Jump to content

Malware, unable to open MBAM (second attempt)

shall12
 Share

Recommended Posts

shall12

shall12

Posted
Posted

I've uninstalled the non-compliant software and ran the diagnostic again. I apologize for not reading through the topic on piracy thoroughly with my first attempt.

Here is the updated data.

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16521

Run by Shayne at 2:18:00 on 2013-04-20

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.8104.5504 [GMT -4:00]

.

AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe

C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Trend Micro\Titanium\TiMiniService.exe

C:\Program Files\Intel\TurboBoost\TurboBoost.exe

C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files (x86)\CyberLink\Shared files\brs.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

D:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\CCleaner\CCleaner64.exe

C:\Users\Shayne\AppData\Local\Temp\~nsu.tmp\Au_.exe

C:\Users\Shayne\AppData\Local\Temp\~nsu.tmp\Bu_.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

mRun: [bCSSync] "D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRunOnce: [1] C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe /r /p

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

dRunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: Interfaces\{6ECBCF1D-F833-4EAD-89F5-90C2562EBF0B} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{6ECBCF1D-F833-4EAD-89F5-90C2562EBF0B}\14E454D4F4E454F5E4564777F627B6F513 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{6ECBCF1D-F833-4EAD-89F5-90C2562EBF0B}\24C61636B602B4E696768647027416D65637 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{6ECBCF1D-F833-4EAD-89F5-90C2562EBF0B}\3757E64786F627E6 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{6ECBCF1D-F833-4EAD-89F5-90C2562EBF0B}\D4F6861677B6D275966496 : DHCPNameServer = 142.222.64.11 142.222.64.12 66.28.0.45 66.28.0.61

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe

x64-Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"

x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"

x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3

x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe

x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll

x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Shayne\AppData\Roaming\Mozilla\Firefox\Profiles\07n8uhje.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll

FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Shayne\AppData\Roaming\Mozilla\Firefox\Profiles\07n8uhje.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\plugins\np-mswmp.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll

FF - plugin: D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false

============= SERVICES / DRIVERS ===============

.

R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-3-24 25960]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]

R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-3-24 379520]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2011-3-24 151552]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe [2010-11-25 52896]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-25 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-25 701512]

R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-26 241488]

R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-3-24 67664]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832]

R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-3-24 2655768]

R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-11-25 36000]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-11-25 298144]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-11-25 28832]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-11-25 201376]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-11-25 55456]

R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-11-25 154272]

R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-11-25 275616]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-12-13 138024]

R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;C:\Windows\System32\drivers\evolve.sys [2012-7-31 21656]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-14 317440]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-8-24 76912]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-5-7 25928]

S2 CLKMSVC10_38F51D56;CyberLink Product - 2011/03/24 12:13:25;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-12 241648]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]

S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-3-24 267480]

S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-7-6 131912]

S3 EvoSvc;Evolve Service;D:\Program Files\Echobit\Evolve\EvoSvc.exe [2012-7-31 1511448]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-21 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-10-15 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-14 1255736]

S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-8-29 2369960]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-04-19 18:53:48 -------- d-----w- C:\Users\Shayne\AppData\Local\{9180B642-90EA-4329-A632-DD219D9F31A4}

2013-04-19 05:45:51 -------- d-----w- C:\Users\Shayne\AppData\Local\{B1DA157A-31F4-458B-8AD2-3828F9C18F04}

2013-04-18 17:45:01 -------- d-----w- C:\Users\Shayne\AppData\Local\{DF952214-DC38-4D1A-9D0A-D71610DA5A13}

2013-04-18 05:44:10 -------- d-----w- C:\Users\Shayne\AppData\Local\{E789D4BE-6489-477D-A0BE-96D38DEEDCB2}

2013-04-17 17:43:11 -------- d-----w- C:\Users\Shayne\AppData\Local\{CBA6BE81-46F4-4FF7-901D-6A39E73C0D71}

