w- c:\programdata\PCPitstop

2013-02-18 01:38:49 -------- d-----w- c:\program files\PCPitstop

2013-02-16 06:27:00 -------- d-----w- c:\programdata\ErrorEND

2013-02-16 06:26:13 -------- d-----w- c:\program files\ErrorEND

2013-02-16 05:39:53 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}

.

==================== Find3M ====================

.

2013-02-23 21:07:10 319456 ----a-w- c:\windows\DIFxAPI.dll

2013-02-23 19:49:00 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-02-23 19:48:59 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-23 19:27:12 87608 ----a-w- c:\users\master account\appdata\roaming\inst.exe

2013-02-23 19:27:12 47360 -c--a-w- c:\users\master account\appdata\roaming\pcouffin.sys

.

============= FINISH: 19:21:52.18 ===============

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4)

Adobe® Photoshop® Album Starter Edition 3.2

Advanced System Optimizer

Advanced SystemCare 6

Alps Pointing-device for VAIO

AOL Uninstaller (Choose which Products to Remove)

avast! Free Antivirus

AXIS Media Control

AXIS Media Control Embedded

CCleaner

ChaCha Guide Application

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Feedback Tool

Google Chrome

Google Update Helper

Highlight Viewer (Windows Live Toolbar)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

ImageStation

Intel® Graphics Media Accelerator Driver

Intel® PROSet/Wireless Software

ISScript

Junk Mail filter update

LAN-Express AS IEEE 802.11 Wireless LAN

Logitech Audio Echo Cancellation Component

Logitech QuickCam

Logitech Video Enumerator

Logitech® Camera Driver

Macromedia Flash Player 8

Macromedia Flash Player 8 Plugin

Malwarebytes Anti-Malware version 1.70.0.1100

Map Button (Windows Live Toolbar)

mCore

mDriver

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Digital Image Library 9 - Blocker

Microsoft Digital Image Starter Edition 2006

Microsoft Digital Image Starter Edition 2006 Editor

Microsoft Digital Image Starter Edition 2006 Library

Microsoft Fix it Center

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server Native Client

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

mMHouse

Mozilla Firefox 13.0.1 (x86 en-US)

Mozilla Maintenance Service

mPfMgr

mProSafe

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MVision

mWlsSafe

mXML

Netflix Movie Viewer

NTI Shadow

Office 2003 Trial Assistant

OGA Notifier 2.0.0048.0

PreReq

Quicken 2006

QuickLink Mobile

QuickTime

RealPlayer Basic

RTC Client API v1.2

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Segoe UI

Shared C Run-time for x86

ShortKeys Lite

Smart Defrag 2

Smart Menus (Windows Live Toolbar)

Sonic Encoders

Sony Certificate PCH

Sony Download Taxi 1.5.0.0

Sony Video Shared Library

SpeedFan (remove only)

Symantec KB-DocID:2003093015493306

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

UTStarcom USB Modem Software

VAIO Breeze Wallpaper

VAIO Help And Support

VAIO Light Flo Wallpaper

VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents

WebFldrs XP

Windows 7 Upgrade Advisor

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live OneCare safety scanner

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live Toolbar Extension (Windows Live Toolbar)

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Connect

Windows Mobile Device Center

Windows Mobile Device Center Driver Update

Yahoo! Messenger

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Now, please run a manual update to your on board mbam. When the update completes, please run a "Full" system scan...and post THAT log back here on your next reply. One other thing before closing mbam, I'd like you to click on the More Tools tab and download the "Startuplite" program. Run it...and make note of everything it lists. Somewhere on that list should appear the Symantec driver information. Post that information here as well. Thanks!

Share this post


Link to post
Share on other sites

Hey 1972vet,

Here is the log from MBAM;

uMalwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.02.28.01

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Master Account :: ACASLAPTOP [administrator]

2/27/2013 8:24:00 PM

mbam-log-2013-02-27 (20-24-00).txt

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 417358

Time elapsed: 3 hour(s), 5 minute(s), 57 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

As far as the Startuplite list, I cannot provide one due to "No unnecessary startups found!." Do you want me to go to "msconfig" and put everything back on?? Let me know...thanks.

Share this post


Link to post
Share on other sites

Thanks RoadGuy,

There's no need to change anything via the msconfig utility, but if you DO open it and visit the "Startup" tab, whether an item is checked or not, it would still show you the file path. Look for it there and if you find it, and it's NOT checked, then leave it that way but post back here and let me know what the file path is. It would also be interesting if you find nothing there (which is what I actually suspect). That being the case, we might be more successful using a different utility to try removing it...let me know what you find so we'll know what our next step should be. Thanks!

Share this post


Link to post
Share on other sites

OK, thanks for taking a look...we need to do some surgery to remove it as it is a driver which will conflict with your other security programs, not to mention instability that can also result from stray drivers left behind. Please do this:

Please disable the active protection component of your antivirus and antispyware programs by following the directions that apply Here.

...of those, many people overlook the Windows Defender since, for most, there is no icon for it in the system tray. Scroll through those directives above and look for this application specifically, to make certain it is disabled (Microsoft Security Essentials users can disregard the Windows Defender disable instruction since while MSE is installed, Windows Defender is disabled already by default).

Please download combofix from This Webpage...and read through the instructions there for running the tool.

***Important Note***

Please read through the guidance on that web page carefully and thoroughly...and install the Recovery Console. Using this tool without the Recovery Console installed is NOT RECOMMENDED.

If you have Windows Vista or Windows 7, you can skip the recovery console step...in Vista/7 it's in the System Recovery Options menu. The System Recovery Options menu is on the Windows Vista or Windows 7 installation disc. If Windows doesn't start correctly, you can use these tools to repair startup problems.

The Windows Recovery Console will allow you to boot into a special recovery (repair) mode that is not otherwise available. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It's a simple procedure that will only take a few moments.

Once installed, a blue screen prompt should appear that reads as follows:

The Recovery Console was successfully installed.

When you see that screen, please continue as follows:

  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a log file for you. Please post that log back here on your next reply. Thanks!

Note:

Do not mouseclick combofix's window while it's running....that may cause the scan to stall

Share this post


Link to post
Share on other sites

One question,

I have Windows Vista but do not have the installation discs, so do I let ComboFix make a recovery console.

The only thing I have is the Windows Update Disc to Vista due to when I bought the computer it was eligible for it. So, I upgraded it back in the day. I did try to run the disk and go to the setup but I don't see the "System Repair" link.

I want to run Combofix but I won't have anything to fix Windows in case of errors, or, will like I said Combofix make a recovery console for Vista?

Share this post


Link to post
Share on other sites

The recovery console is a Windows XP "concept" and doesn't apply for either Vista or 7 because the recovery options are much different...please don't worry, just run combofix and post back the log. If things go south, we should be able to walk you through any land mines.

Share this post


Link to post
Share on other sites

Here is the log file from Combofix:

ComboFix 13-03-02.01 - Master Account 03/03/2013 4:31.1.1 - x86

Running from: c:\users\Master Account\Desktop\ComboFix.exe

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\regtlib.exe

.

.

((((((((((((((((((((((((( Files Created from 2013-02-03 to 2013-03-03 )))))))))))))))))))))))))))))))

.

.

