Jump to content

Recommended Posts

Hi , i scan with JRT because i have many " Port Scanning Attacks " and when i scanning JRT says that a " Bad module was detected " and to reboot to remove the module , so i press yes , then reboot and JRT scan fnish , here is the log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by Chifo on 30/12/2013 at 11:34:23,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/12/2013 at 11:37:42,66
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
I am worried about that bad module , what can be do ? Thanks 
Link to post
Share on other sites

  • Root Admin

Hello and :welcome:

If you've not already done so please start here and post back the 2 log files DDS.txt and Attach.txt

P2P/Piracy Warning:
 

 
If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.




Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)




STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.


Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.



STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


 

Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate 

Boot Device: \Device\HarddiskVolume1

Install Date: 20/11/2013 13:49:30

System Uptime: 01/01/2014 19:07:52 (1 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. |  | GA-870A-USB3

Processor: AMD Phenom II X4 B60 Processor | Socket M2 | 3400/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 119 GiB total, 68,03 GiB free.

D: is FIXED (NTFS) - 931 GiB total, 907,339 GiB free.

E: is CDROM ()

F: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP33: 26/12/2013 14:50:47 - Installed @BIOS

RP34: 26/12/2013 15:08:51 - Installed @BIOS

RP35: 01/01/2014 19:00:25 - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727

RP36: 01/01/2014 19:00:48 - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727

.

==== Installed Programs ======================

.

@BIOS

Adobe Reader XI (11.0.05) - Español

AIDA64 Extreme v4.00

AMD Accelerated Video Transcoding

AMD Catalyst Control Center

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Fuel

AMD Media Foundation Decoders

AMD USB Filter Driver

AMD Wireless Display v3.0

Bitdefender Total Security

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

CPUID CPU-Z 1.67.1

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

Etron USB3.0 Host Controller

f.lux

Flopzilla

Google Chrome

Google Update Helper

Holdem Manager

Holdem Manager 2

KeePass Password Safe 2.24

KeyScrambler

Malwarebytes Anti-Malware versión 1.75.0.1300

Microsoft .NET Framework 4.5.1

Microsoft .NET Framework 4.5.1 (ESN)

Microsoft .NET Framework 4.5.1 (español)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 32-bit MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727

MPC-HC 1.7.1 (64-bit)

ON_OFF Charge B11.0110.1

Paint.NET v3.5.11

PokerStars

PokerStrategy.com Equilab

PostgreSQL 9.2 

Rainmeter

Realtek Ethernet Controller Driver

Realtek HDMI Audio Driver for ATI

Realtek High Definition Audio Driver

Samsung Magician

Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition

Security Update for Microsoft Outlook 2010 (KB2837597) 64-Bit Edition

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition

Skype™ 6.11

Software Logitech para juegos 8.51

Spotify

SpywareBlaster 5.0

SUPERAntiSpyware

TableNinja

TableScan Turbo v1.0.10

Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition

Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition

Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition

Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition

Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition

Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition

Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition

WinRAR 5.00 (64-bit)

.

==== Event Viewer Messages From Past Week ========

.

31/12/2013 20:27:23, Error: Service Control Manager [7001]  - El servicio Conexión compartida a Internet (ICS) depende del servicio Administrador de conexión de acceso remoto, el cual no pudo iniciarse debido al siguiente error:  No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.

31/12/2013 12:48:30, Error: Service Control Manager [7001]  - El servicio Conexión compartida a Internet (ICS) depende del servicio Administrador de conexión de acceso remoto, el cual no pudo iniciarse debido al siguiente error:  No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.

30/12/2013 22:40:07, Error: Service Control Manager [7001]  - El servicio Conexión compartida a Internet (ICS) depende del servicio Administrador de conexión de acceso remoto, el cual no pudo iniciarse debido al siguiente error:  No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.

01/01/2014 19:08:27, Error: Microsoft-Windows-DistributedCOM [10005]  - Error de DCOM "1068" al intentar iniciar el servicio SafeBox con argumentos "" para ejecutar el servidor: {F681ABD0-41DE-46C8-9ED3-D0F4EBA19111}

01/01/2014 19:08:07, Error: Service Control Manager [7001]  - El servicio Conexión compartida a Internet (ICS) depende del servicio Administrador de conexión de acceso remoto, el cual no pudo iniciarse debido al siguiente error:  No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.

01/01/2014 19:02:14, Error: Service Control Manager [7000]  - El servicio AODDriver4.2.0 no pudo iniciarse debido al siguiente error:  El sistema no puede encontrar el archivo especificado.

01/01/2014 18:35:14, Error: Service Control Manager [7001]  - El servicio Conexión compartida a Internet (ICS) depende del servicio Administrador de conexión de acceso remoto, el cual no pudo iniciarse debido al siguiente error:  No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.

01/01/2014 13:50:16, Error: Service Control Manager [7001]  - El servicio Conexión compartida a Internet (ICS) depende del servicio Administrador de conexión de acceso remoto, el cual no pudo iniciarse debido al siguiente error:  No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.

01/01/2014 11:52:16, Error: Service Control Manager [7001]  - El servicio Conexión compartida a Internet (ICS) depende del servicio Administrador de conexión de acceso remoto, el cual no pudo iniciarse debido al siguiente error:  No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.

.

==== End Of File ===========================
Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 

Run by Chifo at 20:20:14 on 2014-01-01

Microsoft Windows 7 Ultimate   6.1.7601.1.1252.34.3082.18.8190.6469 [GMT -3:00]

.

AV: Bitdefender Antivirus *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Bitdefender Antispyware *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

FW: Bitdefender Cortafuegos *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\Bitdefender\Bitdefender\vsserv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe

C:\Program Files\PostgreSQL\9.2\bin\postgres.exe

C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe

C:\Program Files\PostgreSQL\9.2\bin\postgres.exe

C:\Program Files\PostgreSQL\9.2\bin\postgres.exe

C:\Program Files\PostgreSQL\9.2\bin\postgres.exe

C:\Program Files\PostgreSQL\9.2\bin\postgres.exe

C:\Program Files\PostgreSQL\9.2\bin\postgres.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Bitdefender\Bitdefender\bdagent.exe

C:\Program Files\Logitech Gaming Software\LCore.exe

C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe

C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe

C:\Users\Chifo\AppData\Local\FluxSoftware\Flux\flux.exe

C:\Program Files\Rainmeter\Rainmeter.exe

C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe

C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Bitdefender\Bitdefender\seccenter.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank


mWinlogon: Userinit = C:\Windows\SysWOW64\Userinit.exe,

BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

uRun: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"

uRun: [Agente de aplicación Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

uRun: [f.lux] "C:\Users\Chifo\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow

mRun: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a

dRun: [bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"

dRun: [bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard

dRun: [Agente de aplicación Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

StartupFolder: C:\Users\Chifo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~1\Microsoft Office\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~1\Microsoft Office\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

TCP: NameServer = 200.42.4.207 200.49.130.44

TCP: Interfaces\{ABF73E47-1D58-4A04-AEA6-544B27F67DD2} : DHCPNameServer = 200.42.4.207 200.49.130.44

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-Run: [bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"

x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-6-27 82240]

R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-6-27 42304]

R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-11-20 727592]

R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-11-20 150256]

R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2013-11-20 21104]

R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2013-11-20 93600]

R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2013-11-20 103504]

R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2013-11-20 76944]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-10 144152]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-6 344064]

R2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2013-9-19 59648]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-30 418376]

R2 postgresql-x64-9.2;postgresql-x64-9.2 - PostgreSQL Server 9.2;C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N "postgresql-x64-9.2" -D "C:/Program Files/PostgreSQL/9.2/data" -w --> C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-x64-9.2 [?]

R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [2013-11-20 67320]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]

R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2013-11-20 261056]

R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-11-20 601360]

R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-11-20 283064]

R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-1-26 39808]

R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-1-26 64256]

R3 KeyScrambler;KeyScrambler;C:\Windows\System32\drivers\keyscrambler.sys [2013-11-20 222200]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-30 25928]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-11-20 413800]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-11-20 58536]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-30 701512]

S2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2013-11-20 94624]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]

S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2013-11-20 121928]

S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2013-11-20 82824]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-10 111616]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-20 20992]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-20 59392]

S3 WatAdminSvc;Servicio de tecnologías de activación de Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-20 1255736]

S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [2013-11-20 77632]

.

=============== Created Last 30 ================

.

2014-01-01 22:02:39 -------- d-----w- C:\Program Files (x86)\AMD AVT

2014-01-01 22:01:36 -------- d-----w- C:\Program Files\AMD

2013-12-26 17:50:44 25640 ----a-w- C:\Windows\gdrv.sys

2013-12-26 14:39:30 -------- d-----w- C:\Users\Chifo\AppData\Local\Hold'em_Manager

2013-12-26 14:19:47 -------- d-----w- C:\HM2Archive

2013-12-26 14:15:51 -------- d-----w- C:\Users\Chifo\AppData\Roaming\HoldemManager

2013-12-26 14:13:32 -------- d-----w- C:\Program Files (x86)\Holdem Manager 2

2013-12-20 22:30:26 -------- d-----w- C:\Users\Chifo\AppData\Local\Logitech

2013-12-20 22:30:12 -------- d-----w- C:\Users\Chifo\AppData\Local\CrashDumps

2013-12-20 22:28:43 -------- d-----w- C:\Program Files\Logitech Gaming Software

2013-12-20 22:28:15 -------- d-----w- C:\Users\Chifo\AppData\Roaming\Logishrd

2013-12-19 00:30:45 -------- d-----w- C:\UsbFix

2013-12-14 13:25:30 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-12-14 13:24:38 89304 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2013-12-11 15:23:35 -------- d-sh--w- C:\$RECYCLE.BIN

2013-12-10 22:57:59 335360 ----a-w- C:\Windows\System32\msieftp.dll

2013-12-09 16:15:10 -------- d-----w- C:\Program Files (x86)\GUM2145.tmp

2013-12-06 22:07:36 78432 ----a-w- C:\Windows\System32\atimpc64.dll

2013-12-06 22:07:36 78432 ----a-w- C:\Windows\System32\amdpcom64.dll

2013-12-06 22:07:14 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2013-12-06 22:07:14 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2013-12-06 22:04:10 143304 ----a-w- C:\Windows\System32\atiuxp64.dll

2013-12-06 22:03:46 126336 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2013-12-06 22:00:16 9753752 ----a-w- C:\Windows\System32\atidxx64.dll

2013-12-06 21:59:50 8406024 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2013-12-06 21:52:14 13207552 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2013-12-06 21:38:52 230912 ----a-w- C:\Windows\System32\clinfo.exe

2013-12-06 21:38:34 99840 ----a-w- C:\Windows\System32\OpenVideo64.dll

2013-12-06 21:38:28 83968 ----a-w- C:\Windows\SysWow64\OpenVideo.dll

2013-12-06 21:38:22 86528 ----a-w- C:\Windows\System32\OVDecode64.dll

2013-12-06 21:38:18 73728 ----a-w- C:\Windows\SysWow64\OVDecode.dll

2013-12-06 21:37:58 29382144 ----a-w- C:\Windows\System32\amdocl64.dll

2013-12-06 21:35:36 24860160 ----a-w- C:\Windows\SysWow64\amdocl.dll

2013-12-06 21:33:28 63488 ----a-w- C:\Windows\System32\OpenCL.dll

2013-12-06 21:33:24 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll

2013-12-06 21:26:44 129536 ----a-w- C:\Windows\System32\coinst_13.251.dll

2013-12-06 21:13:02 368640 ----a-w- C:\Windows\System32\atiapfxx.exe

2013-12-06 21:12:52 62464 ----a-w- C:\Windows\System32\aticalrt64.dll

2013-12-06 21:12:50 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2013-12-06 21:12:42 55808 ----a-w- C:\Windows\System32\aticalcl64.dll