2013-04-17 15:43:14 -------- d-----w- C:\Users\Shayne\AppData\Local\{22189725-3AC8-4A0C-8742-2B4EA6B3A93F}

2013-04-17 01:55:20 -------- d-----w- C:\Users\Shayne\AppData\Local\{3B80B611-4035-4242-ACC1-FE0CAC77F5C4}

2013-04-16 16:50:38 -------- d-----w- C:\Users\Shayne\AppData\Local\{8DB98E32-CE8E-4AAB-8610-0DF113408E12}

2013-04-16 04:13:34 -------- d-----w- C:\Users\Shayne\AppData\Local\{3EB5EE73-24D7-4FAE-A55A-423721E8DDAA}

2013-04-15 16:12:41 -------- d-----w- C:\Users\Shayne\AppData\Local\{75873268-3781-4DBF-8A98-A4A653A8A2A1}

2013-04-14 03:51:14 -------- d-----w- C:\Users\Shayne\AppData\Local\{E5BF2C0B-09C4-4FB3-94F8-FDCBA156CD25}

2013-04-12 19:47:15 -------- d-----w- C:\Users\Shayne\AppData\Local\{C5FEA228-63E9-457C-B0C8-750D9E61AEE8}

2013-04-12 07:46:12 -------- d-----w- C:\Users\Shayne\AppData\Local\{14C1945B-8951-40A6-A935-24695E664F4F}

2013-04-11 19:45:20 -------- d-----w- C:\Users\Shayne\AppData\Local\{135A0BE6-1C2D-408D-B0E6-EED400D91A40}

2013-04-10 19:01:03 -------- d-----w- C:\Users\Shayne\AppData\Local\{4A0B7839-E00D-4C02-B40E-D238F31029CF}

2013-04-10 06:59:59 -------- d-----w- C:\Users\Shayne\AppData\Local\{9D9282DF-E59B-43EF-AE0B-4059D5916D4E}

2013-04-09 18:58:56 -------- d-----w- C:\Users\Shayne\AppData\Local\{EBEC5081-5918-484A-A1BC-6E73827190B1}

2013-04-08 18:19:34 -------- d-----w- C:\Users\Shayne\AppData\Local\{5B187570-9C9D-42F5-A6E9-B737DEAB08D2}

2013-04-07 21:56:21 -------- d-----w- C:\Users\Shayne\AppData\Local\{B41AEB99-3129-46AB-BD67-CCDAD01B5B22}

2013-04-07 07:32:52 -------- d-----w- C:\Users\Shayne\AppData\Local\{C3CEA66D-97E6-437B-B138-06B0C18047E6}

2013-04-06 18:05:48 -------- d-----w- C:\Users\Shayne\AppData\Local\{7A3507DD-A422-4B25-809A-9152BC965D4A}

2013-04-05 20:29:58 -------- d-----w- C:\Users\Shayne\AppData\Local\{ED10859A-A330-4E3F-A3EF-0EFFFD38C918}

2013-04-05 07:57:31 -------- d-----w- C:\Users\Shayne\AppData\Local\{94DCA393-F60C-4E24-A840-D31BD66126A3}

2013-04-04 19:56:40 -------- d-----w- C:\Users\Shayne\AppData\Local\{19518FAE-43C4-4CF7-8828-87D18AA5B02B}

2013-04-03 19:54:47 -------- d-----w- C:\Users\Shayne\AppData\Local\{93E53A51-2473-43A1-B1CB-14D675B293F7}

2013-04-03 07:52:13 -------- d-----w- C:\Users\Shayne\AppData\Local\{BF2183F0-CDD0-40CB-B0B0-9B5E75BA9B5D}

2013-04-02 20:37:36 306688 ----a-w- C:\Windows\IsUninst.exe

2013-04-02 19:51:10 -------- d-----w- C:\Users\Shayne\AppData\Local\{5A3D6D94-70B5-4324-A8ED-836EDCB1259E}