2013-03-03 10:44 . 2013-03-03 10:44 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-03-03 07:55 . 2013-02-28 08:36 163784 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-03-03 07:55 . 2013-02-28 08:36 49320 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-03-01 08:55 . 2013-03-01 08:55 -------- d-----w- c:\programdata\OmniTechSupport

2013-03-01 03:13 . 2013-03-01 03:18 -------- d-----w- C:\49465d10f274cd4f2f9c

2013-03-01 01:43 . 2013-03-01 01:43 -------- d-----w- c:\users\Master Account\AppData\Local\ElevatedDiagnostics

2013-02-28 23:11 . 2013-02-28 23:11 -------- d-----w- c:\users\Administrator\AppData\Local\Google

2013-02-28 21:22 . 2013-02-28 21:22 -------- d-----w- c:\users\Master Account\AppData\Roaming\RoboForm

2013-02-28 21:19 . 2013-02-28 21:19 -------- d-----w- c:\programdata\RoboForm

2013-02-28 21:19 . 2013-02-28 21:19 -------- d-----w- c:\program files\Siber Systems

2013-02-26 05:07 . 2013-02-26 05:08 -------- d-----w- C:\MGADiagToolOutput

2013-02-26 04:14 . 2013-02-26 04:14 -------- d-----w- c:\programdata\Kaspersky Lab

2013-02-25 05:43 . 2012-12-14 22:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-02-25 05:21 . 2013-02-28 08:36 29880 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2013-02-25 05:21 . 2013-02-28 08:36 368248 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-02-25 05:21 . 2013-02-28 08:36 49832 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2013-02-25 05:21 . 2013-02-28 08:36 62448 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2013-02-25 05:21 . 2013-02-28 08:36 765808 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-02-25 05:21 . 2013-02-28 08:36 66408 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-02-25 05:20 . 2013-02-28 08:36 41664 ----a-w- c:\windows\avastSS.scr

2013-02-25 05:20 . 2013-02-28 08:35 228600 ----a-w- c:\windows\system32\aswBoot.exe

2013-02-25 05:19 . 2013-03-01 07:14 -------- d-----w- c:\programdata\AVAST Software

2013-02-25 05:19 . 2013-03-01 07:14 -------- d-----w- c:\program files\AVAST Software

2013-02-24 06:47 . 2013-02-24 06:47 -------- d-----w- c:\users\Master Account\AppData\Roaming\GlarySoft

2013-02-24 05:25 . 2013-02-24 05:25 -------- d-----w- c:\users\Master Account\AppData\Local\Microsoft Corporation

2013-02-24 05:22 . 2013-02-24 05:22 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor

2013-02-24 04:01 . 2013-02-24 04:01 -------- d-----w- c:\users\Master Account\AppData\Local\FixItCenter

2013-02-24 03:19 . 2013-02-24 03:19 -------- d-----w- c:\program files\CCleaner

2013-02-24 02:13 . 2013-02-24 02:13 -------- d-----w- c:\programdata\WindowsSearch

2013-02-24 01:04 . 2013-03-01 07:14 -------- d-----w- c:\users\Master Account\AppData\Roaming\Dropbox

2013-02-23 23:13 . 2013-03-01 07:14 -------- d-----w- c:\users\Master Account\AppData\Roaming\OmniTechSupport

2013-02-23 23:12 . 2012-11-09 21:30 16752 ----a-w- c:\windows\system32\roboot.exe

2013-02-23 23:12 . 2012-06-08 17:35 17136 ----a-w- c:\windows\system32\sasnative32.exe

2013-02-23 18:59 . 2013-02-23 18:59 -------- d-----w- c:\programdata\GFI Software

2013-02-23 08:49 . 2013-02-23 08:49 -------- d-----w- c:\users\Administrator\Tracing

2013-02-23 08:46 . 2013-02-23 08:46 -------- d-----w- c:\users\Administrator\AppData\Roaming\AOL

2013-02-18 11:46 . 2013-02-18 11:46 -------- d-----w- c:\windows\CheckSur

2013-02-18 06:27 . 2013-02-18 06:27 -------- d-----w- c:\programdata\Geek Squad

2013-02-18 05:50 . 2013-02-24 05:45 -------- d-----w- c:\programdata\WRData

2013-02-18 05:43 . 2013-03-01 06:45 -------- d-----w- c:\users\Master Account\AppData\Local\LogMeIn Rescue Applet

2013-02-18 03:42 . 2012-05-09 00:35 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe

2013-02-18 03:42 . 2010-11-27 00:02 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys

2013-02-18 03:27 . 2013-02-18 03:27 -------- d-----w- c:\windows\MATS

2013-02-18 03:27 . 2013-02-18 03:27 -------- d-----w- c:\program files\Microsoft Fix it Center

2013-02-18 01:39 . 2013-02-23 19:29 -------- d-----w- c:\programdata\PCPitstop

2013-02-18 01:38 . 2013-02-23 19:29 -------- d-----w- c:\program files\PCPitstop

2013-02-16 06:27 . 2013-02-16 06:27 -------- d-----w- c:\programdata\ErrorEND

2013-02-16 06:26 . 2013-02-16 06:26 -------- d-----w- c:\program files\ErrorEND

2013-02-16 05:39 . 2013-03-02 05:11 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-02-23 21:07 . 2007-09-14 03:44 319456 ----a-w- c:\windows\DIFxAPI.dll

2013-02-23 19:49 . 2012-07-02 00:53 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-02-23 19:48 . 2011-06-24 02:14 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-23 19:27 . 2008-08-01 20:43 87608 ----a-w- c:\users\Master Account\AppData\Roaming\inst.exe

2013-02-23 19:27 . 2006-12-31 20:03 47360 -c--a-w- c:\users\Master Account\AppData\Roaming\pcouffin.sys

2012-06-14 22:20 . 2012-07-02 01:34 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-02-28 08:35 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-02-28 4767304]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableInstallerDetection"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2007-01-11 19:20 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]

backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^KODAK Software Updater.lnk]

backup=c:\windows\pss\KODAK Software Updater.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]

backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]

backup=c:\windows\pss\Kodak EasyShare software.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Master Account^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CNET TechTracker.lnk]

backup=c:\windows\pss\CNET TechTracker.lnk.Startup

backupExtension=.Startup

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DISCover

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Info Center

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Pitstop PC Matic Reminder

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

2007-03-09 16:09 63712 -c--a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]

2012-05-28 20:56 288128 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]

2007-03-15 20:57 106496 ----a-w- c:\program files\Apoint\Apoint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

2010-03-13 19:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Conime]

2009-04-11 06:27 69120 ----a-w- c:\windows\System32\conime.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2006-11-02 09:45 8704 ----a-w- c:\windows\System32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]

2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]

2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

2006-12-13 22:19 106496 ----a-w- c:\windows\System32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]

2006-11-20 21:36 43128 ----a-w- c:\program files\Sony\ISB Utility\ISBMgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PartSeal]

2003-04-20 04:08 28672 -c--a-w- c:\windows\SONYSYS\VAIO Recovery\PartSeal.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

2006-12-13 22:17 81920 ----a-w- c:\windows\System32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-10-24 20:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2006-12-04 05:06 26112 -c--a-w- c:\program files\Real\RealPlayer\realplay.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]

2007-02-05 15:11 476728 ----a-w- c:\progra~1\Sony\SONICS~1\SSAAD.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Recovery]

2003-04-20 04:08 28672 -c--a-w- c:\windows\SONYSYS\VAIO Recovery\PartSeal.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOApps]

2007-01-04 23:38 16440 ----a-r- c:\vaioapps\ShellApp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]

2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]

2006-11-02 09:45 215552 ----a-w- c:\windows\WindowsMobile\wmdSync.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WPCUMI]

2006-11-02 12:35 176128 ----a-w- c:\windows\System32\wpcumi.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"aawservice"=2 (0x2)

"AOL ACS"=2 (0x2)

"AOL TopSpeedMonitor"=2 (0x2)

"Image Converter video recording monitor for VAIO Entertainment"=3 (0x3)

"ose"=3 (0x3)

"SonicStageMonitoring"=2 (0x2)

"SSScsiSV"=3 (0x3)

"usnjsvc"=3 (0x3)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]

"Apoint"=c:\program files\Apoint\Apoint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

.

R4 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]

R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - ASWRVRT

*NewlyCreated* - ASWVMM

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-02-26 14:08 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-03-03 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-02 19:49]

.

2013-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-23 19:49]

.

2013-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-23 19:49]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyServer = 133.1.16.172:3124

uInternet Settings,ProxyOverride = localhost;<local>

IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

FF - ProfilePath - c:\users\Master Account\AppData\Roaming\Mozilla\Firefox\Profiles\0uutxuxw.default\

FF - ExtSQL: 2013-03-01 17:11; ascsurfingprotection@iobit.com; c:\users\Master Account\AppData\Roaming\Mozilla\Firefox\Profiles\0uutxuxw.default\extensions\ascsurfingprotection@iobit.com

FF - ExtSQL: !HIDDEN! 2009-07-22 01:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - user.js: browser.cache.memory.capacity - 16000

FF - user.js: browser.chrome.favicons - fales

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.max.tokenizing.time - 3000000

FF - user.js: content.maxtextrun - 4095

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 1000000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 1000000

FF - user.js: dom.disable_window_status_change - true

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 1000

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

.

- - - - ORPHANS REMOVED - - - -

.

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

MSConfigStartUp-IObit Malware Fighter - c:\program files\IObit\IObit Malware Fighter\IMF.exe

MSConfigStartUp-RtHDVCpl - RtHDVCpl.exe

.

.

.

**************************************************************************

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files:

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

------------------------ Other Running Processes ------------------------

.

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe

c:\program files\IObit\Advanced SystemCare 6\Monitor.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\WUDFHost.exe

c:\program files\Windows Media Player\wmpnetwk.exe

.

**************************************************************************

.

Completion time: 2013-03-03 04:56:34 - machine was rebooted

ComboFix-quarantined-files.txt 2013-03-03 10:56

.

Pre-Run: 17,651,200,000 bytes free

Post-Run: 17,226,010,624 bytes free

.

- - End Of File - - 7B067D1F2A53E0803ABF250E097BC548

Share this post


Link to post
Share on other sites

Thanks. While I look this over, tell me please, did you set up this proxy server:

uInternet Settings,ProxyServer = 133.1.16.172:3124

Share this post


Link to post
Share on other sites

The symantec document entry, I find, relates to an update you once had which prevented the registration reminder from continuing to pop up. I find nothing relating to it in the combofix log so your best bet is to just run the symantec removal tool which purports to remove all remnants of any failed symantec uninstall:

Download their Removal Tool and run it. When it completes, just delete the tool from the desktop.

Next, we need to run combofix again, using a script this time...so please disable the on board security products as before, thanks! Please open a blank Notepad by clicking start-->run...Then, in the run box type Notepad.exe and click "OK".

Copy the below text in Bold and paste it into the blank Notepad. Save it as CFScript.txt...Change the "Save as type" to All Files and save it to your desktop. Now drag the text document over to your Combofix.exe

Combofix will run again automatically. Please post back the new log that will be generated. Thanks!

Note:

Do not mouseclick combofix's window while it's running. That may cause it to stall

killall::

folder::

c:\users\Master Account\AppData\Roaming\GlarySoft

c:\users\Master Account\AppData\Roaming\Dropbox

c:\programdata\ErrorEND

c:\program files\ErrorEND

c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}

c:\program files\IObit

driver::

AdvancedSystemCareService5

AdvancedSystemCareService6

registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]

[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

dds::

uInternet Settings,ProxyServer =

firefox::

FF - ProfilePath - c:\users\Master Account\AppData\Roaming\Mozilla\Firefox\Profiles\0uutxuxw.default\

FF - ExtSQL: 2013-03-01 17:11; ascsurfingprotection@iobit.com; c:\users\Master Account\AppData\Roaming\Mozilla\Firefox\Profiles\0uutxuxw.default\extensions\ascsurfingprotection@iobit.com

reglock::

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

Share this post


Link to post
Share on other sites

Here is the log you requested:

ComboFix 13-03-03.01 - Master Account 03/03/2013 16:28:13.2.1 - x86

Running from: c:\users\Master Account\Desktop\ComboFix.exe

Command switches used :: c:\users\Master Account\Desktop\CFScript.txt

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\ErrorEND

c:\program files\ErrorEND\3a_errorend.wav

c:\program files\IObit

c:\program files\IObit\Advanced SystemCare 3\Backup\RegistryBackup.cab

c:\program files\IObit\Advanced SystemCare 3\Hijack Analysis Report.txt

c:\program files\IObit\Advanced SystemCare 3\License.dat

c:\program files\IObit\Advanced SystemCare 3\services.ini

c:\program files\IObit\Advanced SystemCare 3\TBconfig.ini

c:\program files\IObit\Advanced SystemCare 3\UpdateLog.txt

c:\program files\IObit\Advanced SystemCare 3\updater.html

c:\program files\IObit\Advanced SystemCare 4\ASCv4ExtMenu.tmp

c:\program files\IObit\Advanced SystemCare 4\checkinfo.txt

c:\program files\IObit\Advanced SystemCare 4\Config.ini

c:\program files\IObit\Advanced SystemCare 4\DiskScan.log

c:\program files\IObit\Advanced SystemCare 4\feedback.log

c:\program files\IObit\Advanced SystemCare 4\LatestNews\imagenews.png

c:\program files\IObit\Advanced SystemCare 4\LatestNews\LatestNews.ini

c:\program files\IObit\Advanced SystemCare 4\License.dat

c:\program files\IObit\Advanced SystemCare 4\ScanCache.db

c:\program files\IObit\Advanced SystemCare 4\tb.dat

c:\program files\IObit\Advanced SystemCare 4\Test.log

c:\program files\IObit\Advanced SystemCare 4\Update\Update.Ini

c:\program files\IObit\Advanced SystemCare 5\About.dll

c:\program files\IObit\Advanced SystemCare 5\ASC.exe

c:\program files\IObit\Advanced SystemCare 5\ASCInit.exe

c:\program files\IObit\Advanced SystemCare 5\ASCInit.log

c:\program files\IObit\Advanced SystemCare 5\ASCService.exe

c:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-05-16.log

c:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-06-16.log

c:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-10-05.log

c:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-10-06.log

c:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-17.log

c:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2013-02-15.log

c:\program files\IObit\Advanced SystemCare 5\ASCTooltips.exe

c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe

c:\program files\IObit\Advanced SystemCare 5\ASCUpgrade.exe

c:\program files\IObit\Advanced SystemCare 5\ASCv5ComputerMenu.dll

c:\program files\IObit\Advanced SystemCare 5\ASCv5ComputerMenu_64.dll

c:\program files\IObit\Advanced SystemCare 5\ASCv5ExtMenu.dll

c:\program files\IObit\Advanced SystemCare 5\ASCv5ExtMenu.tmp

c:\program files\IObit\Advanced SystemCare 5\ASCv5ExtMenu_64.dll

c:\program files\IObit\Advanced SystemCare 5\AutoCare.exe

c:\program files\IObit\Advanced SystemCare 5\AutoSweep.exe

c:\program files\IObit\Advanced SystemCare 5\AutoUpdate.exe

c:\program files\IObit\Advanced SystemCare 5\Boottime\path.ini

c:\program files\IObit\Advanced SystemCare 5\BootTimeLog\Defrag2011-11-28(16-41-41).log

c:\program files\IObit\Advanced SystemCare 5\checkinfo.txt

c:\program files\IObit\Advanced SystemCare 5\datastate.dll

c:\program files\IObit\Advanced SystemCare 5\DelayLoad.exe

c:\program files\IObit\Advanced SystemCare 5\diskhelper.dll

c:\program files\IObit\Advanced SystemCare 5\DiskMap.dll

c:\program files\IObit\Advanced SystemCare 5\DiskScan.exe

c:\program files\IObit\Advanced SystemCare 5\drivers\win7_amd64\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 5\drivers\win7_x86\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 5\drivers\wlh_amd64\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 5\drivers\wlh_x86\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 5\drivers\wnet_amd64\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 5\drivers\wnet_x86\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 5\drivers\wxp_amd64\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 5\drivers\wxp_x86\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 5\dxhelper.dll

c:\program files\IObit\Advanced SystemCare 5\fav.ico

c:\program files\IObit\Advanced SystemCare 5\FfSweep.dll

c:\program files\IObit\Advanced SystemCare 5\IObitCommunities.exe

c:\program files\IObit\Advanced SystemCare 5\IObitLogon.dll

c:\program files\IObit\Advanced SystemCare 5\LatestNews\imagenews.png

c:\program files\IObit\Advanced SystemCare 5\LatestNews\LatestNews.ini

c:\program files\IObit\Advanced SystemCare 5\License.dat

c:\program files\IObit\Advanced SystemCare 5\NtfsData.dll

c:\program files\IObit\Advanced SystemCare 5\OFCommon.dll

c:\program files\IObit\Advanced SystemCare 5\OFCommon3.dll

c:\program files\IObit\Advanced SystemCare 5\PerformUpdate.exe

c:\program files\IObit\Advanced SystemCare 5\PMonitor.exe

c:\program files\IObit\Advanced SystemCare 5\Promote.exe

c:\program files\IObit\Advanced SystemCare 5\Register.exe

c:\program files\IObit\Advanced SystemCare 5\Reminder.exe

c:\program files\IObit\Advanced SystemCare 5\Report.exe

c:\program files\IObit\Advanced SystemCare 5\RescueCenter.exe

c:\program files\IObit\Advanced SystemCare 5\Scan.dll

c:\program files\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2656368.exe

c:\program files\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2656370.exe