2013-12-06 21:12:40 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2013-12-06 21:12:26 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll

2013-12-06 21:09:18 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2013-12-06 20:58:50 22157824 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2013-12-06 20:53:18 442368 ----a-w- C:\Windows\System32\atidemgy.dll

2013-12-06 20:53:10 31232 ----a-w- C:\Windows\System32\atimuixx.dll

2013-12-06 20:53:04 588288 ----a-w- C:\Windows\System32\atieclxx.exe

2013-12-06 20:52:10 239616 ----a-w- C:\Windows\System32\atiesrxx.exe

2013-12-06 20:50:36 190976 ----a-w- C:\Windows\System32\atitmm64.dll

2013-12-06 20:22:28 825344 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2013-12-06 20:22:08 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2013-12-06 20:22:08 69632 ----a-w- C:\Windows\System32\atiglpxx.dll

2013-12-06 20:21:54 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2013-12-06 20:21:44 626176 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2013-12-06 20:18:12 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2013-12-06 19:49:18 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll

2013-12-06 19:44:26 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll

2013-12-06 19:07:55 -------- d-----w- C:\Windows\ERUNT

2013-12-05 22:30:53 74512 ----a-w- C:\Windows\SysWow64\bdsandboxuiskin32.dll

2013-12-05 17:42:20 34384 ----a-w- C:\Windows\System32\bdsandboxuh.dll

2013-12-05 17:41:48 84848 ----a-w- C:\Windows\System32\bdsandboxuiskin.dll

2013-12-05 17:39:21 74512 ----a-w- C:\Windows\System32\bdsandboxuiskin32.dll

.

==================== Find3M  ====================

.

2013-12-06 22:03:00 115512 ----a-w- C:\Windows\System32\atiu9p64.dll

2013-12-06 22:02:38 98496 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2013-12-06 22:01:52 1318552 ----a-w- C:\Windows\System32\aticfx64.dll

2013-12-06 22:01:04 1100216 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2013-12-06 21:59:00 8287008 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2013-12-06 21:58:10 6630232 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2013-12-06 21:57:20 8927704 ----a-w- C:\Windows\System32\atiumd6a.dll

2013-12-06 21:56:54 7751920 ----a-w- C:\Windows\System32\atiumd64.dll

2013-12-06 21:16:40 26352128 ----a-w- C:\Windows\System32\atio6axx.dll

2013-12-06 20:22:42 1144320 ----a-w- C:\Windows\System32\atiadlxx.dll

2013-12-06 20:22:12 74752 ----a-w- C:\Windows\System32\atig6pxx.dll

2013-12-06 20:22:04 100352 ----a-w- C:\Windows\System32\atig6txx.dll

2013-12-05 17:40:12 82824 ----a-w- C:\Windows\System32\drivers\bdsandbox.sys

2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll

2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll

2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll

2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll

2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll

2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll

2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll

2013-11-21 02:28:34 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-11-21 02:27:37 1887232 ----a-w- C:\Windows\System32\d3d11.dll

2013-11-21 02:27:37 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll

2013-11-21 01:15:35 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys

2013-11-21 01:01:54 175616 ----a-w- C:\Windows\System32\msclmd.dll

2013-11-21 01:01:54 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2013-11-20 22:15:39 0 ----a-w- C:\Windows\ativpsrm.bin

2013-11-20 21:20:45 763418 ----a-w- C:\ProgramData\1384981561.bdinstall.bin

2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll

2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll

2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys

2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx

2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll

2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll

2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx

2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll

2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll

2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe

2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe

2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe

2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe

2013-10-08 13:39:10 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe

2013-10-08 13:39:10 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe

2013-10-08 13:39:08 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe

2013-10-08 13:39:08 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe

2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll

2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll

2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll

2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-10-04 02:16:30 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys

2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll

2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll

2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-10-04 01:36:04 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys

.

============= FINISH: 20:20:26,45 ===============
Link to post
Share on other sites

RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com




 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Chifo [Admin rights]

Mode : Scan -- Date : 01/01/2014 20:32:51

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 10 ¤¤¤

[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND

[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Browser Addons : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

127.0.0.1       localhost

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD10 EZEX-00KUWA0 SATA Disk Device +++++

--- User ---

[MBR] 3878179f751301240d18e376a4919121

[bSP] 6afaaa1537c7864442958a7c87e97333 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) SAMSUNG SSD 830 Series SATA Disk Device +++++

--- User ---

[MBR] af310cf24942351898d95490bc7954f5

[bSP] 57e5048068170fbe7c5ee760645d3b1a : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 122102 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) CREATIVE ZEN Stone Plus USB Device +++++

Error reading User MBR! ([0x57] El parámetro no es correcto. )

User = LL1 ... OK!

Error reading LL2 MBR! ([0x32] Solicitud no compatible. )

 

Finished : << RKreport[0]_S_01012014_203251.txt >>
Link to post
Share on other sites

  • Root Admin

The logs indicate that Bitdefender was enabled while running the scans.  Going forward please try to disable Bitdefender while running the scans and when done re-enable Bitdefender.

 

Please go ahead and run through the following steps and post back the logs when ready.

STEP 03
Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

STEP 04
Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus



STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.


STEP 06
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.



STEP 07
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.


 

Link to post
Share on other sites

Malwarebytes Anti-Rootkit BETA 1.07.0.1008

www.malwarebytes.org

 

Database version: v2014.01.02.02

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16476

Chifo :: CHIFO-PC [administrator]

 

02/01/2014 13:12:32

mbar-log-2014-01-02 (13-12-32).txt

 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 227459

Time elapsed: 4 minute(s), 38 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

Physical Sectors Detected: 0

(No malicious items detected)

 

(end)


---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.07.0.1008

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

 

Account is Administrative

 

Internet Explorer version: 11.0.9600.16476

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 3.415000 GHz

Memory total: 8587341824, free: 6638989312

 

Downloaded database version: v2013.12.14.03

Downloaded database version: v2013.10.11.02

=======================================

Initializing...

------------ Kernel report ------------

     12/14/2013 10:25:29

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_AuthenticAMD.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\trufos.sys

\SystemRoot\system32\DRIVERS\FLTMGR.SYS

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\drivers\vmbus.sys

\SystemRoot\system32\drivers\winhv.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\msahci.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\system32\DRIVERS\amdsata.sys

\SystemRoot\system32\DRIVERS\storport.sys

\SystemRoot\system32\DRIVERS\amdxata.sys

\SystemRoot\system32\DRIVERS\amd_sata.sys

\SystemRoot\system32\DRIVERS\amd_xata.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\system32\DRIVERS\avc3.sys

\SystemRoot\system32\DRIVERS\gzflt.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\vmstorfl.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\system32\DRIVERS\AtiPcie.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys

\??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\ws2ifsl.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\drivers\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\system32\drivers\csc.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\system32\DRIVERS\bdvedisk.sys

\SystemRoot\system32\DRIVERS\AppleCharger.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\amdppm.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\DRIVERS\atikmpag.sys

\SystemRoot\system32\DRIVERS\atikmdag.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\System32\Drivers\EtronXHCI.sys

\SystemRoot\system32\DRIVERS\usbfilter.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\Rt64win7.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\drivers\i8042prt.sys

\SystemRoot\System32\drivers\keyscrambler.sys

\SystemRoot\system32\drivers\kbdclass.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\rdpbus.sys

\SystemRoot\system32\drivers\mouclass.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\DRIVERS\avchv.sys

\SystemRoot\system32\DRIVERS\dtsoftbus01.sys

\SystemRoot\system32\drivers\umbus.sys

\SystemRoot\System32\Drivers\EtronHub3.sys

\SystemRoot\System32\Drivers\USBD.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\AtihdW76.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\drivers\RTKVHD64.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\system32\drivers\hidusb.sys

\SystemRoot\system32\drivers\HIDCLASS.SYS

\SystemRoot\system32\drivers\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_diskdump.sys

\SystemRoot\System32\Drivers\dump_amd_sata.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\drivers\luafv.sys

\??\C:\Windows\system32\drivers\mbam.sys

\SystemRoot\system32\DRIVERS\avckf.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\DRIVERS\WUDFRd.sys

\SystemRoot\system32\DRIVERS\asyncmac.sys

\SystemRoot\system32\drivers\spsys.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk2\DR2

Upper Device Object: 0xfffffa8008d5b060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\0000007c\

Lower Device Object: 0xfffffa8008d53060

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xfffffa8007a3d060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000060\

Lower Device Object: 0xfffffa800795a9c0

Lower Device Driver Name: \Driver\amd_sata\

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa8007a3c060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\0000005f\

Lower Device Object: 0xfffffa80079589c0

Lower Device Driver Name: \Driver\amd_sata\

<<<2>>>

Physical Sector Size: 512

Drive: 1, DevicePointer: 0xfffffa8007a3d060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800797ea60, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8007a3d060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa8007960ac0, DeviceName: Unknown, DriverName: \Driver\amd_xata\

DevicePointer: 0xfffffa800795a9c0, DeviceName: \Device\00000060\, DriverName: \Driver\amd_sata\

------------ End ----------

Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa8007a3c060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8007a3cab0, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8007a3c060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa8007957880, DeviceName: Unknown, DriverName: \Driver\amd_xata\

DevicePointer: 0xfffffa80079589c0, DeviceName: \Device\0000005f\, DriverName: \Driver\amd_sata\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 1912428B

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 2048  Numsec = 204800

    Partition file system is NTFS

    Partition is bootable

 

    Partition 1 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 206848  Numsec = 1953314816

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 1000204886016 bytes

Sector size: 512 bytes

 

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1953505168-1953525168)...

Done!

Drive 1

Scanning MBR on drive 1...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 7CBF850A

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 2048  Numsec = 250064896

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 128035676160 bytes

Sector size: 512 bytes

 

Done!

Physical Sector Size: 2048

Drive: 2, DevicePointer: 0xfffffa8008d5b060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8008d5bb90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8008d5b060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa8008d53060, DeviceName: \Device\0000007c\, DriverName: \Driver\USBSTOR\

------------ End ----------

Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 2

Scanning MBR on drive 2...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 0

 

Partition information:

 

    Partition 0 type is Other (0xb)

    Partition is ACTIVE.

    Partition starts at LBA: 34  Numsec = 963934

    Partition file system is FAT32

    Partition is not bootable

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 1974206464 bytes

Sector size: 2048 bytes

 

Done!

Scan finished

=======================================

 

 

Removal queue found; removal started

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_2048_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_2_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_2_0_34_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_2_r.mbam...