2013-04-02 07:57:48 -------- d-----r- C:\Program Files (x86)\Skype

2013-04-01 19:49:27 -------- d-----w- C:\Users\Shayne\AppData\Local\{C1DEAF6A-04F4-42CB-AFD8-9F53DF68581C}

2013-04-01 00:57:24 -------- d-----w- C:\Users\Shayne\AppData\Local\{A0A58AF6-BB04-41DA-AA05-F7EDDC540CD6}

2013-03-30 00:47:02 -------- d-----w- C:\Users\Shayne\AppData\Local\{100B7948-0D0D-4439-A9B4-246255024EBB}

2013-03-29 06:24:49 -------- d-----w- C:\Users\Shayne\AppData\Local\{1FC49C36-3DCD-40AC-9232-C74DAE508D27}

2013-03-28 18:23:45 -------- d-----w- C:\Users\Shayne\AppData\Local\{9687B8FD-AA19-4A72-8022-90D18CB42981}

2013-03-28 00:02:14 -------- d-----w- C:\Users\Shayne\AppData\Local\Warhammer Mark of Chaos

2013-03-27 20:27:37 -------- d-----w- C:\Users\Shayne\AppData\Local\{A624D681-0591-4535-8435-549158838C66}

2013-03-27 20:07:57 270336 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll

2013-03-27 20:07:57 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll

2013-03-27 20:07:56 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll

2013-03-27 20:07:56 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll

2013-03-27 20:07:56 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe

2013-03-27 20:07:56 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll

2013-03-27 20:07:56 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll

2013-03-27 19:44:54 -------- d-----w- C:\Program Files (x86)\NAMCO BANDAI Games

2013-03-27 08:26:34 -------- d-----w- C:\Users\Shayne\AppData\Local\{0028AC13-AED7-4E1B-94AA-E827E8072353}

2013-03-26 20:15:42 -------- d-----w- C:\Users\Shayne\AppData\Local\{BEAD0473-BEFC-4750-94F6-2DFB421250C9}

2013-03-26 02:43:54 -------- d-----w- C:\Users\Shayne\AppData\Local\{B18FBCE8-9BA8-4A58-B5F0-25C3A17B4BDE}

2013-03-25 20:56:33 -------- d-----w- C:\Users\Shayne\AppData\Local\{8B8FC5A9-BEEA-4446-9D5D-915479DB723F}

2013-03-25 06:37:33 -------- d-----w- C:\Users\Shayne\AppData\Local\{A048D440-5D94-4E61-BED4-A3C2E34E3121}

2013-03-24 18:36:50 -------- d-----w- C:\Users\Shayne\AppData\Local\{6D887E56-B075-4F6B-A04A-2638B5157693}

2013-03-24 05:48:53 -------- d-----w- C:\Users\Shayne\AppData\Local\{71E54A99-5EBD-4C6D-BFAA-0E74F8B07209}

2013-03-23 17:48:05 -------- d-----w- C:\Users\Shayne\AppData\Local\{33F5246E-4CE9-4093-9EC2-0045404FC92F}

2013-03-23 05:27:25 -------- d-----w- C:\Users\Shayne\AppData\Local\{4B9425E1-6CF1-4081-8C18-86D103B346C8}

2013-03-22 17:26:32 -------- d-----w- C:\Users\Shayne\AppData\Local\{3848E4C5-9353-4260-9E5C-74F98F9844BA}

2013-03-22 07:04:18 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-03-22 00:03:31 -------- d-----w- C:\Users\Shayne\AppData\Local\{87E149A9-E06B-4C81-BE63-C2EEC82F5D88}

.

==================== Find3M ====================

.