c:\program files\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2656374.cab

c:\program files\IObit\Advanced SystemCare 5\SecurityHoleScan.log

c:\program files\IObit\Advanced SystemCare 5\sh.dat

c:\program files\IObit\Advanced SystemCare 5\sqlite3.dll

c:\program files\IObit\Advanced SystemCare 5\Suc10_RegistryCleaner.exe

c:\program files\IObit\Advanced SystemCare 5\Suc11_PrivacySweeper.exe

c:\program files\IObit\Advanced SystemCare 5\Suc12_Uninstal.exe

c:\program files\IObit\Advanced SystemCare 5\Suc13_DiskCleaner.exe

c:\program files\IObit\Advanced SystemCare 5\Suc14_FileShredder.exe

c:\program files\IObit\Advanced SystemCare 5\Sun10_ClonedFilesScanner.exe

c:\program files\IObit\Advanced SystemCare 5\Sun11_AutoShutdown.exe

c:\program files\IObit\Advanced SystemCare 5\Sun12_DiskExplorer.exe

c:\program files\IObit\Advanced SystemCare 5\Sun13_SystemInformation.exe

c:\program files\IObit\Advanced SystemCare 5\Sun14_EmptyFolderScanner.exe

c:\program files\IObit\Advanced SystemCare 5\Sun15_SystemControl.exe

c:\program files\IObit\Advanced SystemCare 5\Suo10_SmartRAM.exe

c:\program files\IObit\Advanced SystemCare 5\Suo11_InternetBooster.exe

c:\program files\IObit\Advanced SystemCare 5\Suo12_StartupManager.exe

c:\program files\IObit\Advanced SystemCare 5\Suo13_RegistryDefrag.exe

c:\program files\IObit\Advanced SystemCare 5\Suo14_SmartDefrag.exe

c:\program files\IObit\Advanced SystemCare 5\Suo15_GameBooster.exe

c:\program files\IObit\Advanced SystemCare 5\Sur10_Undelete.exe

c:\program files\IObit\Advanced SystemCare 5\Sur11_ShortcutFixer.exe

c:\program files\IObit\Advanced SystemCare 5\Sur12_DiskDoctor.exe

c:\program files\IObit\Advanced SystemCare 5\Sur13_WinFix.exe

c:\program files\IObit\Advanced SystemCare 5\Sur14_IEHelper.exe

c:\program files\IObit\Advanced SystemCare 5\Sus10_SysExplorer.exe

c:\program files\IObit\Advanced SystemCare 5\Sus11_SecurityHolesScanner.exe

c:\program files\IObit\Advanced SystemCare 5\Sus12_ProcessManager.exe

c:\program files\IObit\Advanced SystemCare 5\Sus13_DriverManager.exe

c:\program files\IObit\Advanced SystemCare 5\taskmgr.dll

c:\program files\IObit\Advanced SystemCare 5\TbFfSweep.dll

c:\program files\IObit\Advanced SystemCare 5\TbFileSweep.dll

c:\program files\IObit\Advanced SystemCare 5\ToolBox.exe

c:\program files\IObit\Advanced SystemCare 5\TurboBoost.exe

c:\program files\IObit\Advanced SystemCare 5\Undelete.dll

c:\program files\IObit\Advanced SystemCare 5\unins000.exe

c:\program files\IObit\Advanced SystemCare 5\UninstallPromote.exe

c:\program files\IObit\Advanced SystemCare 5\Update\LastCheck.Ini

c:\program files\IObit\Advanced SystemCare 5\Update\Update.Ini

c:\program files\IObit\Advanced SystemCare 5\UpdateHistory.txt

c:\program files\IObit\Advanced SystemCare 5\UPdateTest.log

c:\program files\IObit\Advanced SystemCare 5\UpgradeTip.exe

c:\program files\IObit\Advanced SystemCare 5\WebUI.dll

c:\program files\IObit\Advanced SystemCare 5\Wizard.exe

c:\program files\IObit\Advanced SystemCare 5\zlibwapi.dll

c:\program files\IObit\Advanced SystemCare 6\About.dll

c:\program files\IObit\Advanced SystemCare 6\ActionCenterDownloader.exe

c:\program files\IObit\Advanced SystemCare 6\ASC.exe

c:\program files\IObit\Advanced SystemCare 6\ASCComputerMenu.dll

c:\program files\IObit\Advanced SystemCare 6\ASCComputerMenu_64.dll

c:\program files\IObit\Advanced SystemCare 6\ASCDownload.exe

c:\program files\IObit\Advanced SystemCare 6\ASCExtMenu.dll

c:\program files\IObit\Advanced SystemCare 6\ASCExtMenu_64.dll

c:\program files\IObit\Advanced SystemCare 6\ASCInit.exe

c:\program files\IObit\Advanced SystemCare 6\ASCInit.log

c:\program files\IObit\Advanced SystemCare 6\ASCService.exe

c:\program files\IObit\Advanced SystemCare 6\ASCService_Log.txt

c:\program files\IObit\Advanced SystemCare 6\ASCTooltips.exe

c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe

c:\program files\IObit\Advanced SystemCare 6\ASCUpgrade.exe

c:\program files\IObit\Advanced SystemCare 6\AutoCare.exe

c:\program files\IObit\Advanced SystemCare 6\AutoSweep.exe

c:\program files\IObit\Advanced SystemCare 6\AutoUpdate.exe

c:\program files\IObit\Advanced SystemCare 6\AutoUpdate.log

c:\program files\IObit\Advanced SystemCare 6\Boottime\BootTimeData\2013-02-17 21-03-51

c:\program files\IObit\Advanced SystemCare 6\Boottime\BootTimeData\2013-02-17 21-20-30

c:\program files\IObit\Advanced SystemCare 6\Boottime\BootTimeData\2013-02-18 00-39-50

c:\program files\IObit\Advanced SystemCare 6\Boottime\BootTimeData\2013-02-18 01-12-25

c:\program files\IObit\Advanced SystemCare 6\Boottime\path.ini

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ASCBrowserProtection.safariextz

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ascsurfingprotection@iobit.com\chrome.manifest

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.js

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.xul

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\imagemgr.js

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\languagemgr.js

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\popbox.css

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\protectpage.js

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\searchresultmgr.js

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\urlbaricon.js

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ascsurfingprotection@iobit.com\icon.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ascsurfingprotection@iobit.com\install.rdf

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ASCUrlScanner.dll

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\BrowserProtect.oex

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\errorpage.html

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\asc.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\icon_gray.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\ie_risk.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\ie_safe.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\ie_tip_details.gif

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\ie_wraningBg.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\popbox_btn_close.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\popbox_btn_ok.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\risk.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\risk_logo.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\safe.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\safe_logo.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\tip_details.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\window_risk.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\window_safe.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\wraningBg.png

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\NPASCSafariPluginProtect.dll

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\Safari_baidu_script.js

c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\script.js

c:\program files\IObit\Advanced SystemCare 6\cxLibraryD12.bpl

c:\program files\IObit\Advanced SystemCare 6\Database\ActiveBoost.db

c:\program files\IObit\Advanced SystemCare 6\Database\ASCSpecialUrl.db

c:\program files\IObit\Advanced SystemCare 6\Database\ASCThreatUrl.db

c:\program files\IObit\Advanced SystemCare 6\Database\Cus.dbd

c:\program files\IObit\Advanced SystemCare 6\Database\Def.dbd

c:\program files\IObit\Advanced SystemCare 6\Database\DriverData.db

c:\program files\IObit\Advanced SystemCare 6\Database\ignore.dbd

c:\program files\IObit\Advanced SystemCare 6\Database\Opt.dbd

c:\program files\IObit\Advanced SystemCare 6\Database\PriTemp.dbd

c:\program files\IObit\Advanced SystemCare 6\Database\Reg.dbd

c:\program files\IObit\Advanced SystemCare 6\Database\Restore.dbd

c:\program files\IObit\Advanced SystemCare 6\Database\TurboBoostGame.dbd

c:\program files\IObit\Advanced SystemCare 6\datastate.dll

c:\program files\IObit\Advanced SystemCare 6\DelayLoad.exe

c:\program files\IObit\Advanced SystemCare 6\DiskMap.dll

c:\program files\IObit\Advanced SystemCare 6\DiskScan.exe

c:\program files\IObit\Advanced SystemCare 6\Downloader.log

c:\program files\IObit\Advanced SystemCare 6\drivers\win7_amd64\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 6\drivers\win7_x86\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 6\drivers\wlh_amd64\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 6\drivers\wlh_x86\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 6\drivers\wnet_amd64\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 6\drivers\wnet_x86\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 6\drivers\wxp_amd64\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 6\drivers\wxp_x86\RegistryDefragBootTime.exe

c:\program files\IObit\Advanced SystemCare 6\dxBarD12.bpl

c:\program files\IObit\Advanced SystemCare 6\dxComnD12.bpl

c:\program files\IObit\Advanced SystemCare 6\dxCoreD12.bpl

c:\program files\IObit\Advanced SystemCare 6\dxDockingD12.bpl

c:\program files\IObit\Advanced SystemCare 6\dxGDIPlusD12.bpl

c:\program files\IObit\Advanced SystemCare 6\dxhelper.dll

c:\program files\IObit\Advanced SystemCare 6\dxSkinOffice2007BlueD12.bpl

c:\program files\IObit\Advanced SystemCare 6\dxSkinsCoreD12.bpl

c:\program files\IObit\Advanced SystemCare 6\dxThemeD12.bpl

c:\program files\IObit\Advanced SystemCare 6\EULA.rtf

c:\program files\IObit\Advanced SystemCare 6\Extensions.plist

c:\program files\IObit\Advanced SystemCare 6\fav.ico

c:\program files\IObit\Advanced SystemCare 6\FfSweep.dll

c:\program files\IObit\Advanced SystemCare 6\help.html

c:\program files\IObit\Advanced SystemCare 6\Images\icon_moresettings.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\icon_rescue.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\icon_skin.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\icon_tips.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\level_bad_short.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\level_general_short.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\level_good_short.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\main.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\pchealth.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\quciksettings.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\scaning.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\screen_actioncenter.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\screen_care.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\screen_smartscan.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\screen_toolbox.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\screen_turboboost.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\smart_deeply.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\smart_quick.jpg

c:\program files\IObit\Advanced SystemCare 6\Images\summary.jpg

c:\program files\IObit\Advanced SystemCare 6\InternetBooster.exe

c:\program files\IObit\Advanced SystemCare 6\IObitLogon.dll

c:\program files\IObit\Advanced SystemCare 6\Language\Arabic.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Belarusian.lng

c:\program files\IObit\Advanced SystemCare 6\Language\ChineseSimp.lng

c:\program files\IObit\Advanced SystemCare 6\Language\ChineseTrad.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Czech.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Danish.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Dutch.lng

c:\program files\IObit\Advanced SystemCare 6\Language\English.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Finnish.lng

c:\program files\IObit\Advanced SystemCare 6\Language\French.lng

c:\program files\IObit\Advanced SystemCare 6\Language\German.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Hungarian.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Italian.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Japanese.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Korean.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Polish.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Portuguese(PT-BR).lng

c:\program files\IObit\Advanced SystemCare 6\Language\Portuguese(PT-PT).lng

c:\program files\IObit\Advanced SystemCare 6\Language\Romanian.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Russian.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Serbian (cyrillic).lng

c:\program files\IObit\Advanced SystemCare 6\Language\Serbian (latin).lng

c:\program files\IObit\Advanced SystemCare 6\Language\Slovenian.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Spanish.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Swedish.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Turkish.lng

c:\program files\IObit\Advanced SystemCare 6\Language\Vietnamese.lng

c:\program files\IObit\Advanced SystemCare 6\LatestNews\imagenews.png

c:\program files\IObit\Advanced SystemCare 6\LatestNews\LatestNews.ini

c:\program files\IObit\Advanced SystemCare 6\madbasic_.bpl

c:\program files\IObit\Advanced SystemCare 6\maddisAsm_.bpl

c:\program files\IObit\Advanced SystemCare 6\madexcept_.bpl

c:\program files\IObit\Advanced SystemCare 6\Main.ini

c:\program files\IObit\Advanced SystemCare 6\Monitor.exe

c:\program files\IObit\Advanced SystemCare 6\newyear.exe

c:\program files\IObit\Advanced SystemCare 6\NtfsData.dll

c:\program files\IObit\Advanced SystemCare 6\OFCommon.dll

c:\program files\IObit\Advanced SystemCare 6\PerformUpdate.exe

c:\program files\IObit\Advanced SystemCare 6\PowerConfig.dll

c:\program files\IObit\Advanced SystemCare 6\QuickSettings.exe

c:\program files\IObit\Advanced SystemCare 6\Register.exe

c:\program files\IObit\Advanced SystemCare 6\Reminder.exe

c:\program files\IObit\Advanced SystemCare 6\Report.exe

c:\program files\IObit\Advanced SystemCare 6\RescueCenter.exe

c:\program files\IObit\Advanced SystemCare 6\rtl120.bpl

c:\program files\IObit\Advanced SystemCare 6\Scan.dll

c:\program files\IObit\Advanced SystemCare 6\sdcore.dll

c:\program files\IObit\Advanced SystemCare 6\sdlib.dll

c:\program files\IObit\Advanced SystemCare 6\SecurityHoleScan.log

c:\program files\IObit\Advanced SystemCare 6\SendBugReport.exe

c:\program files\IObit\Advanced SystemCare 6\skin\black.rcc

c:\program files\IObit\Advanced SystemCare 6\skin\classic.rcc

c:\program files\IObit\Advanced SystemCare 6\skin\public.rcc

c:\program files\IObit\Advanced SystemCare 6\skin\white.rcc

c:\program files\IObit\Advanced SystemCare 6\sqlite3.dll

c:\program files\IObit\Advanced SystemCare 6\Suc10_Uninstal.exe

c:\program files\IObit\Advanced SystemCare 6\Suc11_RegistryCleaner.exe

c:\program files\IObit\Advanced SystemCare 6\Suc12_DiskCleaner.exe

c:\program files\IObit\Advanced SystemCare 6\Suo10_SmartRAM.exe

c:\program files\IObit\Advanced SystemCare 6\Suo11_InternetBooster.exe

c:\program files\IObit\Advanced SystemCare 6\Suo12_StartupManager.exe

c:\program files\IObit\Advanced SystemCare 6\Suo13_RegistryDefrag.exe

c:\program files\IObit\Advanced SystemCare 6\Sur12_DiskDoctor.exe

c:\program files\IObit\Advanced SystemCare 6\Sur13_WinFix.exe

c:\program files\IObit\Advanced SystemCare 6\Sus10_SysExplorer.exe

c:\program files\IObit\Advanced SystemCare 6\taskmgr.dll

c:\program files\IObit\Advanced SystemCare 6\TbAppCaller.exe

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Arabic.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Belarusian.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\ChineseSimp.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\ChineseTrad.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Czech.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Danish.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Dutch.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\English.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Finnish.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\French.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\German.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Hungarian.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Italian.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Japanese.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Korean.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Polish.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Portuguese(PT-BR).lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Portuguese(PT-PT).lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Romanian.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Russian.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Serbian (cyrillic).lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Serbian (latin).lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Slovenian.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Spanish.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Swedish.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Turkish.lng

c:\program files\IObit\Advanced SystemCare 6\Toolbox_Language\Vietnamese.lng

c:\program files\IObit\Advanced SystemCare 6\unins000.dat

c:\program files\IObit\Advanced SystemCare 6\unins000.exe

c:\program files\IObit\Advanced SystemCare 6\unins000.msg

c:\program files\IObit\Advanced SystemCare 6\UninstallPromote.exe

c:\program files\IObit\Advanced SystemCare 6\Update History.txt

c:\program files\IObit\Advanced SystemCare 6\Update.txt

c:\program files\IObit\Advanced SystemCare 6\Update\Freeware.ini

c:\program files\IObit\Advanced SystemCare 6\Update\Toolbox.ini

c:\program files\IObit\Advanced SystemCare 6\Update\Update.ini

c:\program files\IObit\Advanced SystemCare 6\UpdateLicense.log

c:\program files\IObit\Advanced SystemCare 6\UpgradeTip.exe

c:\program files\IObit\Advanced SystemCare 6\vcl120.bpl

c:\program files\IObit\Advanced SystemCare 6\vclx120.bpl

c:\program files\IObit\Advanced SystemCare 6\webres.dll

c:\program files\IObit\Advanced SystemCare 6\Wizard.exe

c:\program files\IObit\Advanced WindowsCare V2\Backup\abkovw.reg

c:\program files\IObit\Advanced WindowsCare V2\Backup\Backup.ini

c:\program files\IObit\Advanced WindowsCare V2\Backup\dimxtp.reg

c:\program files\IObit\Advanced WindowsCare V2\Backup\dmsdcv.reg

c:\program files\IObit\Advanced WindowsCare V2\Backup\eqtehg.reg

c:\program files\IObit\Advanced WindowsCare V2\Backup\IgnoreList.ini

c:\program files\IObit\Advanced WindowsCare V2\Backup\nhdkrs.reg

c:\program files\IObit\Advanced WindowsCare V2\Backup\qgvmrg.reg

c:\program files\IObit\Advanced WindowsCare V2\Backup\ulqoru.reg

c:\program files\IObit\Advanced WindowsCare V2\Backup\veaypy.reg

c:\program files\IObit\Advanced WindowsCare V2\Backup\vmnhyy.reg

c:\program files\IObit\Advanced WindowsCare V2\Backup\xyttxr.reg

c:\program files\IObit\Advanced WindowsCare V2\Backup\ysoomz.reg

c:\program files\IObit\Advanced WindowsCare V2\Backup\zbkpvi.reg

c:\program files\IObit\Advanced WindowsCare V2\ErrorLog.txt

c:\program files\IObit\Advanced WindowsCare V2\Fav.ico

c:\program files\IObit\Advanced WindowsCare V2\Main.ini

c:\program files\IObit\IObit Malware Fighter\IMFShellExt.dll

c:\program files\IObit\IObit Malware Fighter\license.dat

c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2013-02-17-21-58 .txt

c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2013-02-18-00-45 .txt

c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2013-02-18-01-14 .txt

c:\program files\IObit\IObit Malware Fighter\log\scan\scan_2013-02-17-23-09 .txt

c:\program files\IObit\IObit Security 360\IS360DataBase.db

c:\program files\IObit\IObit Security 360\log\Scan\2009-09-13 16-45-36.log

c:\program files\IObit\IObit Security 360\Quarantine Zone\info.db

c:\program files\IObit\IObit Security 360\UpdateLog.txt

c:\program files\IObit\Smart Defrag 2\AutoUpdate.exe

c:\program files\IObit\Smart Defrag 2\drivers\win7_x64\SmartDefragBootTime.exe

c:\program files\IObit\Smart Defrag 2\drivers\win7_x64\SmartDefragDriver.sys

c:\program files\IObit\Smart Defrag 2\drivers\win7_x86\SmartDefragBootTime.exe

c:\program files\IObit\Smart Defrag 2\drivers\win7_x86\SmartDefragDriver.sys

c:\program files\IObit\Smart Defrag 2\drivers\win8_x64\SmartDefragBootTime.exe

c:\program files\IObit\Smart Defrag 2\drivers\win8_x64\SmartDefragDriver.sys

c:\program files\IObit\Smart Defrag 2\drivers\win8_x86\SmartDefragBootTime.exe

c:\program files\IObit\Smart Defrag 2\drivers\win8_x86\SmartDefragDriver.sys

c:\program files\IObit\Smart Defrag 2\drivers\wlh_x64\SmartDefragBootTime.exe

c:\program files\IObit\Smart Defrag 2\drivers\wlh_x64\SmartDefragDriver.sys

c:\program files\IObit\Smart Defrag 2\drivers\wlh_x86\SmartDefragBootTime.exe

c:\program files\IObit\Smart Defrag 2\drivers\wlh_x86\SmartDefragDriver.sys

c:\program files\IObit\Smart Defrag 2\drivers\wnet_x64\SmartDefragBootTime.exe

c:\program files\IObit\Smart Defrag 2\drivers\wnet_x64\SmartDefragDriver.sys

c:\program files\IObit\Smart Defrag 2\drivers\wnet_x86\SmartDefragBootTime.exe

c:\program files\IObit\Smart Defrag 2\drivers\wnet_x86\SmartDefragDriver.sys

c:\program files\IObit\Smart Defrag 2\drivers\wxp_x64\SmartDefragBootTime.exe

c:\program files\IObit\Smart Defrag 2\drivers\wxp_x64\SmartDefragDriver.sys

c:\program files\IObit\Smart Defrag 2\drivers\wxp_x86\SmartDefragBootTime.exe

c:\program files\IObit\Smart Defrag 2\drivers\wxp_x86\SmartDefragDriver.sys

c:\program files\IObit\Smart Defrag 2\EULA.rtf

c:\program files\IObit\Smart Defrag 2\fav.ico

c:\program files\IObit\Smart Defrag 2\Freeware\ASC_FreeSoftwareDownloader.exe

c:\program files\IObit\Smart Defrag 2\Freeware\Check.dll

c:\program files\IObit\Smart Defrag 2\Freeware\SD_FreeSoftwareDownloader.exe

c:\program files\IObit\Smart Defrag 2\Help\Images\001.jpg

c:\program files\IObit\Smart Defrag 2\Help\Images\002.jpg

c:\program files\IObit\Smart Defrag 2\Help\Images\003.jpg

c:\program files\IObit\Smart Defrag 2\Help\Images\004.jpg

c:\program files\IObit\Smart Defrag 2\Help\Images\005.jpg

c:\program files\IObit\Smart Defrag 2\Help\Images\006.jpg

c:\program files\IObit\Smart Defrag 2\Help\Images\007.jpg

c:\program files\IObit\Smart Defrag 2\Help\Images\008.jpg

c:\program files\IObit\Smart Defrag 2\Help\Images\009.jpg

c:\program files\IObit\Smart Defrag 2\Help\Index.html

c:\program files\IObit\Smart Defrag 2\Language\Albanian.lng

c:\program files\IObit\Smart Defrag 2\Language\Arabic.lng

c:\program files\IObit\Smart Defrag 2\Language\Bulgarian.lng

c:\program files\IObit\Smart Defrag 2\Language\ChineseSimp.lng

c:\program files\IObit\Smart Defrag 2\Language\ChineseTrad.lng

c:\program files\IObit\Smart Defrag 2\Language\Czech.lng

c:\program files\IObit\Smart Defrag 2\Language\Danish.lng

c:\program files\IObit\Smart Defrag 2\Language\Dutch.lng

c:\program files\IObit\Smart Defrag 2\Language\English.lng

c:\program files\IObit\Smart Defrag 2\Language\Finnish.lng

c:\program files\IObit\Smart Defrag 2\Language\Flemish.lng

c:\program files\IObit\Smart Defrag 2\Language\French.lng

c:\program files\IObit\Smart Defrag 2\Language\Georgian.lng

c:\program files\IObit\Smart Defrag 2\Language\German.lng

c:\program files\IObit\Smart Defrag 2\Language\Greek.lng

c:\program files\IObit\Smart Defrag 2\Language\Hebrew.lng

c:\program files\IObit\Smart Defrag 2\Language\Hungarian.lng

c:\program files\IObit\Smart Defrag 2\Language\Indonesia.lng

c:\program files\IObit\Smart Defrag 2\Language\Italian.lng

c:\program files\IObit\Smart Defrag 2\Language\Italiano.lng

c:\program files\IObit\Smart Defrag 2\Language\Japanese.lng

c:\program files\IObit\Smart Defrag 2\Language\Kashubian.lng

c:\program files\IObit\Smart Defrag 2\Language\Korean.lng

c:\program files\IObit\Smart Defrag 2\Language\Kurdish.lng

c:\program files\IObit\Smart Defrag 2\Language\Malay.lng

c:\program files\IObit\Smart Defrag 2\Language\Malayalam.lng

c:\program files\IObit\Smart Defrag 2\Language\Norwegian.lng

c:\program files\IObit\Smart Defrag 2\Language\Polish.lng

c:\program files\IObit\Smart Defrag 2\Language\Portuguese(PT-BR).lng

c:\program files\IObit\Smart Defrag 2\Language\Portuguese(PT-PT).lng

c:\program files\IObit\Smart Defrag 2\Language\Romanian.lng

c:\program files\IObit\Smart Defrag 2\Language\Russian.lng

c:\program files\IObit\Smart Defrag 2\Language\Serbian.lng

c:\program files\IObit\Smart Defrag 2\Language\Slovak.lng

c:\program files\IObit\Smart Defrag 2\Language\Slovenian.lng

c:\program files\IObit\Smart Defrag 2\Language\Spanish.lng

c:\program files\IObit\Smart Defrag 2\Language\Swedish.lng

c:\program files\IObit\Smart Defrag 2\Language\Turkish.lng

c:\program files\IObit\Smart Defrag 2\Language\Ukrainian.lng

c:\program files\IObit\Smart Defrag 2\Language\Vietnamese.lng

c:\program files\IObit\Smart Defrag 2\LatestNews\LatestNews.ini

c:\program files\IObit\Smart Defrag 2\Log\SDBootTime_2013-02-18-00-36-50.log

c:\program files\IObit\Smart Defrag 2\madbasic_.bpl

c:\program files\IObit\Smart Defrag 2\maddisAsm_.bpl

c:\program files\IObit\Smart Defrag 2\madexcept_.bpl

c:\program files\IObit\Smart Defrag 2\NtfsData.dll

c:\program files\IObit\Smart Defrag 2\rtl120.bpl

c:\program files\IObit\Smart Defrag 2\SDDriverMgr.dll

c:\program files\IObit\Smart Defrag 2\SDInit.exe

c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Middle.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Shadow.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Disable.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Focus.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Center.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Checked.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Disable.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Unchecked.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Close_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Close_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\ColumnDivider.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\ColumnHeader.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Bottom_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Bottom_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Top_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Top_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Disable.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Focus.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Disable.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Focus.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Bottom.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Left_Top.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Right_Top.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Top.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Hide.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Item_Selected.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Layout.ini

c:\program files\IObit\Smart Defrag 2\Skins\Black\line.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Logo.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Maximize_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Maximize_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Minimize_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Minimize_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\News_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\News_Middle.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\News_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Page_Body.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Disable.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Focus.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Middle.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Middle.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Restore_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Restore_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Setting_Text_Shadow.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Show.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Statistics.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Disable.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Focus.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Focus.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Title.png

c:\program files\IObit\Smart Defrag 2\Skins\Black\Top.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Middle.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Shadow.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Disable.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Focus.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\White\center.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Checked.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Disable.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Unchecked.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Close_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Close_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\White\ColumnDivider.png

c:\program files\IObit\Smart Defrag 2\Skins\White\ColumnHeader.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Bottom_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Bottom_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Top_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Top_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Disable.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Focus.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Disable.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Focus.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Bottom.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Left_Top.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Right_Top.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Top.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Hide.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Item_Selected.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Layout.ini

c:\program files\IObit\Smart Defrag 2\Skins\White\line.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Logo.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Maximize_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Maximize_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Minimize_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Minimize_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\White\News_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\White\News_Middle.png

c:\program files\IObit\Smart Defrag 2\Skins\White\News_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Page_Body.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Disable.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Focus.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Middle.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Left.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Middle.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Right.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Restore_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Restore_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Setting_Text_Shadow.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Show.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Statistics.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Disable.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Focus.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Focus.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Hot.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Normal.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Title.png

c:\program files\IObit\Smart Defrag 2\Skins\White\Top.png

c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe

c:\program files\IObit\Smart Defrag 2\taskMgr.dll

c:\program files\IObit\Smart Defrag 2\TaskSchedule.exe

c:\program files\IObit\Smart Defrag 2\unins000.dat

c:\program files\IObit\Smart Defrag 2\unins000.exe

c:\program files\IObit\Smart Defrag 2\unins000.msg

c:\program files\IObit\Smart Defrag 2\UninstallPromote.exe

c:\program files\IObit\Smart Defrag 2\Update\Update.Ini

c:\program files\IObit\Smart Defrag 2\vcl120.bpl

c:\program files\IObit\Smart Defrag 2\vclx120.bpl

c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}

c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}\desktop.ini

c:\programdata\ErrorEND

c:\users\Master Account\AppData\Roaming\Dropbox

c:\users\Master Account\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

c:\users\Master Account\AppData\Roaming\GlarySoft

c:\users\Master Account\AppData\Roaming\GlarySoft\Glary Utilities\Backups\41329.0327733449

c:\users\Master Account\AppData\Roaming\GlarySoft\Glary Utilities\Backups\index.ini

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_AdvancedSystemCareService5

-------\Service_AdvancedSystemCareService6

.

.

((((((((((((((((((((((((( Files Created from 2013-02-03 to 2013-03-03 )))))))))))))))))))))))))))))))

.

.

2013-03-03 22:40 . 2013-03-03 22:54 -------- d-----w- c:\users\Master Account\AppData\Local\temp

2013-03-03 22:40 . 2013-03-03 22:40 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-03-03 22:40 . 2013-03-03 22:40 -------- d-----w- c:\users\Carmen\AppData\Local\temp

2013-03-03 22:40 . 2013-03-03 22:40 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2013-03-03 07:55 . 2013-02-28 08:36 163784 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-03-03 07:55 . 2013-02-28 08:36 49320 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-03-01 08:55 . 2013-03-01 08:55 -------- d-----w- c:\programdata\OmniTechSupport

2013-03-01 03:13 . 2013-03-01 03:18 -------- d-----w- C:\49465d10f274cd4f2f9c

2013-03-01 01:43 . 2013-03-01 01:43 -------- d-----w- c:\users\Master Account\AppData\Local\ElevatedDiagnostics

2013-02-28 23:11 . 2013-02-28 23:11 -------- d-----w- c:\users\Administrator\AppData\Local\Google

2013-02-28 21:22 . 2013-02-28 21:22 -------- d-----w- c:\users\Master Account\AppData\Roaming\RoboForm

2013-02-28 21:19 . 2013-02-28 21:19 -------- d-----w- c:\programdata\RoboForm

2013-02-28 21:19 . 2013-02-28 21:19 -------- d-----w- c:\program files\Siber Systems

2013-02-26 05:07 . 2013-02-26 05:08 -------- d-----w- C:\MGADiagToolOutput

2013-02-26 04:14 . 2013-02-26 04:14 -------- d-----w- c:\programdata\Kaspersky Lab

2013-02-25 05:43 . 2012-12-14 22:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-02-25 05:21 . 2013-02-28 08:36 29880 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2013-02-25 05:21 . 2013-02-28 08:36 368248 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-02-25 05:21 . 2013-02-28 08:36 49832 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2013-02-25 05:21 . 2013-02-28 08:36 62448 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2013-02-25 05:21 . 2013-02-28 08:36 765808 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-02-25 05:21 . 2013-02-28 08:36 66408 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-02-25 05:20 . 2013-02-28 08:36 41664 ----a-w- c:\windows\avastSS.scr

2013-02-25 05:20 . 2013-02-28 08:35 228600 ----a-w- c:\windows\system32\aswBoot.exe

2013-02-25 05:19 . 2013-03-01 07:14 -------- d-----w- c:\programdata\AVAST Software

2013-02-25 05:19 . 2013-03-01 07:14 -------- d-----w- c:\program files\AVAST Software

2013-02-24 05:25 . 2013-02-24 05:25 -------- d-----w- c:\users\Master Account\AppData\Local\Microsoft Corporation

2013-02-24 05:22 . 2013-02-24 05:22 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor

2013-02-24 04:01 . 2013-02-24 04:01 -------- d-----w- c:\users\Master Account\AppData\Local\FixItCenter

2013-02-24 03:19 . 2013-02-24 03:19 -------- d-----w- c:\program files\CCleaner

2013-02-24 02:13 . 2013-02-24 02:13 -------- d-----w- c:\programdata\WindowsSearch

2013-02-23 23:13 . 2013-03-01 07:14 -------- d-----w- c:\users\Master Account\AppData\Roaming\OmniTechSupport

2013-02-23 23:12 . 2012-11-09 21:30 16752 ----a-w- c:\windows\system32\roboot.exe

2013-02-23 23:12 . 2012-06-08 17:35 17136 ----a-w- c:\windows\system32\sasnative32.exe

2013-02-23 18:59 . 2013-02-23 18:59 -------- d-----w- c:\programdata\GFI Software

2013-02-23 08:49 . 2013-02-23 08:49 -------- d-----w- c:\users\Administrator\Tracing

2013-02-23 08:46 . 2013-02-23 08:46 -------- d-----w- c:\users\Administrator\AppData\Roaming\AOL

2013-02-18 11:46 . 2013-02-18 11:46 -------- d-----w- c:\windows\CheckSur

2013-02-18 06:27 . 2013-02-18 06:27 -------- d-----w- c:\programdata\Geek Squad

2013-02-18 05:50 . 2013-02-24 05:45 -------- d-----w- c:\programdata\WRData

2013-02-18 05:43 . 2013-03-01 06:45 -------- d-----w- c:\users\Master Account\AppData\Local\LogMeIn Rescue Applet

2013-02-18 03:42 . 2012-05-09 00:35 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe

2013-02-18 03:42 . 2010-11-27 00:02 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys

2013-02-18 03:27 . 2013-02-18 03:27 -------- d-----w- c:\windows\MATS

2013-02-18 03:27 . 2013-02-18 03:27 -------- d-----w- c:\program files\Microsoft Fix it Center

2013-02-18 01:39 . 2013-02-23 19:29 -------- d-----w- c:\programdata\PCPitstop

2013-02-18 01:38 . 2013-02-23 19:29 -------- d-----w- c:\program files\PCPitstop

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-02-23 21:07 . 2007-09-14 03:44 319456 ----a-w- c:\windows\DIFxAPI.dll

2013-02-23 19:49 . 2012-07-02 00:53 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-02-23 19:48 . 2011-06-24 02:14 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-23 19:27 . 2008-08-01 20:43 87608 ----a-w- c:\users\Master Account\AppData\Roaming\inst.exe

2013-02-23 19:27 . 2006-12-31 20:03 47360 -c--a-w- c:\users\Master Account\AppData\Roaming\pcouffin.sys

2012-06-14 22:20 . 2012-07-02 01:34 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-02-28 08:35 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2013-03-03 96056]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-02-28 4767304]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableInstallerDetection"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2007-01-11 19:20 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]

backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^KODAK Software Updater.lnk]

backup=c:\windows\pss\KODAK Software Updater.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]

backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]

backup=c:\windows\pss\Kodak EasyShare software.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Master Account^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CNET TechTracker.lnk]

backup=c:\windows\pss\CNET TechTracker.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

2007-03-09 16:09 63712 -c--a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]

2007-03-15 20:57 106496 ----a-w- c:\program files\Apoint\Apoint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

2010-03-13 19:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Conime]

2009-04-11 06:27 69120 ----a-w- c:\windows\System32\conime.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2006-11-02 09:45 8704 ----a-w- c:\windows\System32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]

2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]

2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

2006-12-13 22:19 106496 ----a-w- c:\windows\System32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]

2006-11-20 21:36 43128 ----a-w- c:\program files\Sony\ISB Utility\ISBMgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PartSeal]

2003-04-20 04:08 28672 -c--a-w- c:\windows\SONYSYS\VAIO Recovery\PartSeal.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

2006-12-13 22:17 81920 ----a-w- c:\windows\System32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-10-24 20:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2006-12-04 05:06 26112 -c--a-w- c:\program files\Real\RealPlayer\realplay.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]

2007-02-05 15:11 476728 ----a-w- c:\progra~1\Sony\SONICS~1\SSAAD.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Recovery]

2003-04-20 04:08 28672 -c--a-w- c:\windows\SONYSYS\VAIO Recovery\PartSeal.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOApps]

2007-01-04 23:38 16440 ----a-r- c:\vaioapps\ShellApp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]

2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]

2006-11-02 09:45 215552 ----a-w- c:\windows\WindowsMobile\wmdSync.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WPCUMI]

2006-11-02 12:35 176128 ----a-w- c:\windows\System32\wpcumi.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"aawservice"=2 (0x2)

"AOL ACS"=2 (0x2)

"AOL TopSpeedMonitor"=2 (0x2)

"Image Converter video recording monitor for VAIO Entertainment"=3 (0x3)

"ose"=3 (0x3)

"SonicStageMonitoring"=2 (0x2)

"SSScsiSV"=3 (0x3)

"usnjsvc"=3 (0x3)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]

"Apoint"=c:\program files\Apoint\Apoint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-02-26 14:08 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-03-03 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-02 19:49]

.

2013-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-23 19:49]

.

2013-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-23 19:49]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = localhost;<local>

IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office14\EXCEL.EXE/3000

IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html

IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html

IE: Se&nd to OneNote - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105

IE: Show avast! EasyPass Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

FF - ProfilePath - c:\users\Master Account\AppData\Roaming\Mozilla\Firefox\Profiles\0uutxuxw.default\

FF - ExtSQL: 2013-03-01 17:11; ascsurfingprotection@iobit.com; c:\users\Master Account\AppData\Roaming\Mozilla\Firefox\Profiles\0uutxuxw.default\extensions\ascsurfingprotection@iobit.com

FF - ExtSQL: !HIDDEN! 2009-07-22 01:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - user.js: browser.cache.memory.capacity - 16000

FF - user.js: browser.chrome.favicons - fales

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.max.tokenizing.time - 3000000

FF - user.js: content.maxtextrun - 4095

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 1000000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 1000000

FF - user.js: dom.disable_window_status_change - true

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 1000

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-Advanced SystemCare 6_is1 - c:\program files\IObit\Advanced SystemCare 6\unins000.exe

AddRemove-Smart Defrag 2_is1 - c:\program files\IObit\Smart Defrag 2\unins000.exe

.

.

.

**************************************************************************

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files:

.

**************************************************************************

.

------------------------ Other Running Processes ------------------------

.

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\Windows Media Player\wmpnetwk.exe

.

**************************************************************************

.

Completion time: 2013-03-03 16:59:21 - machine was rebooted

ComboFix-quarantined-files.txt 2013-03-03 22:59

ComboFix2.txt 2013-03-03 10:56

.

Pre-Run: 20,567,392,256 bytes free

Post-Run: 20,459,360,256 bytes free

.

- - End Of File - - CE178228DBDA098F306399A26E50490B

Share this post


Link to post
Share on other sites

Things look better somewhat...tell me how it runs now and what issues remain. Thanks!

Share this post


Link to post
Share on other sites

I can't really see a difference as of now but initaily my post was because of my Window Update and Software Licensing Service not working. I talked to Microsoft and they told me I had a "polymorphic" virus. So, this is why I am here to cleanse my system. I feel much better now with your time and support but upon checking my Window Update and other Windows tools it is still the same. Not working. Other than that, computer is good. If you have any other advice regarding this please do let me know I did make a forum thread on a Windows Validation forum, no luck either. I've been back and forth with them and you :) If you have no other answers or suggestions for this I will have to reinstall Windows Vista. Again, thanks for everything and I will keep you posted if anything else comes up.

Share this post


Link to post
Share on other sites

I can't really see a difference as of now but initaily my post was because of my Window Update and Software Licensing Service not working. I talked to Microsoft and they told me I had a "polymorphic" virus. So, this is why I am here to cleanse my system. I feel much better now with your time and support but upon checking my Window Update and other Windows tools it is still the same. Not working. Other than that, computer is good. If you have any other advice regarding this please do let me know I did make a forum thread on a Windows Validation forum, no luck either. I've been back and forth with them and you :) If you have no other answers or suggestions for this I will have to reinstall Windows Vista. Again, thanks for everything and I will keep you posted if anything else comes up.

I won't insist that Microsoft is wrong about that but...I see no evidence of it in any of the logs you produced, neither have you really complained of anything that indicates a "virut" (polymorphic file infector virus) infection.

As with various "other" malicious codes that can infect a Windows platform, many of them can produce the type of symptoms you HAVE complained of, i.e. Windows update not working, Windows activation issues...

However, in that event, it is Microsoft who needs to counsel you regarding their recommendation(s) to resolve the Windows activation (validation) issue. That said, it would seem to me that you might feel as though you are being passed back and forth. I'm not suggesting you go back to Microsoft though, since it's rather foolish to expect different results when trying the same thing twice.

I would advise, that if you are able to reformat and reinstall the operating system, that it would be the best alternative to resolve your issue(s).

If you just want a second opinion, you can run through the instructions Here to see what turns up. Dr. WebCurit has been quite successful in identifying/removing/cleaning various virut infections of late, whereas, heretofore, a virut infection was pretty well, "game over" for most users.

Aside from that, I have no other advice but please do let us know what you decide and how it turns out for you.

Warm regards and best wishes,

vet

Share this post


Link to post
Share on other sites

Still with us RoadGuyXTL? Can you provide us with any information yet about your situation?

Share this post


Link to post
Share on other sites

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.