Removal finished

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.07.0.1008

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

 

Account is Administrative

 

Internet Explorer version: 11.0.9600.16476

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 3.422000 GHz

Memory total: 8587341824, free: 6581886976

 

Downloaded database version: v2014.01.02.02

Downloaded database version: v2013.12.18.01

=======================================

Initializing...

------------ Kernel report ------------

     01/02/2014 13:12:27

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_AuthenticAMD.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\trufos.sys

\SystemRoot\system32\DRIVERS\FLTMGR.SYS

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\drivers\vmbus.sys

\SystemRoot\system32\drivers\winhv.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\msahci.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\system32\DRIVERS\amdsata.sys

\SystemRoot\system32\DRIVERS\storport.sys

\SystemRoot\system32\DRIVERS\amdxata.sys

\SystemRoot\system32\DRIVERS\amd_sata.sys

\SystemRoot\system32\DRIVERS\amd_xata.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\system32\DRIVERS\avc3.sys

\SystemRoot\system32\DRIVERS\gzflt.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\vmstorfl.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\system32\DRIVERS\AtiPcie.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys

\??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\ws2ifsl.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\drivers\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\system32\drivers\csc.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\system32\DRIVERS\bdvedisk.sys

\SystemRoot\system32\DRIVERS\AppleCharger.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\amdppm.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\DRIVERS\atikmpag.sys

\SystemRoot\system32\DRIVERS\atikmdag.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\System32\Drivers\EtronXHCI.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\Rt64win7.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\rdpbus.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\DRIVERS\avchv.sys

\SystemRoot\system32\DRIVERS\dtsoftbus01.sys

\SystemRoot\system32\drivers\LGBusEnum.sys

\SystemRoot\system32\drivers\umbus.sys

\SystemRoot\System32\Drivers\EtronHub3.sys

\SystemRoot\System32\Drivers\USBD.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\AtihdW76.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\drivers\RTKVHD64.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\kbdhid.sys

\SystemRoot\System32\drivers\keyscrambler.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_diskdump.sys

\SystemRoot\System32\Drivers\dump_amd_sata.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\drivers\luafv.sys

\??\C:\Windows\system32\drivers\mbam.sys

\SystemRoot\system32\DRIVERS\avckf.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\system32\drivers\LGVirHid.sys

\SystemRoot\system32\DRIVERS\asyncmac.sys

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\system32\DRIVERS\WUDFRd.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\shlwapi.dll

\Windows\System32\wininet.dll

\Windows\System32\sechost.dll

\Windows\System32\oleaut32.dll

\Windows\System32\urlmon.dll

\Windows\System32\ole32.dll

\Windows\System32\lpk.dll

\Windows\System32\imm32.dll

\Windows\System32\comdlg32.dll

\Windows\System32\gdi32.dll

\Windows\System32\iertutil.dll

\Windows\System32\normaliz.dll

\Windows\System32\msctf.dll

\Windows\System32\setupapi.dll

\Windows\System32\user32.dll

\Windows\System32\difxapi.dll

\Windows\System32\imagehlp.dll

\Windows\System32\shell32.dll

\Windows\System32\psapi.dll

\Windows\System32\ws2_32.dll

\Windows\System32\clbcatq.dll

\Windows\System32\usp10.dll

\Windows\System32\kernel32.dll

\Windows\System32\nsi.dll

\Windows\System32\msvcrt.dll

\Windows\System32\Wldap32.dll

\Windows\System32\rpcrt4.dll

\Windows\System32\advapi32.dll

\Windows\System32\wintrust.dll

\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

\Windows\System32\comctl32.dll

\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

\Windows\System32\KernelBase.dll

\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

\Windows\System32\devobj.dll

\Windows\System32\crypt32.dll

\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

\Windows\System32\msasn1.dll

\Windows\SysWOW64\normaliz.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk2\DR3

Upper Device Object: 0xfffffa800890d060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\0000008f\

Lower Device Object: 0xfffffa800a0b0060

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xfffffa8007a5a060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\0000005f\

Lower Device Object: 0xfffffa800797a9c0

Lower Device Driver Name: \Driver\amd_sata\

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa8007a59060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\0000005e\

Lower Device Object: 0xfffffa80079769c0

Lower Device Driver Name: \Driver\amd_sata\

<<<2>>>

Physical Sector Size: 512

Drive: 1, DevicePointer: 0xfffffa8007a5a060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8007a5ab90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8007a5a060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800797fac0, DeviceName: Unknown, DriverName: \Driver\amd_xata\

DevicePointer: 0xfffffa800797a9c0, DeviceName: \Device\0000005f\, DriverName: \Driver\amd_sata\

------------ End ----------

Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa8007a59060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8007a59b90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8007a59060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800797eac0, DeviceName: Unknown, DriverName: \Driver\amd_xata\

DevicePointer: 0xfffffa80079769c0, DeviceName: \Device\0000005e\, DriverName: \Driver\amd_sata\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 1912428B

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 2048  Numsec = 204800

    Partition file system is NTFS

    Partition is bootable

 

    Partition 1 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 206848  Numsec = 1953314816

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 1000204886016 bytes

Sector size: 512 bytes

 

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1953505168-1953525168)...

Done!

Drive 1

Scanning MBR on drive 1...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 7CBF850A

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 2048  Numsec = 250064896

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 128035676160 bytes

Sector size: 512 bytes

 

Done!

Physical Sector Size: 2048

Drive: 2, DevicePointer: 0xfffffa800890d060, DeviceName: \Device\Harddisk2\DR3\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800b150040, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800890d060, DeviceName: \Device\Harddisk2\DR3\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800a0b0060, DeviceName: \Device\0000008f\, DriverName: \Driver\USBSTOR\

------------ End ----------

Alternate DeviceName: \Device\Harddisk2\DR3\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 2

Scanning MBR on drive 2...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 0

 

Partition information:

 

    Partition 0 type is Other (0xb)

    Partition is ACTIVE.

    Partition starts at LBA: 34  Numsec = 963934

    Partition file system is FAT32

    Partition is not bootable

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 1974206464 bytes

Sector size: 2048 bytes

 

Done!

Scan finished

=======================================

 

 

Removal queue found; removal started

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_2048_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_2_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_2_0_34_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_2_r.mbam...

Removal finished

 

Link to post
Share on other sites

NOTE : JRT found another bad module , when says to reboot , i press No ( to reboot later ) 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Ultimate x64
Ran by Chifo on 02/01/2014 at 13:35:47,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/01/2014 at 13:46:21,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

# AdwCleaner v3.016 - Reporte Creado 02/01/2014 en 13:52:31

# Actualizado 23/12/2013 por Xplode

# Sistema Operativo : Windows 7 Ultimate Service Pack 1 (64 bits)

# Nombre de usuario : Chifo - CHIFO-PC

# Ejecutado desde : C:\Users\Chifo\Desktop\AdwCleaner.exe

# Opción : Limpiar

 

***** [ Servicios ] *****

 

 

***** [ Archivos / Carpetas ] *****

 

 

***** [ Accesos directos ] *****

 

 

***** [ Registro ] *****

 

 

***** [ Navegadores ] *****

 

-\\ Internet Explorer v0.0.0.0

 

 

-\\ Google Chrome v31.0.1650.63

 

[ Archivo : C:\Users\Chifo\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [788 octets] - [02/01/2014 13:51:58]

AdwCleaner[s0].txt - [708 octets] - [02/01/2014 13:52:31]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [767 octets] ##########
Link to post
Share on other sites

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

 

Versión de la Base de Datos: v2014.01.02.03

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16476

Chifo :: CHIFO-PC [administrador]

 

Protección: Personas de movilidad reducida

 

02/01/2014 14:13:14

mbam-log-2014-01-02 (14-13-14).txt

 

Tipos de Análisis: Análisis Rápido

Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

Opciones de análisis desactivados: P2P

Objetos examinados: 211687

Tiempo transcurrido: 1 minuto(s), 41 segundo(s)

 

Procesos en Memoria Detectados: 0

(No se han detectado elementos maliciosos)

 

Módulos de Memoria Detectados: 0

(No se han detectado elementos maliciosos)

 

Claves del Registro Detectados: 0

(No se han detectado elementos maliciosos)

 

Valores del Registro Detectados: 0

(No se han detectado elementos maliciosos)

 

Elementos de Datos del Registro Detectados: 0

(No se han detectado elementos maliciosos)

 

Carpetas Detectadas: 0

(No se han detectado elementos maliciosos)

 

Archivos Detectados: 0

(No se han detectado elementos maliciosos)

 

fin)
Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2014 01

Ran by Chifo at 2014-01-02 16:30:24

Running from C:\Users\Chifo\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Bitdefender Antispyware (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

FW: Bitdefender Cortafuegos (Disabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

 

==================== Installed Programs ======================

 

@BIOS (x32 Version: 2.33 - GIGABYTE)

µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)

Adobe Reader XI (11.0.05) - Español (x32 Version: 11.0.05 - Adobe Systems Incorporated)

AIDA64 Extreme v4.00 (x32 Version: 4.00 - FinalWire Ltd.)

AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Nombre de su organización) Hidden

AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)

AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden

AMD Fuel (Version: 2013.1206.1603.28764 - Nombre de su organización) Hidden

AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden

AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden

Bitdefender Total Security (Version: 17.20.0.883 - Bitdefender)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden

CCleaner (Version: 4.08 - Piriform)

CPUID CPU-Z 1.67.1 (Version:  - )

DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (Version:  - Microsoft)

ESET Online Scanner v3 (x32 Version:  - )

Etron USB3.0 Host Controller (x32 Version: 0.95 - Etron Technology)

Etron USB3.0 Host Controller (x32 Version: 0.95 - Etron Technology) Hidden

f.lux (HKCU Version:  - )

Flopzilla (x32 Version: 1.6.5 - Flopzilla)

Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)

Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden

Holdem Manager (x32 Version:  - )

Holdem Manager 2 (x32 Version:  - )

KeePass Password Safe 2.24 (x32 Version: 2.24 - Dominik Reichl)

KeyScrambler (x32 Version: 3.3.0.0 - QFX Software Corporation)

Malwarebytes Anti-Malware versión 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (ESN) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (español) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

MPC-HC 1.7.1 (64-bit) (Version: 1.7.1.0 - MPC-HC Team)

ON_OFF Charge B11.0110.1 (x32 Version: 1.00.0001 - GIGABYTE)

Paint.NET v3.5.11 (Version: 3.61.0 - dotPDN LLC)

PokerStars (x32 Version:  - PokerStars)

PokerStrategy.com Equilab (x32 Version: 1.2.8.0 - PokerStrategy.com)

PostgreSQL 9.2  (Version: 9.2 - PostgreSQL Global Development Group)

Rainmeter (x32 Version: 3.0.2 r2161 - )

Realtek Ethernet Controller Driver (x32 Version: 7.38.113.2011 - Realtek)

Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6121 - Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6235 - Realtek Semiconductor Corp.)

Samsung Magician (x32 Version: 4.3.0 - Samsung Electronics)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden

Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)

Software Logitech para juegos 8.51 (Version: 8.51.5 - Logitech Inc.)

Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)

SpywareBlaster 5.0 (x32 Version: 5.0.0 - BrightFort LLC)

SUPERAntiSpyware (Version: 5.6.1042 - SUPERAntiSpyware.com)

TableNinja (x32 Version: 1.2.157 - ALXSoftware)

TableScan Turbo v1.0.10 (x32 Version:  - Zandry, LLC)

Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553092) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (Version:  - Microsoft)

Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (Version:  - Microsoft)

WinRAR 5.00 (64-bit) (Version: 5.00.0 - win.rar GmbH)

 

==================== Restore Points  =========================

 

01-01-2014 22:00:25 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727

01-01-2014 22:00:48 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727

02-01-2014 14:17:48 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727

02-01-2014 14:18:12 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727

 

==================== Hosts content: ==========================

 

2009-07-13 23:34 - 2013-12-07 10:34 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {01F7C383-B57D-4E62-A1D9-E22D5DB56029} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-20] (Google Inc.)

Task: {605B792B-E2C1-4731-BC48-18A147B01D7C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-11-21] ()

Task: {90F732A0-4E63-4CF5-B85B-A5B1B851CFC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-20] (Google Inc.)

Task: {BE9F9EAE-A2F1-4BFD-84E2-CEA777EF5D42} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <==== ATTENTION

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <==== ATTENTION

 

==================== Loaded Modules (whitelisted) =============

 

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2013-11-20 18:19 - 2013-06-19 11:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll

2013-10-29 17:45 - 2013-10-29 17:45 - 00798392 _____ () C:\Program Files\Rainmeter\Rainmeter.dll

2013-10-29 17:41 - 2013-10-29 17:41 - 00058880 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll

2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2013-11-20 18:19 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender\bdmetrics.dll

2013-11-20 18:19 - 2013-12-05 14:39 - 00467448 _____ () C:\Program Files\Bitdefender\Bitdefender\bdidntconp.dll

2013-11-20 18:19 - 2013-12-05 14:39 - 00201728 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\bdidntconp.ui

2013-11-20 18:19 - 2013-06-19 11:44 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll

2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2013-12-05 19:18 - 2013-12-03 23:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll

2013-12-05 19:18 - 2013-12-03 23:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll

2013-12-05 19:18 - 2013-12-03 23:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll

2013-12-05 19:18 - 2013-12-03 23:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll

2013-12-05 19:18 - 2013-12-03 23:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

AlternateDataStreams: C:\Users\Chifo\Desktop\AdwCleaner.exe:BDU

AlternateDataStreams: C:\Users\Chifo\Desktop\FRST64.exe:BDU

AlternateDataStreams: C:\Users\Chifo\Desktop\JRT.exe:BDU

 

==================== Safe Mode (whitelisted) ===================

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (01/02/2014 04:23:51 PM) (Source: PostgreSQL) (User: )

Description: 2014-01-02 16:23:51 ART ERROR:  la sentencia preparada «insertplayer» ya existe

2014-01-02 16:23:51 ART SENTENCIA:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id; 

 

PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,

integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer)

as 

Update CompiledPlayerResults set totalhands = totalhands + $6

, TotalAmountWonincents = TotalAmountWonincents + $7

, TotalRakeincents = TotalRakeincents + $8

, TotalBBsWon = TotalBBsWon + $9

, VPIPHands = VPIPHands + $10

, PFRHands = PFRHands + $11

, CouldColdCall = CouldColdCall + $12

, DidColdCall = DidColdCall + $13

, CouldThreeBet = CouldThreeBet + $14

, DidThreeBet = DidThreeBet + $15

, CouldSqueeze = CouldSqueeze + $16

, DidSqueeze = DidSqueeze + $17

, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18

, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19

, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20

, SmallBlindStealAttempted = SmallBlindStealAttempted + $21

, SmallBlindStealDefended = SmallBlindStealDefended + $22

, SmallBlindStealReraised = SmallBlindStealReraised + $23

, BigBlindStealAttempted = BigBlindStealAttempted + $24

, BigBlindStealDefended = BigBlindStealDefended + $25

, BigBlindStealReraised = BigBlindStealReraised + $26

, SawNonSmallShowdown = SawNonSmallShowdown + $27

, WonNonSmallShowdown = WonNonSmallShowdown + $28

, SawLargeShowdown = SawLargeShowdown + $29

, WonLargeShowdown = WonLargeShowdown + $30

, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31

, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32

, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33

, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34

, WonHand = WonHand + $35

, WonHandWhenSawFlop = WonHandWhenSawFlop + $36

, WonHandWhenSawTurn = WonHandWhenSawTurn + $37

, WonHandWhenSawRiver = WonHandWhenSawRiver + $38

, FacedThreeBetPreflop = FacedThreeBetPreflop + $39

, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40

, CalledThreeBetPreflop = CalledThreeBetPreflop + $41

, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42

, FacedFourBetPreflop = FacedFourBetPreflop + $43

, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44

, CalledFourBetPreflop = CalledFourBetPreflop + $45

, RaisedFourBetPreflop = RaisedFourBetPreflop + $46

, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47

, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48

, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49

, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50

, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51

, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52

, SawFlop = SawFlop + $53

, SawShowdown = SawShowdown + $54

, WonShowdown = WonShowdown + $55

, TotalBets = TotalBets + $56

, TotalCalls = TotalCalls + $57

, FlopContinuationBetPossible = FlopContinuationBetPossible + $58

, FlopContinuationBetMade = FlopContinuationBetMade + $59

, TurnContinuationBetPossible = TurnContinuationBetPossible + $60

, TurnContinuationBetMade = TurnContinuationBetMade + $61

, RiverContinuationBetPossible = RiverContinuationBetPossible + $62

, RiverContinuationBetMade = RiverContinuationBetMade + $63

, FacingFlopContinuationBet = FacingFlopContinuationBet + $64

, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65

, CalledFlopContinuationBet = CalledFlopContinuationBet + $66

, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67

, FacingTurnContinuationBet = FacingTurnContinuationBet + $68

, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69

, CalledTurnContinuationBet = CalledTurnContinuationBet + $70

, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71

, FacingRiverContinuationBet = FacingRiverContinuationBet + $72

, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73

, CalledRiverContinuationBet = CalledRiverContinuationBet + $74

, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75

, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76

, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77

where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1

and playedyearandmonth = $2

and numberofplayers = $3

and gametype_id = $4

and bbgroup_id = $5 limit 1);

 

Error: (01/02/2014 04:22:56 PM) (Source: PostgreSQL) (User: )

Description: 2014-01-02 16:22:56 ART ERROR:  la sentencia preparada «insertplayer» ya existe

2014-01-02 16:22:56 ART SENTENCIA:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id; 

 

PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,

integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer)

as 

Update CompiledPlayerResults set totalhands = totalhands + $6

, TotalAmountWonincents = TotalAmountWonincents + $7

, TotalRakeincents = TotalRakeincents + $8

, TotalBBsWon = TotalBBsWon + $9

, VPIPHands = VPIPHands + $10

, PFRHands = PFRHands + $11

, CouldColdCall = CouldColdCall + $12

, DidColdCall = DidColdCall + $13

, CouldThreeBet = CouldThreeBet + $14

, DidThreeBet = DidThreeBet + $15

, CouldSqueeze = CouldSqueeze + $16

, DidSqueeze = DidSqueeze + $17

, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18

, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19

, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20

, SmallBlindStealAttempted = SmallBlindStealAttempted + $21

, SmallBlindStealDefended = SmallBlindStealDefended + $22

, SmallBlindStealReraised = SmallBlindStealReraised + $23

, BigBlindStealAttempted = BigBlindStealAttempted + $24

, BigBlindStealDefended = BigBlindStealDefended + $25

, BigBlindStealReraised = BigBlindStealReraised + $26

, SawNonSmallShowdown = SawNonSmallShowdown + $27

, WonNonSmallShowdown = WonNonSmallShowdown + $28

, SawLargeShowdown = SawLargeShowdown + $29

, WonLargeShowdown = WonLargeShowdown + $30

, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31

, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32

, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33

, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34

, WonHand = WonHand + $35

, WonHandWhenSawFlop = WonHandWhenSawFlop + $36

, WonHandWhenSawTurn = WonHandWhenSawTurn + $37

, WonHandWhenSawRiver = WonHandWhenSawRiver + $38

, FacedThreeBetPreflop = FacedThreeBetPreflop + $39

, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40

, CalledThreeBetPreflop = CalledThreeBetPreflop + $41

, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42

, FacedFourBetPreflop = FacedFourBetPreflop + $43

, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44

, CalledFourBetPreflop = CalledFourBetPreflop + $45

, RaisedFourBetPreflop = RaisedFourBetPreflop + $46

, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47

, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48

, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49

, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50

, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51

, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52

, SawFlop = SawFlop + $53

, SawShowdown = SawShowdown + $54

, WonShowdown = WonShowdown + $55

, TotalBets = TotalBets + $56

, TotalCalls = TotalCalls + $57

, FlopContinuationBetPossible = FlopContinuationBetPossible + $58

, FlopContinuationBetMade = FlopContinuationBetMade + $59

, TurnContinuationBetPossible = TurnContinuationBetPossible + $60

, TurnContinuationBetMade = TurnContinuationBetMade + $61

, RiverContinuationBetPossible = RiverContinuationBetPossible + $62

, RiverContinuationBetMade = RiverContinuationBetMade + $63

, FacingFlopContinuationBet = FacingFlopContinuationBet + $64

, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65

, CalledFlopContinuationBet = CalledFlopContinuationBet + $66

, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67

, FacingTurnContinuationBet = FacingTurnContinuationBet + $68

, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69

, CalledTurnContinuationBet = CalledTurnContinuationBet + $70

, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71

, FacingRiverContinuationBet = FacingRiverContinuationBet + $72

, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73

, CalledRiverContinuationBet = CalledRiverContinuationBet + $74

, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75

, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76

, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77

where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1

and playedyearandmonth = $2

and numberofplayers = $3

and gametype_id = $4

and bbgroup_id = $5 limit 1);

 

Error: (01/02/2014 04:21:36 PM) (Source: PostgreSQL) (User: )

Description: 2014-01-02 16:21:36 ART ERROR:  la sentencia preparada «insertplayer» ya existe

2014-01-02 16:21:36 ART SENTENCIA:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id; 

 

PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,

integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer)

as 

Update CompiledPlayerResults set totalhands = totalhands + $6

, TotalAmountWonincents = TotalAmountWonincents + $7

, TotalRakeincents = TotalRakeincents + $8

, TotalBBsWon = TotalBBsWon + $9

, VPIPHands = VPIPHands + $10

, PFRHands = PFRHands + $11

, CouldColdCall = CouldColdCall + $12

, DidColdCall = DidColdCall + $13

, CouldThreeBet = CouldThreeBet + $14

, DidThreeBet = DidThreeBet + $15

, CouldSqueeze = CouldSqueeze + $16

, DidSqueeze = DidSqueeze + $17

, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18

, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19

, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20

, SmallBlindStealAttempted = SmallBlindStealAttempted + $21

, SmallBlindStealDefended = SmallBlindStealDefended + $22

, SmallBlindStealReraised = SmallBlindStealReraised + $23

, BigBlindStealAttempted = BigBlindStealAttempted + $24

, BigBlindStealDefended = BigBlindStealDefended + $25

, BigBlindStealReraised = BigBlindStealReraised + $26

, SawNonSmallShowdown = SawNonSmallShowdown + $27

, WonNonSmallShowdown = WonNonSmallShowdown + $28

, SawLargeShowdown = SawLargeShowdown + $29

, WonLargeShowdown = WonLargeShowdown + $30

, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31

, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32

, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33

, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34

, WonHand = WonHand + $35

, WonHandWhenSawFlop = WonHandWhenSawFlop + $36

, WonHandWhenSawTurn = WonHandWhenSawTurn + $37

, WonHandWhenSawRiver = WonHandWhenSawRiver + $38

, FacedThreeBetPreflop = FacedThreeBetPreflop + $39

, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40

, CalledThreeBetPreflop = CalledThreeBetPreflop + $41

, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42

, FacedFourBetPreflop = FacedFourBetPreflop + $43

, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44

, CalledFourBetPreflop = CalledFourBetPreflop + $45

, RaisedFourBetPreflop = RaisedFourBetPreflop + $46

, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47

, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48

, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49

, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50

, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51

, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52

, SawFlop = SawFlop + $53

, SawShowdown = SawShowdown + $54

, WonShowdown = WonShowdown + $55

, TotalBets = TotalBets + $56

, TotalCalls = TotalCalls + $57

, FlopContinuationBetPossible = FlopContinuationBetPossible + $58

, FlopContinuationBetMade = FlopContinuationBetMade + $59

, TurnContinuationBetPossible = TurnContinuationBetPossible + $60

, TurnContinuationBetMade = TurnContinuationBetMade + $61

, RiverContinuationBetPossible = RiverContinuationBetPossible + $62

, RiverContinuationBetMade = RiverContinuationBetMade + $63

, FacingFlopContinuationBet = FacingFlopContinuationBet + $64

, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65

, CalledFlopContinuationBet = CalledFlopContinuationBet + $66

, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67

, FacingTurnContinuationBet = FacingTurnContinuationBet + $68

, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69

, CalledTurnContinuationBet = CalledTurnContinuationBet + $70

, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71

, FacingRiverContinuationBet = FacingRiverContinuationBet + $72

, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73

, CalledRiverContinuationBet = CalledRiverContinuationBet + $74

, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75

, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76

, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77

where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1

and playedyearandmonth = $2

and numberofplayers = $3

and gametype_id = $4

and bbgroup_id = $5 limit 1);

 

Error: (01/02/2014 04:21:31 PM) (Source: PostgreSQL) (User: )

Description: 2014-01-02 16:21:31 ART ERROR:  la sentencia preparada «insertplayer» ya existe

2014-01-02 16:21:31 ART SENTENCIA:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id; 

 

PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,

integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer)

as 

Update CompiledPlayerResults set totalhands = totalhands + $6

, TotalAmountWonincents = TotalAmountWonincents + $7

, TotalRakeincents = TotalRakeincents + $8

, TotalBBsWon = TotalBBsWon + $9

, VPIPHands = VPIPHands + $10

, PFRHands = PFRHands + $11

, CouldColdCall = CouldColdCall + $12

, DidColdCall = DidColdCall + $13

, CouldThreeBet = CouldThreeBet + $14

, DidThreeBet = DidThreeBet + $15

, CouldSqueeze = CouldSqueeze + $16

, DidSqueeze = DidSqueeze + $17

, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18

, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19

, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20

, SmallBlindStealAttempted = SmallBlindStealAttempted + $21

, SmallBlindStealDefended = SmallBlindStealDefended + $22

, SmallBlindStealReraised = SmallBlindStealReraised + $23

, BigBlindStealAttempted = BigBlindStealAttempted + $24

, BigBlindStealDefended = BigBlindStealDefended + $25

, BigBlindStealReraised = BigBlindStealReraised + $26

, SawNonSmallShowdown = SawNonSmallShowdown + $27

, WonNonSmallShowdown = WonNonSmallShowdown + $28

, SawLargeShowdown = SawLargeShowdown + $29

, WonLargeShowdown = WonLargeShowdown + $30

, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31

, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32

, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33

, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34

, WonHand = WonHand + $35

, WonHandWhenSawFlop = WonHandWhenSawFlop + $36

, WonHandWhenSawTurn = WonHandWhenSawTurn + $37

, WonHandWhenSawRiver = WonHandWhenSawRiver + $38

, FacedThreeBetPreflop = FacedThreeBetPreflop + $39

, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40

, CalledThreeBetPreflop = CalledThreeBetPreflop + $41

, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42

, FacedFourBetPreflop = FacedFourBetPreflop + $43

, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44

, CalledFourBetPreflop = CalledFourBetPreflop + $45

, RaisedFourBetPreflop = RaisedFourBetPreflop + $46

, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47

, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48

, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49

, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50

, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51

, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52

, SawFlop = SawFlop + $53

, SawShowdown = SawShowdown + $54

, WonShowdown = WonShowdown + $55

, TotalBets = TotalBets + $56

, TotalCalls = TotalCalls + $57

, FlopContinuationBetPossible = FlopContinuationBetPossible + $58

, FlopContinuationBetMade = FlopContinuationBetMade + $59

, TurnContinuationBetPossible = TurnContinuationBetPossible + $60

, TurnContinuationBetMade = TurnContinuationBetMade + $61

, RiverContinuationBetPossible = RiverContinuationBetPossible + $62

, RiverContinuationBetMade = RiverContinuationBetMade + $63

, FacingFlopContinuationBet = FacingFlopContinuationBet + $64

, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65

, CalledFlopContinuationBet = CalledFlopContinuationBet + $66

, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67

, FacingTurnContinuationBet = FacingTurnContinuationBet + $68

, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69

, CalledTurnContinuationBet = CalledTurnContinuationBet + $70

, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71

, FacingRiverContinuationBet = FacingRiverContinuationBet + $72

, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73

, CalledRiverContinuationBet = CalledRiverContinuationBet + $74

, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75

, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76

, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77

where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1

and playedyearandmonth = $2

and numberofplayers = $3

and gametype_id = $4

and bbgroup_id = $5 limit 1);

 

Error: (01/02/2014 04:20:06 PM) (Source: PostgreSQL) (User: )

Description: 2014-01-02 16:20:06 ART ERROR:  la sentencia preparada «insertplayer» ya existe

2014-01-02 16:20:06 ART SENTENCIA:  PREPARE INSERTPLAYER (text,smallint,integer,integer,smallint) AS  Insert into players (playername,pokersite_id,cashhands,tourneyhands,optimizationstatus) values ($1,$2,$3,$4,$5) RETURNING player_id; 

 

PREPARE CSUpdate (integer,integer,smallint,smallint,smallint,integer,

integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer,integer,integer,integer,

integer,integer)

as 

Update CompiledPlayerResults set totalhands = totalhands + $6

, TotalAmountWonincents = TotalAmountWonincents + $7

, TotalRakeincents = TotalRakeincents + $8

, TotalBBsWon = TotalBBsWon + $9

, VPIPHands = VPIPHands + $10

, PFRHands = PFRHands + $11

, CouldColdCall = CouldColdCall + $12

, DidColdCall = DidColdCall + $13

, CouldThreeBet = CouldThreeBet + $14

, DidThreeBet = DidThreeBet + $15

, CouldSqueeze = CouldSqueeze + $16

, DidSqueeze = DidSqueeze + $17

, FacingTwoPreflopRaisers = FacingTwoPreflopRaisers + $18

, CalledTwoPreflopRaisers = CalledTwoPreflopRaisers + $19

, RaisedTwoPreflopRaisers = RaisedTwoPreflopRaisers + $20

, SmallBlindStealAttempted = SmallBlindStealAttempted + $21

, SmallBlindStealDefended = SmallBlindStealDefended + $22

, SmallBlindStealReraised = SmallBlindStealReraised + $23

, BigBlindStealAttempted = BigBlindStealAttempted + $24

, BigBlindStealDefended = BigBlindStealDefended + $25

, BigBlindStealReraised = BigBlindStealReraised + $26

, SawNonSmallShowdown = SawNonSmallShowdown + $27

, WonNonSmallShowdown = WonNonSmallShowdown + $28

, SawLargeShowdown = SawLargeShowdown + $29

, WonLargeShowdown = WonLargeShowdown + $30

, SawNonSmallShowdownLimpedFlop = SawNonSmallShowdownLimpedFlop + $31

, WonNonSmallShowdownLimpedFlop = WonNonSmallShowdownLimpedFlop + $32

, SawLargeShowdownLimpedFlop = SawLargeShowdownLimpedFlop + $33

, WonLargeShowdownLimpedFlop = WonLargeShowdownLimpedFlop + $34

, WonHand = WonHand + $35

, WonHandWhenSawFlop = WonHandWhenSawFlop + $36

, WonHandWhenSawTurn = WonHandWhenSawTurn + $37

, WonHandWhenSawRiver = WonHandWhenSawRiver + $38

, FacedThreeBetPreflop = FacedThreeBetPreflop + $39

, FoldedToThreeBetPreflop = FoldedToThreeBetPreflop + $40

, CalledThreeBetPreflop = CalledThreeBetPreflop + $41

, RaisedThreeBetPreflop = RaisedThreeBetPreflop + $42

, FacedFourBetPreflop = FacedFourBetPreflop + $43

, FoldedToFourBetPreflop = FoldedToFourBetPreflop + $44

, CalledFourBetPreflop = CalledFourBetPreflop + $45

, RaisedFourBetPreflop = RaisedFourBetPreflop + $46

, TurnFoldIPPassOnFlopCB = TurnFoldIPPassOnFlopCB + $47

, TurnCallIPPassOnFlopCB = TurnCallIPPassOnFlopCB + $48

, TurnRaiseIPPassOnFlopCB = TurnRaiseIPPassOnFlopCB + $49

, RiverFoldIPPassOnTurnCB = RiverFoldIPPassOnTurnCB + $50

, RiverCallIPPassOnTurnCB = RiverCallIPPassOnTurnCB + $51

, RiverRaiseIPPassOnTurnCB = RiverRaiseIPPassOnTurnCB + $52

, SawFlop = SawFlop + $53

, SawShowdown = SawShowdown + $54

, WonShowdown = WonShowdown + $55

, TotalBets = TotalBets + $56

, TotalCalls = TotalCalls + $57

, FlopContinuationBetPossible = FlopContinuationBetPossible + $58

, FlopContinuationBetMade = FlopContinuationBetMade + $59

, TurnContinuationBetPossible = TurnContinuationBetPossible + $60

, TurnContinuationBetMade = TurnContinuationBetMade + $61

, RiverContinuationBetPossible = RiverContinuationBetPossible + $62

, RiverContinuationBetMade = RiverContinuationBetMade + $63

, FacingFlopContinuationBet = FacingFlopContinuationBet + $64

, FoldedToFlopContinuationBet = FoldedToFlopContinuationBet + $65

, CalledFlopContinuationBet = CalledFlopContinuationBet + $66

, RaisedFlopContinuationBet = RaisedFlopContinuationBet + $67

, FacingTurnContinuationBet = FacingTurnContinuationBet + $68

, FoldedToTurnContinuationBet = FoldedToTurnContinuationBet + $69

, CalledTurnContinuationBet = CalledTurnContinuationBet + $70

, RaisedTurnContinuationBet = RaisedTurnContinuationBet + $71

, FacingRiverContinuationBet = FacingRiverContinuationBet + $72

, FoldedToRiverContinuationBet = FoldedToRiverContinuationBet + $73

, CalledRiverContinuationBet = CalledRiverContinuationBet + $74

, RaisedRiverContinuationBet = RaisedRiverContinuationBet + $75

, TotalPostFlopStreetsSeen = TotalPostFlopStreetsSeen + $76

, totalaggressivepostflopstreetsseen = totalaggressivepostflopstreetsseen + $77

where compiledplayerresults_id = (select compiledplayerresults_id from compiledplayerresults where player_id = $1

and playedyearandmonth = $2

and numberofplayers = $3

and gametype_id = $4

and bbgroup_id = $5 limit 1);

 

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 29%

Total physical RAM: 8189.53 MB

Available physical RAM: 5764.69 MB

Total Pagefile: 16777.23 MB

Available Pagefile: 12905.54 MB

Total Virtual: 8192 MB

Available Virtual: 8191.78 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:119.24 GB) (Free:69.67 GB) NTFS

Drive d: () (Fixed) (Total:931.41 GB) (Free:906.93 GB) NTFS

Drive f: (MULTIBOOT) (Removable) (Total:1.83 GB) (Free:1.66 GB) FAT32

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1912428B)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 7CBF850A)

Partition 1: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

Attempted reading MBR returned 0 bytes.

 Could not read MBR for disk 2.

 

==================== End Of Log ============================

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2014 01

Ran by Chifo (administrator) on CHIFO-PC on 02-01-2014 16:29:54

Running from C:\Users\Chifo\Desktop

Windows 7 Ultimate Service Pack 1 (X64) OS Language: Spanish Modern Sort

Internet Explorer Version 11

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\pg_ctl.exe

(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe

(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe

(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe

(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe

(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe

(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.2\bin\postgres.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe

(Flux Software LLC) C:\Users\Chifo\AppData\Local\FluxSoftware\Flux\flux.exe

() C:\Program Files\Rainmeter\Rainmeter.exe

(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe

(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Spotify Ltd) C:\Users\Chifo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\seccenter.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1734848 2013-12-05] (Bitdefender)

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)

HKLM-x32\...\Run: [KeyScrambler] - C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe [508144 2013-11-14] (QFX Software Corporation)

HKCU\...\Run: [bitdefender Wallet Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [560648 2013-12-05] (Bitdefender)

HKCU\...\Run: [Agente de aplicación Bitdefender Wallet] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [612696 2013-12-05] (Bitdefender)

HKCU\...\Run: [f.lux] - C:\Users\Chifo\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)

HKCU\...\Run: [spotify Web Helper] - C:\Users\Chifo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-05] (Spotify Ltd)

Startup: C:\Users\Chifo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk

ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x43E0033A2AE6CE01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 200.42.4.207 200.49.130.44

 

Chrome: 

=======

CHR DefaultSearchKeyword: google.com.ar

CHR Extension: (Google Drive) - C:\Users\Chifo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\Users\Chifo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Bitdefender Wallet) - C:\Users\Chifo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.23.0_0

CHR Extension: (Adblock Plus) - C:\Users\Chifo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0

CHR Extension: (Google Search) - C:\Users\Chifo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (FVD Video Downloader) - C:\Users\Chifo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.6.0_0

CHR Extension: (Google Wallet) - C:\Users\Chifo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0

CHR Extension: (Gmail) - C:\Users\Chifo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()

S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-12-05] (Bitdefender)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)

R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)

R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1507248 2013-12-05] (Bitdefender)

R2 postgresql-x64-9.2; C:/Program Files/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N "postgresql-x64-9.2" -D "C:/Program Files/PostgreSQL/9.2/data" -w [x]

 

==================== Drivers (Whitelisted) ====================

 

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender)

R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)

R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender)

R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)

R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)

S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)

S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-12-05] (BitDefender SRL)

R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)

R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-20] (Disc Soft Ltd)

R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)

R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)

U4 cisvc; 

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]

S3 tsusbhub; system32\drivers\tsusbhub.sys [x]

S3 VGPU; System32\drivers\rdvgkmd.sys [x]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-01-02 16:29 - 2014-01-02 16:30 - 00010874 _____ C:\Users\Chifo\Desktop\FRST.txt

2014-01-02 16:29 - 2014-01-02 16:29 - 01931426 _____ (Farbar) C:\Users\Chifo\Desktop\FRST64.exe

2014-01-02 16:29 - 2014-01-02 16:29 - 00000000 ____D C:\FRST

2014-01-02 15:11 - 2014-01-02 15:11 - 00000222 _____ C:\Users\Chifo\Desktop\eset.txt

2014-01-02 14:16 - 2014-01-02 14:16 - 00000000 ____D C:\Program Files (x86)\ESET

2014-01-02 13:51 - 2014-01-02 13:52 - 00000000 ____D C:\AdwCleaner

2014-01-02 13:51 - 2014-01-02 13:51 - 01233962 _____ C:\Users\Chifo\Desktop\AdwCleaner.exe

2014-01-02 13:46 - 2014-01-02 13:46 - 00000621 _____ C:\Users\Chifo\Desktop\JRT.txt

2014-01-02 13:32 - 2014-01-02 13:32 - 00003608 ____N C:\bootsqm.dat

2014-01-02 13:17 - 2014-01-02 13:17 - 01036305 _____ (Thisisu) C:\Users\Chifo\Desktop\JRT.exe

2014-01-02 11:21 - 2014-01-02 11:21 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\ATI

2014-01-02 11:21 - 2014-01-02 11:21 - 00000000 ____D C:\Users\Chifo\AppData\Local\ATI

2014-01-02 11:21 - 2014-01-02 11:21 - 00000000 ____D C:\Users\Chifo\AppData\Local\AMD

2014-01-02 11:21 - 2014-01-02 11:21 - 00000000 ____D C:\ProgramData\ATI

2014-01-02 11:21 - 2014-01-02 11:21 - 00000000 _____ C:\Windows\ativpsrm.bin

2014-01-02 11:19 - 2014-01-02 11:19 - 00066505 _____ C:\Windows\SysWOW64\CCCInstall_201401021119385304.log

2014-01-02 11:19 - 2014-01-02 11:19 - 00000000 ____D C:\ProgramData\AMD

2014-01-02 11:19 - 2014-01-02 11:19 - 00000000 ____D C:\Program Files (x86)\AMD AVT

2014-01-02 11:18 - 2014-01-02 11:18 - 00000000 ____D C:\Program Files\AMD

2014-01-02 11:18 - 2014-01-02 11:18 - 00000000 ____D C:\Program Files (x86)\ATI Technologies

2014-01-02 11:17 - 2014-01-02 11:19 - 00000000 ____D C:\Program Files\ATI Technologies

2014-01-02 11:17 - 2014-01-02 11:17 - 00000000 ____D C:\Program Files\ATI

2014-01-02 11:16 - 2014-01-02 11:16 - 00000000 ____D C:\AMD

2014-01-02 10:46 - 2014-01-02 10:46 - 00003500 _____ C:\Windows\DPINST.LOG

2014-01-02 10:45 - 2014-01-02 10:45 - 00059932 _____ C:\Windows\SysWOW64\CCCInstall_201401021045489509.log

2014-01-01 20:30 - 2014-01-01 20:30 - 13207552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys.bak

2014-01-01 20:30 - 2014-01-01 20:30 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak

2014-01-01 20:30 - 2014-01-01 20:30 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak

2014-01-01 20:28 - 2014-01-02 06:19 - 00000000 ____D C:\Users\Chifo\Desktop\RK_Quarantine

2014-01-01 20:27 - 2014-01-02 06:19 - 00000000 ____D C:\Program Files (x86)\ERUNT

2013-12-26 16:02 - 2014-01-02 13:53 - 00002493 _____ C:\Windows\setupact.log

2013-12-26 16:02 - 2013-12-26 16:02 - 00000000 _____ C:\Windows\setuperr.log

2013-12-26 14:50 - 2013-12-26 15:09 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys

2013-12-26 11:39 - 2013-12-26 11:39 - 00000000 ____D C:\Users\Chifo\AppData\Local\Hold'em_Manager

2013-12-26 11:19 - 2013-12-26 11:32 - 00000000 ____D C:\HM2Archive

2013-12-26 11:15 - 2014-01-02 14:17 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\HoldemManager

2013-12-26 11:13 - 2013-12-30 12:01 - 00000000 ____D C:\Program Files (x86)\Holdem Manager 2

2013-12-20 19:30 - 2013-12-26 15:59 - 00000000 ____D C:\Users\Chifo\AppData\Local\CrashDumps

2013-12-20 19:30 - 2013-12-20 19:30 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\Leadertech

2013-12-20 19:30 - 2013-12-20 19:30 - 00000000 ____D C:\Users\Chifo\AppData\Local\Logitech

2013-12-20 19:30 - 2013-12-20 19:30 - 00000000 ____D C:\ProgramData\LogiShrd

2013-12-20 19:28 - 2013-12-20 19:28 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\Logitech

2013-12-20 19:28 - 2013-12-20 19:28 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\Logishrd

2013-12-20 19:28 - 2013-12-20 19:28 - 00000000 ____D C:\Program Files\Logitech Gaming Software

2013-12-18 21:30 - 2013-12-19 13:26 - 00000000 ____D C:\UsbFix

2013-12-14 10:57 - 2013-12-14 10:57 - 00000793 _____ C:\Users\Chifo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk

2013-12-14 10:25 - 2014-01-02 13:17 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-12-14 10:24 - 2014-01-02 13:11 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2013-12-10 20:00 - 2013-11-26 08:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-12-10 20:00 - 2013-11-26 07:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-12-10 20:00 - 2013-11-26 07:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-12-10 20:00 - 2013-11-26 07:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-12-10 20:00 - 2013-11-26 06:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-12-10 20:00 - 2013-11-26 06:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-12-10 20:00 - 2013-11-26 06:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-12-10 20:00 - 2013-11-26 06:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-12-10 20:00 - 2013-11-26 06:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-12-10 20:00 - 2013-11-26 06:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-12-10 20:00 - 2013-11-26 06:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-12-10 20:00 - 2013-11-26 06:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-12-10 20:00 - 2013-11-26 06:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-12-10 20:00 - 2013-11-26 06:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-12-10 20:00 - 2013-11-26 05:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-12-10 20:00 - 2013-11-26 05:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-12-10 20:00 - 2013-11-26 05:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-12-10 20:00 - 2013-11-26 05:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-12-10 20:00 - 2013-11-26 05:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-12-10 20:00 - 2013-11-26 05:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-12-10 20:00 - 2013-11-26 05:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-12-10 20:00 - 2013-11-26 05:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-12-10 20:00 - 2013-11-26 04:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-12-10 20:00 - 2013-11-26 04:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-12-10 20:00 - 2013-11-26 04:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-12-10 20:00 - 2013-11-26 04:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-12-10 20:00 - 2013-11-26 03:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-12-10 20:00 - 2013-11-26 03:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-12-10 20:00 - 2013-11-26 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-12-10 20:00 - 2013-11-26 03:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-12-10 20:00 - 2013-11-26 03:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-12-10 20:00 - 2013-05-10 02:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2013-12-10 20:00 - 2013-05-10 02:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2013-12-10 20:00 - 2013-05-10 01:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2013-12-10 20:00 - 2013-05-10 01:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2013-12-10 19:57 - 2013-11-23 15:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-12-10 19:57 - 2013-11-23 14:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2013-12-10 19:57 - 2013-11-11 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2013-12-10 19:57 - 2013-11-11 23:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2013-12-10 19:57 - 2013-10-29 23:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2013-12-10 19:57 - 2013-10-29 23:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2013-12-10 19:57 - 2013-10-29 22:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-12-10 19:57 - 2013-10-18 23:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2013-12-10 19:57 - 2013-10-18 22:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2013-12-10 19:57 - 2013-10-11 23:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2013-12-10 19:57 - 2013-10-11 23:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2013-12-10 19:57 - 2013-10-11 23:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2013-12-10 19:57 - 2013-10-11 23:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2013-12-10 19:57 - 2013-10-11 22:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2013-12-10 19:57 - 2013-10-11 22:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2013-12-10 19:57 - 2013-10-11 22:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2013-12-10 19:57 - 2013-10-11 22:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2013-12-10 19:57 - 2013-10-03 23:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2013-12-10 19:57 - 2013-10-03 22:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2013-12-09 13:15 - 2013-12-09 13:15 - 00000000 ____D C:\Program Files (x86)\GUM2145.tmp

2013-12-07 10:29 - 2013-12-11 12:21 - 00000000 ____D C:\Windows\erdnt

2013-12-06 19:07 - 2013-12-06 19:07 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll

2013-12-06 19:07 - 2013-12-06 19:07 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll

2013-12-06 19:07 - 2013-12-06 19:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll

2013-12-06 19:07 - 2013-12-06 19:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll

2013-12-06 19:04 - 2013-12-06 19:04 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll

2013-12-06 19:03 - 2013-12-06 19:03 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll

2013-12-06 19:03 - 2013-12-06 19:03 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll

2013-12-06 19:02 - 2013-12-06 19:02 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll

2013-12-06 19:01 - 2013-12-06 19:01 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll

2013-12-06 19:01 - 2013-12-06 19:01 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll

2013-12-06 19:00 - 2013-12-06 19:00 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll

2013-12-06 18:59 - 2013-12-06 18:59 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll

2013-12-06 18:59 - 2013-12-06 18:59 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll

2013-12-06 18:58 - 2013-12-06 18:58 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll

2013-12-06 18:57 - 2013-12-06 18:57 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll

2013-12-06 18:56 - 2013-12-06 18:56 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll

2013-12-06 18:52 - 2013-12-06 18:52 - 13207552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys

2013-12-06 18:38 - 2013-12-06 18:38 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe

2013-12-06 18:38 - 2013-12-06 18:38 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe

2013-12-06 18:38 - 2013-12-06 18:38 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe

2013-12-06 18:38 - 2013-12-06 18:38 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe

2013-12-06 18:38 - 2013-12-06 18:38 - 00230912 _____ C:\Windows\system32\clinfo.exe

2013-12-06 18:38 - 2013-12-06 18:38 - 00099840 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll

2013-12-06 18:38 - 2013-12-06 18:38 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll

2013-12-06 18:38 - 2013-12-06 18:38 - 00083968 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll

2013-12-06 18:38 - 2013-12-06 18:38 - 00073728 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll

2013-12-06 18:37 - 2013-12-06 18:37 - 29382144 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll

2013-12-06 18:35 - 2013-12-06 18:35 - 24860160 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll

2013-12-06 18:33 - 2013-12-06 18:33 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-12-06 18:33 - 2013-12-06 18:33 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2013-12-06 18:26 - 2013-12-06 18:26 - 00129536 _____ (AMD) C:\Windows\system32\coinst_13.251.dll

2013-12-06 18:16 - 2013-12-06 18:16 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll

2013-12-06 18:13 - 2013-12-06 18:13 - 00550456 _____ C:\Windows\SysWOW64\atiapfxx.blb

2013-12-06 18:13 - 2013-12-06 18:13 - 00550456 _____ C:\Windows\system32\atiapfxx.blb

2013-12-06 18:13 - 2013-12-06 18:13 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe

2013-12-06 18:12 - 2013-12-06 18:12 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll

2013-12-06 18:12 - 2013-12-06 18:12 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll

2013-12-06 18:12 - 2013-12-06 18:12 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll

2013-12-06 18:12 - 2013-12-06 18:12 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll

2013-12-06 18:12 - 2013-12-06 18:12 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll

2013-12-06 18:09 - 2013-12-06 18:09 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll

2013-12-06 17:58 - 2013-12-06 17:58 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll

2013-12-06 17:53 - 2013-12-06 17:53 - 00588288 _____ (AMD) C:\Windows\system32\atieclxx.exe

2013-12-06 17:53 - 2013-12-06 17:53 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll

2013-12-06 17:53 - 2013-12-06 17:53 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll

2013-12-06 17:52 - 2013-12-06 17:52 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe

2013-12-06 17:50 - 2013-12-06 17:50 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll

2013-12-06 17:42 - 2013-12-06 17:42 - 03426688 _____ C:\Windows\system32\atiumd6a.cap

2013-12-06 17:39 - 2013-12-06 17:39 - 00204952 _____ C:\Windows\SysWOW64\ativvsvl.dat

2013-12-06 17:39 - 2013-12-06 17:39 - 00204952 _____ C:\Windows\system32\ativvsvl.dat

2013-12-06 17:39 - 2013-12-06 17:39 - 00157144 _____ C:\Windows\SysWOW64\ativvsva.dat

2013-12-06 17:39 - 2013-12-06 17:39 - 00157144 _____ C:\Windows\system32\ativvsva.dat

2013-12-06 17:31 - 2013-12-06 17:31 - 03461040 _____ C:\Windows\SysWOW64\atiumdva.cap

2013-12-06 17:22 - 2013-12-06 17:22 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll

2013-12-06 17:22 - 2013-12-06 17:22 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll

2013-12-06 17:22 - 2013-12-06 17:22 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll

2013-12-06 17:22 - 2013-12-06 17:22 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll

2013-12-06 17:22 - 2013-12-06 17:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll

2013-12-06 17:22 - 2013-12-06 17:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll

2013-12-06 17:21 - 2013-12-06 17:21 - 00626176 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys

2013-12-06 17:21 - 2013-12-06 17:21 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll

2013-12-06 17:18 - 2013-12-06 17:18 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll

2013-12-06 16:49 - 2013-12-06 16:49 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll

2013-12-06 16:44 - 2013-12-06 16:44 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll

2013-12-06 16:07 - 2013-12-06 16:07 - 00000000 ____D C:\Windows\ERUNT

2013-12-05 19:30 - 2013-12-05 14:39 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll

2013-12-05 14:42 - 2013-12-05 14:42 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll

2013-12-05 14:41 - 2013-12-05 14:41 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll

2013-12-05 14:39 - 2013-12-05 14:39 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll

 

==================== One Month Modified Files and Folders =======

 

2014-01-02 16:30 - 2014-01-02 16:29 - 00010874 _____ C:\Users\Chifo\Desktop\FRST.txt

2014-01-02 16:29 - 2014-01-02 16:29 - 01931426 _____ (Farbar) C:\Users\Chifo\Desktop\FRST64.exe

2014-01-02 16:29 - 2014-01-02 16:29 - 00000000 ____D C:\FRST

2014-01-02 16:29 - 2013-11-20 18:38 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\Spotify

2014-01-02 16:27 - 2013-11-22 11:39 - 00000000 ____D C:\Users\Chifo\AppData\Local\Equilab

2014-01-02 16:26 - 2013-11-20 19:08 - 00000000 ____D C:\Users\Chifo\AppData\Local\PokerStars

2014-01-02 16:26 - 2013-11-20 19:04 - 02517263 _____ C:\blitzerr.txt

2014-01-02 16:26 - 2013-11-20 18:09 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\KeePass

2014-01-02 16:20 - 2013-11-20 18:58 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\Skype

2014-01-02 16:20 - 2013-11-20 18:02 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-01-02 15:44 - 2009-07-14 01:45 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-01-02 15:44 - 2009-07-14 01:45 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-01-02 15:11 - 2014-01-02 15:11 - 00000222 _____ C:\Users\Chifo\Desktop\eset.txt

2014-01-02 14:17 - 2013-12-26 11:15 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\HoldemManager

2014-01-02 14:16 - 2014-01-02 14:16 - 00000000 ____D C:\Program Files (x86)\ESET

2014-01-02 14:02 - 2013-11-21 10:20 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS

2014-01-02 14:02 - 2013-11-20 18:02 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-01-02 14:00 - 2013-11-20 13:49 - 01608088 _____ C:\Windows\WindowsUpdate.log

2014-01-02 13:57 - 2009-07-14 06:31 - 00750622 _____ C:\Windows\system32\perfh00A.dat

2014-01-02 13:57 - 2009-07-14 06:31 - 00160034 _____ C:\Windows\system32\perfc00A.dat

2014-01-02 13:57 - 2009-07-14 02:13 - 01686038 _____ C:\Windows\system32\PerfStringBackup.INI

2014-01-02 13:53 - 2013-12-26 16:02 - 00002493 _____ C:\Windows\setupact.log

2014-01-02 13:53 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2014-01-02 13:52 - 2014-01-02 13:51 - 00000000 ____D C:\AdwCleaner

2014-01-02 13:51 - 2014-01-02 13:51 - 01233962 _____ C:\Users\Chifo\Desktop\AdwCleaner.exe

2014-01-02 13:46 - 2014-01-02 13:46 - 00000621 _____ C:\Users\Chifo\Desktop\JRT.txt

2014-01-02 13:32 - 2014-01-02 13:32 - 00003608 ____N C:\bootsqm.dat

2014-01-02 13:17 - 2014-01-02 13:17 - 01036305 _____ (Thisisu) C:\Users\Chifo\Desktop\JRT.exe

2014-01-02 13:17 - 2013-12-14 10:25 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-01-02 13:11 - 2013-12-14 10:24 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-01-02 11:21 - 2014-01-02 11:21 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\ATI

2014-01-02 11:21 - 2014-01-02 11:21 - 00000000 ____D C:\Users\Chifo\AppData\Local\ATI

2014-01-02 11:21 - 2014-01-02 11:21 - 00000000 ____D C:\Users\Chifo\AppData\Local\AMD

2014-01-02 11:21 - 2014-01-02 11:21 - 00000000 ____D C:\ProgramData\ATI

2014-01-02 11:21 - 2014-01-02 11:21 - 00000000 _____ C:\Windows\ativpsrm.bin

2014-01-02 11:19 - 2014-01-02 11:19 - 00066505 _____ C:\Windows\SysWOW64\CCCInstall_201401021119385304.log

2014-01-02 11:19 - 2014-01-02 11:19 - 00000000 ____D C:\ProgramData\AMD

2014-01-02 11:19 - 2014-01-02 11:19 - 00000000 ____D C:\Program Files (x86)\AMD AVT

2014-01-02 11:19 - 2014-01-02 11:17 - 00000000 ____D C:\Program Files\ATI Technologies

2014-01-02 11:18 - 2014-01-02 11:18 - 00000000 ____D C:\Program Files\AMD

2014-01-02 11:18 - 2014-01-02 11:18 - 00000000 ____D C:\Program Files (x86)\ATI Technologies

2014-01-02 11:18 - 2013-11-20 18:25 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies

2014-01-02 11:17 - 2014-01-02 11:17 - 00000000 ____D C:\Program Files\ATI

2014-01-02 11:16 - 2014-01-02 11:16 - 00000000 ____D C:\AMD

2014-01-02 10:58 - 2009-07-14 01:45 - 00021504 _____ C:\Windows\system32\umstartup.etl

2014-01-02 10:46 - 2014-01-02 10:46 - 00003500 _____ C:\Windows\DPINST.LOG

2014-01-02 10:45 - 2014-01-02 10:45 - 00059932 _____ C:\Windows\SysWOW64\CCCInstall_201401021045489509.log

2014-01-02 10:41 - 2013-11-20 13:49 - 00000000 ____D C:\Users\Chifo

2014-01-02 06:34 - 2013-11-21 10:53 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\Rainmeter

2014-01-02 06:34 - 2013-11-21 10:20 - 00000000 ____D C:\Windows\AutoKMS

2014-01-02 06:34 - 2013-11-20 23:44 - 00000000 ____D C:\Program Files\CCleaner

2014-01-02 06:34 - 2013-11-20 19:12 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\uTorrent

2014-01-02 06:34 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\registration

2014-01-02 06:19 - 2014-01-01 20:28 - 00000000 ____D C:\Users\Chifo\Desktop\RK_Quarantine

2014-01-02 06:19 - 2014-01-01 20:27 - 00000000 ____D C:\Program Files (x86)\ERUNT

2014-01-01 20:30 - 2014-01-01 20:30 - 13207552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys.bak

2014-01-01 20:30 - 2014-01-01 20:30 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak

2014-01-01 20:30 - 2014-01-01 20:30 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak

2013-12-31 13:03 - 2013-11-21 12:37 - 00000000 ____D C:\Users\Chifo\AppData\Local\Paint.NET

2013-12-30 12:01 - 2013-12-26 11:13 - 00000000 ____D C:\Program Files (x86)\Holdem Manager 2

2013-12-29 22:15 - 2013-11-20 18:38 - 00000000 ____D C:\Users\Chifo\AppData\Local\Spotify

2013-12-28 14:15 - 2013-11-21 09:52 - 00000000 ____D C:\StarsHelper

2013-12-26 16:02 - 2013-12-26 16:02 - 00000000 _____ C:\Windows\setuperr.log

2013-12-26 15:59 - 2013-12-20 19:30 - 00000000 ____D C:\Users\Chifo\AppData\Local\CrashDumps

2013-12-26 15:09 - 2013-12-26 14:50 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys

2013-12-26 11:39 - 2013-12-26 11:39 - 00000000 ____D C:\Users\Chifo\AppData\Local\Hold'em_Manager

2013-12-26 11:32 - 2013-12-26 11:19 - 00000000 ____D C:\HM2Archive

2013-12-26 11:13 - 2013-11-20 18:51 - 00000000 ____D C:\Program Files (x86)\PSQLINSTALL

2013-12-24 18:06 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache

2013-12-22 17:25 - 2013-11-20 19:17 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\QFX Software

2013-12-22 17:25 - 2013-11-20 19:17 - 00000000 ____D C:\ProgramData\QFX Software

2013-12-20 20:09 - 2013-11-20 13:49 - 00000000 ___RD C:\Users\Chifo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-12-20 19:30 - 2013-12-20 19:30 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\Leadertech

2013-12-20 19:30 - 2013-12-20 19:30 - 00000000 ____D C:\Users\Chifo\AppData\Local\Logitech

2013-12-20 19:30 - 2013-12-20 19:30 - 00000000 ____D C:\ProgramData\LogiShrd

2013-12-20 19:28 - 2013-12-20 19:28 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\Logitech

2013-12-20 19:28 - 2013-12-20 19:28 - 00000000 ____D C:\Users\Chifo\AppData\Roaming\Logishrd

2013-12-20 19:28 - 2013-12-20 19:28 - 00000000 ____D C:\Program Files\Logitech Gaming Software

2013-12-20 19:13 - 2009-07-14 02:08 - 00032642 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-12-19 13:26 - 2013-12-18 21:30 - 00000000 ____D C:\UsbFix

2013-12-14 10:57 - 2013-12-14 10:57 - 00000793 _____ C:\Users\Chifo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk

2013-12-11 12:21 - 2013-12-07 10:29 - 00000000 ____D C:\Windows\erdnt

2013-12-11 12:15 - 2009-07-14 01:45 - 00416984 _____ C:\Windows\system32\FNTCACHE.DAT

2013-12-10 20:00 - 2013-11-20 19:22 - 00000000 ____D C:\Windows\system32\MRT

2013-12-10 19:59 - 2013-11-20 22:17 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-12-10 19:59 - 2013-11-20 19:22 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-12-09 13:15 - 2013-12-09 13:15 - 00000000 ____D C:\Program Files (x86)\GUM2145.tmp

2013-12-09 13:15 - 2013-11-20 18:02 - 00004094 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-12-09 13:15 - 2013-11-20 18:02 - 00003842 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-12-07 14:58 - 2009-07-13 23:34 - 00000215 ____N C:\Windows\system.ini

2013-12-07 10:35 - 2009-07-14 00:20 - 00000000 __RHD C:\Users\Default

2013-12-06 19:07 - 2013-12-06 19:07 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll

2013-12-06 19:07 - 2013-12-06 19:07 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll

2013-12-06 19:07 - 2013-12-06 19:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll

2013-12-06 19:07 - 2013-12-06 19:07 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll

2013-12-06 19:04 - 2013-12-06 19:04 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll

2013-12-06 19:03 - 2013-12-06 19:03 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll

2013-12-06 19:03 - 2013-12-06 19:03 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll

2013-12-06 19:02 - 2013-12-06 19:02 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll

2013-12-06 19:01 - 2013-12-06 19:01 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll

2013-12-06 19:01 - 2013-12-06 19:01 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll

2013-12-06 19:00 - 2013-12-06 19:00 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll

2013-12-06 18:59 - 2013-12-06 18:59 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll

2013-12-06 18:59 - 2013-12-06 18:59 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll

2013-12-06 18:58 - 2013-12-06 18:58 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll

2013-12-06 18:57 - 2013-12-06 18:57 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll

2013-12-06 18:56 - 2013-12-06 18:56 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll

2013-12-06 18:52 - 2013-12-06 18:52 - 13207552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys

2013-12-06 18:38 - 2013-12-06 18:38 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe

2013-12-06 18:38 - 2013-12-06 18:38 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe

2013-12-06 18:38 - 2013-12-06 18:38 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe

2013-12-06 18:38 - 2013-12-06 18:38 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe

2013-12-06 18:38 - 2013-12-06 18:38 - 00230912 _____ C:\Windows\system32\clinfo.exe

2013-12-06 18:38 - 2013-12-06 18:38 - 00099840 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll

2013-12-06 18:38 - 2013-12-06 18:38 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll

2013-12-06 18:38 - 2013-12-06 18:38 - 00083968 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll

2013-12-06 18:38 - 2013-12-06 18:38 - 00073728 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll

2013-12-06 18:37 - 2013-12-06 18:37 - 29382144 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll

2013-12-06 18:35 - 2013-12-06 18:35 - 24860160 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll

2013-12-06 18:33 - 2013-12-06 18:33 - 00063488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2013-12-06 18:33 - 2013-12-06 18:33 - 00057344 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2013-12-06 18:26 - 2013-12-06 18:26 - 00129536 _____ (AMD) C:\Windows\system32\coinst_13.251.dll

2013-12-06 18:16 - 2013-12-06 18:16 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll

2013-12-06 18:13 - 2013-12-06 18:13 - 00550456 _____ C:\Windows\SysWOW64\atiapfxx.blb

2013-12-06 18:13 - 2013-12-06 18:13 - 00550456 _____ C:\Windows\system32\atiapfxx.blb

2013-12-06 18:13 - 2013-12-06 18:13 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe

2013-12-06 18:12 - 2013-12-06 18:12 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll

2013-12-06 18:12 - 2013-12-06 18:12 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll

2013-12-06 18:12 - 2013-12-06 18:12 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll

2013-12-06 18:12 - 2013-12-06 18:12 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll

2013-12-06 18:12 - 2013-12-06 18:12 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll

2013-12-06 18:09 - 2013-12-06 18:09 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll

2013-12-06 17:58 - 2013-12-06 17:58 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll

2013-12-06 17:53 - 2013-12-06 17:53 - 00588288 _____ (AMD) C:\Windows\system32\atieclxx.exe

2013-12-06 17:53 - 2013-12-06 17:53 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll

2013-12-06 17:53 - 2013-12-06 17:53 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll

2013-12-06 17:52 - 2013-12-06 17:52 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe

2013-12-06 17:50 - 2013-12-06 17:50 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll

2013-12-06 17:42 - 2013-12-06 17:42 - 03426688 _____ C:\Windows\system32\atiumd6a.cap

2013-12-06 17:39 - 2013-12-06 17:39 - 00204952 _____ C:\Windows\SysWOW64\ativvsvl.dat

2013-12-06 17:39 - 2013-12-06 17:39 - 00204952 _____ C:\Windows\system32\ativvsvl.dat

2013-12-06 17:39 - 2013-12-06 17:39 - 00157144 _____ C:\Windows\SysWOW64\ativvsva.dat

2013-12-06 17:39 - 2013-12-06 17:39 - 00157144 _____ C:\Windows\system32\ativvsva.dat

2013-12-06 17:31 - 2013-12-06 17:31 - 03461040 _____ C:\Windows\SysWOW64\atiumdva.cap

2013-12-06 17:22 - 2013-12-06 17:22 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll

2013-12-06 17:22 - 2013-12-06 17:22 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll

2013-12-06 17:22 - 2013-12-06 17:22 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll

2013-12-06 17:22 - 2013-12-06 17:22 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll

2013-12-06 17:22 - 2013-12-06 17:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll

2013-12-06 17:22 - 2013-12-06 17:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll

2013-12-06 17:21 - 2013-12-06 17:21 - 00626176 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys

2013-12-06 17:21 - 2013-12-06 17:21 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll

2013-12-06 17:18 - 2013-12-06 17:18 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll

2013-12-06 16:49 - 2013-12-06 16:49 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll

2013-12-06 16:44 - 2013-12-06 16:44 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll

2013-12-06 16:07 - 2013-12-06 16:07 - 00000000 ____D C:\Windows\ERUNT

2013-12-05 14:42 - 2013-12-05 14:42 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll

2013-12-05 14:41 - 2013-12-05 14:41 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll

2013-12-05 14:40 - 2013-11-20 18:19 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys

2013-12-05 14:39 - 2013-12-05 19:30 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll

2013-12-05 14:39 - 2013-12-05 14:39 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll

2013-12-05 14:10 - 2013-11-20 19:08 - 00000000 ____D C:\Program Files (x86)\PokerStars

 

Some content of TEMP:

====================

C:\Users\Chifo\AppData\Local\Temp\13-12_win7_win8_64_dd_ccc_whql.exe

C:\Users\Chifo\AppData\Local\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-12-24 17:58

 

==================== End Of Log ============================

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.