2013-04-04 18:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-22 07:04:18 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-03-20 18:02:54 45056 ----a-w- C:\Windows\System32\acovcnt.exe

2013-03-20 01:44:26 175616 ----a-w- C:\Windows\System32\msclmd.dll

2013-03-20 01:44:26 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2012-09-02 02:04:42 1387075 --sh--r- C:\Windows\ASUS\svcchost.exe

2012-09-02 02:09:57 1387075 --sh--r- C:\Windows\pt-PT\svcchost.exe

2012-09-02 02:03:35 1387075 --sh--r- C:\Windows\zh-TW\svcchost.exe

.

============= FINISH: 2:18:12.77 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 11/10/2011 2:54:24 AM

System Uptime: 19/04/2013 2:50:48 PM (12 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | K73SV

Processor: Intel® Core i7-2630QM CPU @ 2.00GHz | CPU 1 | 2001/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 149 GiB total, 30.06 GiB free.

D: is FIXED (NTFS) - 426 GiB total, 32.581 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP165: 02/04/2013 2:49:48 AM - Removed Skype™ 6.3

RP166: 02/04/2013 3:57:35 AM - Installed Skype™ 6.1

RP167: 03/04/2013 3:18:47 AM - Installed DirectX

RP168: 18/04/2013 4:14:10 AM - Scheduled Checkpoint

RP169: 20/04/2013 2:05:58 AM - Removed Wizards Event Reporter.

.

==== Installed Programs ======================

.

??????? Windows Live Mesh ActiveX ??(????)

??????? Windows Live Mesh ActiveX ???

AbiWord 2.8.6

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.01)

Alcor Micro USB Card Reader

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Assassin's Creed Revelations

ASUS AI Recovery

ASUS FancyStart

ASUS LifeFrame3

ASUS Live Update

ASUS Power4Gear Hybrid

ASUS SmartLogon

ASUS Splendid Video Enhancement Technology

ASUS Virtual Camera

ASUS WebStorage

AsusScr_K Series_ENG

AsusVibe2.0

Atheros WLAN and Bluetooth Client Installation Program

ATK Package

Blood Bowl: Chaos Edition

Bluetooth Win7 Suite (64)

Bookworm Deluxe

Borderlands

CCleaner

Coby Media Manager

Cockatrice

Complemento Messenger

Complément Messenger

Contrôle ActiveX Windows Live Mesh pour connexions à distance

Control ActiveX de Windows Live Mesh para conexiones remotas

Controlo ActiveX do Windows Live Mesh para Ligações Remotas

CyberLink LabelPrint

CyberLink Power2Go

CyberLink PowerDVD 10

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Defraggler

Desura

Desura: The Stanley Parable

Deus Ex - Human Revolution version 1.0

DivX H.264 decoder 8.2.0.26

Download Updater (AOL LLC)

DriverMax 5

Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.17.01.801

Endless Space

ETDWare PS/2-X64 8.0.5.0_WHQL

Evolve

Fallout New Vegas

Fast Boot

Free M4a to MP3 Converter 7.1

Free YouTube to MP3 Converter Studio 7.0

Galeria de Fotografias do Windows Live

Galerie de photos Windows Live

Galería fotográfica de Windows Live

Game Park Console

GIF Viewer 3.2 (v2)

Gnumeric Spreadsheet 1.10.16-20110616

GOM Player

GOMTV Streamer

Google Toolbar for Internet Explorer

Governor of Poker

Half-Life 2

Half-Life 2: Episode One

Hotel Dash Suite Success

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Turbo Boost Technology Monitor

iTunes

Java 7 Update 9

Java 6 Update 29

Java 6 Update 37 (64-bit)

JavaFX 2.1.0

Junk Mail filter update

League of Legends

LogMeIn Hamachi

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Messenger ????

Messenger ?????

Messenger Companion

Messenger Plus! 5

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4 Client Profile

Microsoft Age of Empires II

Microsoft Age of Empires II: The Conquerors Expansion

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 20.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

MTG GamePack for Magic Workstation

Nuance PDF Reader

NVIDIA Control Panel 266.86

NVIDIA Graphics Driver 266.86

NVIDIA Install Application

NVIDIA Optimus 1.0.18

NVIDIA PhysX

NVIDIA Update Components

Pando Media Booster

Planescape - Torment

Plants vs Zombies

Portal 2

PunkBuster Services

QuickTime

Realtek High Definition Audio Driver

Rise of the Witch-king Unofficial Patch 2.02d

Rise of the Witch King Unofficial Patch 2.02

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Sid Meier's Civilization V

Skype™ 6.1

Sonic Generations

Source SDK Base 2007

Star Wars Jedi Knight Jedi Academy

StarCraft

StarCraft II

Steam

Swiss Perfect 98

syncables desktop SE

Team Fortress 2

The Lord of the Rings, The Rise of the Witch-king

The Lord of the Rings: War in the North

The Walking Dead

The Walking Dead Episode 3 © TellTale Games version 1

Total Annihilation

Trend Micro Titanium Internet Security

Ubisoft Game Launcher

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

uTorrentControl2 Toolbar

VASSAL (3.1.18)

VASSAL (3.2.2)

Ventrilo Client

VLC media player 1.1.11

Warhammer 40,000 Space Marine

Warhammer Mark of Chaos

Warhammer Mark of Chaos Manual Patch

Windows Live

Windows Live ???

Windows Live ????

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinFlash

WinRAR 4.10 beta 1 (64-bit)

Wireless Console 3

.

==== Event Viewer Messages From Past Week ========

.

19/04/2013 4:26:49 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

19/04/2013 4:26:49 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================</orphaned></orphaned></orphaned></orphaned>

Log.zip

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Hello shall12,

Your logs showed some peer-to-peer filesharing apps: uTorrentControl2 Toolbar

Please confirm to me that you have Uninstall it along with any other "torrent" (so called) and any peer-to-peer filesharing program !

I do not recommend the use of P-2-P programs since such filesharing/downloading from unknown sources is one of the leading causes of transmission of malware.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

Forum policy on peer-to-peer-programs:

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

http://forums.malwarebytes.org/index.php?showtopic=97700

Step 2

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 3

To show all files:

  • Press Windows-key +R key on your keyboard to get RUN option.
  • Type in 
    explorer.exe

    and press Enter to start Windows Explorer.

  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 4

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

  1. Close any/all open internet browsers. Save any open documents you have open & close programs you started.
    On Windows 7, press Windows-key, then start typing in text box 
    Malwarebytes

    then select/click Malwarebytes Anti-Malware Chameleon

  2. Once the Help file opens, click on a Chameleon button (starting with #1)
  3. If running on Vista, Windows 7, press the Yes button when prompted at the UAC prompt to allow to run.
  4. You should see a black Command-prompt-window that remains open and says MBAM-chameleon at the top
  5. Press any key to continue as it says in the window {space-bar will do}
  6. If the Chameleon button you tried does not work, try the next Chameleon button shown. (There are 12 in all, but we only need for 1 to start running).
  7. Have infinite patience during this process
  8. Malwarebytes Chameleon will proceed to update Malwarebytes Anti-Malware, so ensure that you are connected to the internet if possible
  9. Once the update completes and it says your database is updated, click on OK button so that process can continue :excl:
  10. Malwarebytes Chameleon will then terminate any threats running in memory, which may take a while, so please be patient.
  11. After that, Malwarebytes Anti-Malware will open automatically and perform a Quick scan
  12. A quick scan will take a few minutes, possibly 5 or so minutes. Have infinite patience.
  13. Once the scan is complete, click on Show Results and remove any threats that are found by clicking Remove Selected
  14. If prompted to restart your computer to complete the removal process, click Yes :excl:
  15. If no threats are found, press OK button & press EXIT to end MBAM. Press the space-bar (or another key) to exit the command-prompt-window.
  16. After your computer restarts, open Malwarebytes Anti-Malware and perform one last Quick scan to verify that there are no remaining threats

When all done, Copy and Paste the mbam scan logs into a new reply

and tell me, How is the system now icon_question.gif

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept