Jump to content

Iminent and Run-time error '-2147024769 (8007007f)'

Borat2014

By Borat2014
in Resolved Malware Removal Logs

 Share

Recommended Posts

Borat2014

Borat2014

Posted
Posted

My computer has been running sluggishly for the last few days and my internet browser (Google Chrome) is crashing often.  I have noticed that my default homepage has been changed to Iminent and some of their software has been added to my computer.  I know this is Ad-ware, so I have tried running Malwarebytes to try and clean things up, but I have been unable to do so.  The following error message has been appearing:


 


Run-time error '-2147024769 (8007007f)': Automation error. The specified procedure could not be found.


 


How can it be fixed?  I am using Windows XP, if that makes any difference.


Link to post
Share on other sites
  • Replies 53
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hello and :welcome:

If you've not already done so please start here and post back the 2 log files DDS.txt and Attach.txt

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Before we proceed further, please read all of the following instructions carefully.

If there is anything that you do not understand kindly ask before proceeding.

If needed please print out these instructions.

  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly
  • Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive
  • Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you.
  • The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue.
  • You can check here if you're not sure if your computer is 32-bit or 64-bit
  • Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners.
  • When we are done, I'll give you instructions on how to cleanup all the tools and logs
  • Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.
  • Your topic will be closed if you haven't replied within 3 days
  • (If I have not responded within 24 hours, please send me a Private Message as a reminder)
STEP 0

RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes

so that your normal security software can then run and clean your computer of infections.

When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies

that stop us from using certain tools. When finished it will display a log file that shows the processes that were

terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot

your computer as any malware processes that are configured to start automatically will just be started again.

Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.

Link 1

Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
STEP 01

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.
  • Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe
STEP 02

Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.
Link to post
Share on other sites
Borat2014

Borat2014

Posted
  • Author
Posted

Thanks for your help.  Here is the RogueKiller report:

 

RogueKiller V8.8.1 [Jan 14 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User : Ste's [Admin rights]
Mode : Scan -- Date : 01/16/2014 16:08:14
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[sUSP PATH][DLL] rundll32.exe -- C:\Documents and Settings\Ste's\Application Data\newnext.me\nengine.dll [-] -> rundll32.exe KILLED [TermProc]
 
¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : Epic Privacy Browser Update ("C:\Documents and Settings\Ste's\Local Settings\Application Data\Epic Privacy Browser\Update\EpicUpdate.exe" /c [-]) -> FOUND
[RUN][sUSP PATH] HKCU\[...]\Run : NextLive (C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Ste's\Application Data\newnext.me\nengine.dll",EntryPoint -m l [7][-][x]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-2069718967-3910750565-3749302202-1005\[...]\Run : Epic Privacy Browser Update ("C:\Documents and Settings\Ste's\Local Settings\Application Data\Epic Privacy Browser\Update\EpicUpdate.exe" /c [-]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-2069718967-3910750565-3749302202-1005\[...]\Run : NextLive (C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Ste's\Application Data\newnext.me\nengine.dll",EntryPoint -m l [7][-][x]) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V1][sUSP PATH] At1.job : C:\DOCUME~1\NETWOR~1\APPLIC~1\DealPly\UPDATE~1\UPDATE~1.EXE - /Check [7] -> FOUND
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0xc0000033] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
127.0.0.1 symantec.
127.0.0.1 nod32.com
127.0.0.1 nod32.ru
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD160JJ/P +++++
--- User ---
[MBR] dd9602c48653f5d1a98f08e50f472de1
[bSP] 0865dbc3033a5b0d1557ae0b87d99f0b : Windows XP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 109646 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 224669025 | Size: 38130 Mo
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 302760990 | Size: 4753 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please go ahead and run through the following steps and post back the logs when ready.

STEP 03

Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt
STEP 04

Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus
STEP 05

Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

STEP 06

button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.
STEP 07

Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.
Link to post
Share on other sites
Borat2014

Borat2014

Posted
  • Author
Posted

Over my next few posts, I will be posting the reports.

 

Here are the MBAR ones:

 

MBAR Log

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org
 
Database version: v2014.01.17.04
 
Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Ste's :: STE [administrator]
 
17/01/2014 13:23:48
mbar-log-2014-01-17 (13-23-48).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 295865
Time elapsed: 58 minute(s), 34 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 2
C:\Documents and Settings\Ste's\Local Settings\Temp\DIQ\FlashPlayer_151\DomaIQ.exe (Adware.DomaIQ) -> Delete on reboot.
C:\WINDOWS\USERINIT.EXE (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
SYSTEM LOG
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008
 
© Malwarebytes Corporation 2011-2012
 
OS version: 5.1.2600 Windows XP Service Pack 2 x86
 
Account is Administrative
 
Internet Explorer version: 6.0.2900.2180
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 1063333888, free: 311803904
 
=======================================
Initializing...
------------ Kernel report ------------
     01/17/2014 17:26:35
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
\WINDOWS\System32\Drivers\SCSIPORT.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
intelide.sys
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
atapi.sys
cercsr6.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
DRVMCDB.SYS
PxHelp20.sys
KSecDD.sys
WudfPf.sys
Ntfs.sys
NDIS.sys
Mup.sys
aswVmm.sys
aswRvrt.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\ialmnt5.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\hcwPP2.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\e100b325.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\System32\Drivers\DLACDBHM.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\i2omgmt.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\aswKbd.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\Drivers\DLARTL_N.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\System32\Drivers\aswRdr.SYS
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ialmdnt5.dll
\SystemRoot\System32\ialmrnt5.dll
\SystemRoot\System32\ialmdev5.DLL
\SystemRoot\System32\ialmdd5.DLL
\SystemRoot\System32\ATMFD.DLL
\??\C:\WINDOWS\system32\drivers\aswMonFlt.sys
\??\C:\WINDOWS\system32\drivers\mbam.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\System32\Drivers\DRVNDDM.SYS
\SystemRoot\System32\DLA\DLADResN.SYS
\SystemRoot\System32\DLA\DLAIFS_M.SYS
\SystemRoot\System32\DLA\DLAOPIOM.SYS
\SystemRoot\System32\DLA\DLAPoolM.SYS
\SystemRoot\System32\DLA\DLABOIOM.SYS
\SystemRoot\System32\DLA\DLAUDFAM.SYS
\SystemRoot\System32\DLA\DLAUDF_M.SYS
\SystemRoot\system32\DRIVERS\hnm_wrls_pkt.sys
\SystemRoot\system32\DRIVERS\packet.sys
\SystemRoot\system32\DRIVERS\wsp_pkt.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\MSPQM.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\drivers\splitter.sys
\SystemRoot\system32\drivers\aec.sys
\SystemRoot\system32\drivers\swmidi.sys
\SystemRoot\system32\drivers\DMusic.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\kmixer.sys
\SystemRoot\system32\drivers\drmkaud.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86f96ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-e\
Lower Device Object: 0xffffffff86f9b148
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86f96ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86f9c020, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86f96ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86f9b148, DeviceName: \Device\Ide\IdeDeviceP1T0L0-e\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E686F016
 
Partition information:
 
    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 96327
 
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 96390  Numsec = 224556570
    Partition file system is NTFS
    Partition is bootable
 
    Partition 2 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 224669025  Numsec = 78091965
 
    Partition 3 type is Other (0xdb)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 302760990  Numsec = 9735390
 
Disk Size: 160000000000 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-62-312480000-312500000)...
Done!
Read File: File "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW5992\_mscorsvr.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW5992\_mscorwks.dll" is compressed (flags = 1)
Link to post
Share on other sites
Borat2014

Borat2014

Posted
  • Author
Posted

JRT.txt

 

 

 
 
~~~ Services
 
Successfully stopped: [service] sprotection 
Successfully deleted: [service] sprotection 
Successfully stopped: [service] wajamupdater 
Successfully deleted: [service] wajamupdater 
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2069718967-3910750565-3749302202-1005\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?
 
    Value Name          Type                             Value Data                     
========================================================================================
    NextLive REG_SZ C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Ste's\Application Data\newnext.me\nengine.dll",EntryPoint -m l
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} 
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\iminent.webbooster.internetexplorer.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\priam_bho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\caphyon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\umbrella
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.downloadargs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.linktopromoteargs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.rawdataargs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.tinyurlargs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.business.tinyfying.virallinkargs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.clientcallback
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.contractbase
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.addtousercontentcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.checkloginstatuscommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.cleancachecommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.gameovercallback
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getcreditcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getinstallationcontextcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getloginstatuscommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getloginstatusresult
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getvariablecommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.getvariableresult
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.installationcontextresult
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.loadcontentcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.loadcontentcommandresult
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.logincommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.loginstatuschangedcallback
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.logoutcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.mergeidentitycommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.myaccountcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.playcontentcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.postcontentcallback
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.recycleviewscommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.setvariablecommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.showbrowserwindowcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.showcontrolcentercommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.showpluginwindowcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.testcontentcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.usercontentchangedcallback
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.variablechangedcallback
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.warmupcommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.datacontracts.welcomecommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.servercommand
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.communication.serverresult
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.lightcontent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.lighturi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent.mediator.mediatorserviceproxy
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.activecontenthandle.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.activecontenthandler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.browserhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.browserhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.scriptextender
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.scriptextender.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.tinyurlhandler
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminentwebbooster.tinyurlhandler.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\viewpointmediaplayer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1ae46c09-2ab8-4ee5-88fb-08cd0ff7f2df}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2dbad634-0032-42e8-8a04-b4cfc5062eb0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3072253
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\end"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\apn"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\iminent"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\viewpoint"
Successfully deleted: [Folder] "C:\Documents and Settings\Ste's\Application Data\dealply"
Successfully deleted: [Folder] "C:\Documents and Settings\Ste's\Application Data\iminent"
Successfully deleted: [Folder] "C:\Documents and Settings\Ste's\Application Data\iwin"
Successfully deleted: [Folder] "C:\Documents and Settings\Ste's\Application Data\pricegong"
Successfully deleted: [Folder] "C:\Documents and Settings\Ste's\Application Data\toolbar4"
Successfully deleted: [Folder] "C:\Documents and Settings\Ste's\Application Data\viewpoint"
Successfully deleted: [Folder] "C:\Documents and Settings\Ste's\Local Settings\Application Data\conduit"
Successfully deleted: [Folder] "C:\Documents and Settings\Ste's\Local Settings\Application Data\cre"
Successfully deleted: [Folder] "C:\Documents and Settings\Ste's\Local Settings\Application Data\wajam"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\iminent"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
Successfully deleted: [Folder] "C:\Program Files\viewpoint"
Successfully deleted: [Folder] "C:\Program Files\wajam"
Successfully deleted: [Folder] "C:\Program Files\Common Files\umbrella"
Successfully deleted: [Folder] "C:\Documents and Settings\Ste's\start menu\programs\wajam"
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Link to post
Share on other sites
Borat2014

Borat2014

Posted
  • Author
Posted

ESET

 

C:\AdwCleaner\Quarantine\C\Documents and Settings\NetworkService\Application Data\DealPly\UpdateProc\UpdateTask.exe.vir Win32/DealPly.B application

C:\AdwCleaner\Quarantine\C\Documents and Settings\Ste's\Application Data\newnext.me\nengine.dll.vir Win32/NextLive.A application
C:\AdwCleaner\Quarantine\C\Documents and Settings\Ste's\Local Settings\Application Data\genienext\nengine.dll.vir Win32/NextLive.A application
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0TUV0P23\wajam_update[1].007 a variant of Win32/Wajam.D application
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NVH2GLZC\wajam_update[1].004 a variant of Win32/Wajam.D application
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\NVH2GLZC\wajam_update[1].005 a variant of Win32/Wajam.D application
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QXECG6RL\wajam_update[1].006 a variant of Win32/Wajam.D application
C:\Documents and Settings\Ste's\Desktop\Old Firefox Data\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Documents and Settings\Ste's\Desktop\Old Firefox Data-1\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\chrome\content\dealply.xul Win32/DealPly.J application
C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\000\t\00\00000000 Win32/AdWare.1ClickDownload.AQ application
C:\Documents and Settings\Ste's\Local Settings\Temp\jtBrveDG.exe.part a variant of Win32/Toolbar.Babylon.E application
C:\Documents and Settings\Ste's\Local Settings\Temp\setup.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Documents and Settings\Ste's\Local Settings\Temp\uttE7.tmp.exe a variant of Win32/Bundled.Toolbar.Ask.A application
C:\Documents and Settings\Ste's\Local Settings\Temp\wajam_install.exe Win32/Wajam.A application
C:\Documents and Settings\Ste's\Local Settings\Temp\DIQ\FlashPlayer_151\OfferBrokerage_14003.exe a variant of Win32/InstallIQ.A application
C:\Documents and Settings\Ste's\Local Settings\Temp\DIQ\FlashPlayer_151\setup__120.exe a variant of Win32/Amonetize.H application
C:\Documents and Settings\Ste's\My Documents\Downloads\adobe_photoshop_cs5(1).exe Win32/Toggle.D.Gen application
C:\Documents and Settings\Ste's\My Documents\Downloads\adobe_photoshop_cs5(2).exe Win32/Toggle.D.Gen application
C:\Documents and Settings\Ste's\My Documents\Downloads\adobe_photoshop_cs5.exe Win32/Toggle.D.Gen application
C:\Documents and Settings\Ste's\My Documents\Downloads\cbsidlm-tr1_10a-Photobie-ORG-10387625.exe Win32/DownloadAdmin.G application
C:\Documents and Settings\Ste's\My Documents\Downloads\ccsetup328.exe Win32/Bundled.Toolbar.Google.D application
C:\Documents and Settings\Ste's\My Documents\Downloads\gimpshop_d685180(1).exe a variant of Win32/InstallIQ.A application
C:\Documents and Settings\Ste's\My Documents\Downloads\gimpshop_d685180(2).exe a variant of Win32/InstallIQ.A application
C:\Documents and Settings\Ste's\My Documents\Downloads\gimpshop_d685180.exe a variant of Win32/InstallIQ.A application
C:\Documents and Settings\Ste's\My Documents\Downloads\gimpshop_d685185(1).exe a variant of Win32/InstallIQ.A application
C:\Documents and Settings\Ste's\My Documents\Downloads\gimpshop_d685185.exe a variant of Win32/InstallIQ.A application
C:\Documents and Settings\Ste's\My Documents\Downloads\iLividSetup(1).exe Win32/Toolbar.SearchSuite application
C:\Documents and Settings\Ste's\My Documents\Downloads\iLividSetup.exe Win32/Toolbar.SearchSuite application
C:\Documents and Settings\Ste's\My Documents\Downloads\John_Green_-_The_Fault_in_Our_Stars.exe Win32/AdWare.1ClickDownload.AQ application
C:\Documents and Settings\Ste's\My Documents\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D application
C:\Documents and Settings\Ste's\My Documents\Downloads\SoftonicDownloader_for_gimpshop.exe Win32/SoftonicDownloader.E application
C:\WINDOWS\system32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D application
C:\WINDOWS\Temp\LatestDealPlySetup5556.1.1.1.exe Win32/DealPly.B application
C:\WINDOWS\Temp\LatestDealPlySetup5556.1.exe Win32/DealPly.B application
C:\WINDOWS\Temp\nsg1EA.tmp.exe Win32/DealPly.B application
C:\WINDOWS\Temp\nsk131.tmp.exe Win32/DealPly.B application
C:\WINDOWS\Temp\nsr1E8.tmp.exe Win32/DealPly.B application
C:\WINDOWS\Temp\nss72.tmp.exe Win32/DealPly.B application
C:\WINDOWS\Temp\nss8E.tmp.exe Win32/DealPly.B application
C:\WINDOWS\Temp\nsv7A.tmp.exe Win32/DealPly.B application
C:\WINDOWS\Temp\nsy9B.tmp.exe Win32/DealPly.B application
Link to post
Share on other sites
Borat2014

Borat2014

Posted
  • Author
Posted

Finally here is the FRST report.  What do I need to do next?  Thanks for your continued assistance.

 

==================== Processes (Whitelisted) ===================

 
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
() C:\Program Files\Dell\Media Experience\DMXLauncher.exe
() C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
() C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
() C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Epic Privacy Browser) C:\Documents and Settings\Ste's\Local Settings\Application Data\Epic Privacy Browser\Update\EpicUpdate.exe
(Spotify Ltd) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
(Google Inc.) C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [59392 2004-08-10] (Microsoft Corporation)
HKLM\...\Run: [DMXLauncher] - C:\Program Files\Dell\Media Experience\DMXLauncher.exe [98304 2006-05-03] ()
HKLM\...\Run: [iSUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [169984 2006-10-10] ()
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [TkBellExe] - C:\program files\real\realplayer\update\realsched.exe [273544 2011-06-06] (RealNetworks, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [switchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [77824 2005-10-14] (Intel Corporation)
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [114688 2005-10-14] (Intel Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM\...\Winlogon: [userinit] C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\userinit.e­xe,
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-06-24] (Google Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2012-09-11] (Google Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Epic Privacy Browser Update] - C:\Documents and Settings\Ste's\Local Settings\Application Data\Epic Privacy Browser\Update\EpicUpdate.exe [507560 2013-10-22] (Epic Privacy Browser)
HKCU\...\Run: [spotify Web Helper] - C:\Program Files\Spotify\Data\SpotifyWebHelper.exe [1171968 2013-12-19] (Spotify Ltd)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
MountPoints2: {1a63265a-4a82-11e3-96ef-001676af4929} - F:\Launcher.exe
MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
HKU\Administrator\...\Run: [DellSupport] - C:\Program Files\Dell Support\DSAgnt.exe [ 2006-07-16] (Gteko Ltd.)
HKU\Clare\...\Run: [DellSupport] - C:\Program Files\Dell Support\DSAgnt.exe [ 2006-07-16] (Gteko Ltd.)
HKU\Clare\...\Run: [incrediMail] - C:\Program Files\IncrediMail\bin\IncMail.exe [ 2009-07-15] (IncrediMail, Ltd.)
HKU\Clare\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2007-06-24] (Google Inc.)
HKU\Clare\...\Run: [msnmsgr] - "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
HKU\Clare\...\Run: [PC Suite Tray] - "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
HKU\Clare\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [ 2013-05-01] (Apple Inc.)
HKU\Clare\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Clare\...\Run: [EPSON SX210 Series] - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE [ 2008-11-06] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [111616 2006-10-10] ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -  No File
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {FD0EBBED-0C42-4D0F-82DA-44399B5C420A} http://downloads.virginmedia.com/CST/ver1/xp_mail.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 01 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Ste's\Application Data\Mozilla\Firefox\Profiles\0ay93mr9.default-1374706151968
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=12.0.1.647 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.647 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.652 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.652 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.647 - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @updates.epicbrowser.com/Epic Privacy Browser Update;version=3 - C:\Documents and Settings\Ste's\Local Settings\Application Data\Epic Privacy Browser\Update\1.3.27.5\npEpicUpdate3.dll (Epic Privacy Browser)
FF Plugin HKCU: @updates.epicbrowser.com/Epic Privacy Browser Update;version=9 - C:\Documents and Settings\Ste's\Local Settings\Application Data\Epic Privacy Browser\Update\1.3.27.5\npEpicUpdate3.dll (Epic Privacy Browser)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Ste's\Application Data\mozilla\plugins\npPxPlay.dll ( )
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-06-06]
FF HKLM\...\Firefox\Extensions: [fe_9.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012-01-21]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-07-14]
FF HKLM\...\Thunderbird\Extensions: [te_8.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_8.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_8.0 [2012-01-21]
 
Chrome: 
=======
CHR DefaultSearchKeyword: search.iminent.com
CHR DefaultSearchProvider: Iminent
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Wajam) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll No File
CHR Plugin: (ActiveX hosting plugin for NPAPI) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lgllffgicojgllpmdbemgglaponefajn\1.5.0.7_0\npactivex.dll ()
CHR Plugin: (Photodex Presenter Plugin) - C:\Documents and Settings\Ste's\Application Data\Mozilla\plugins\npPxPlay.dll ( )
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Epic Privacy Browser Update) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Epic Privacy Browser\Update\1.3.27.5\npEpicUpdate3.dll (Epic Privacy Browser)
CHR Plugin: (AdobeExManDetect) - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Extension: (YouTube) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-26]
CHR Extension: (Google Search) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-26]
CHR Extension: (Hola Better Internet) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2013-03-01]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-09-26]
CHR Extension: (ActiveX for Chrome) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lgllffgicojgllpmdbemgglaponefajn [2012-09-26]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Live Sports) - C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo [2012-10-06]
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.
 

fixlist.txt

Link to post
Share on other sites
Borat2014

Borat2014

Posted
  • Author
Posted
Content of fixlist:

*****************

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.microsoft...er=6&ar=msnhome

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch

SearchScopes: HKLM - DefaultScope value is missing.

BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)

BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://search.iminen...&ref=toolbox&q={searchTerms}

CHR DefaultNewTabURL: 

CHR Plugin: (Java™ Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

 

*****************

 

HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.

HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.

HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.

HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777} => Key deleted successfully.

HKCR\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.

HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} => Value deleted successfully.

HKCR\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} => Key not found.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key deleted successfully.

HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} => Key deleted successfully.

HKCR\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key deleted successfully.

HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key deleted successfully.

HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2 => Key deleted successfully.

C:\WINDOWS\system32\npDeployJava1.dll => Moved successfully.

HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2 => Key deleted successfully.

C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll => Moved successfully.

CHR DefaultSearchKeyword: search.iminent.com ==> The Chrome "Settings" can be used to fix the entry.

CHR DefaultSearchProvider: Iminent ==> The Chrome "Settings" can be used to fix the entry.

CHR DefaultSearchURL: http://search.iminen...&ref=toolbox&q={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.

C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll not found.

 

==== End of Fixlog ====

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please visit each of the following sites and lets reset all of your browsers back to defaults to prevent unexpected issues.
If you are not using one of the browsers but it is installed then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection to get in.

Internet Explorer
How to reset Internet Explorer settings

Firefox
Click on Help / Troubleshooting Information then click on the Reset Firefox button.

Chrome
Chrome - Reset browser settings

Opera
How to Perform a (really) clean Reinstall of Opera
 
 
 

Please download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!


 

Link to post
Share on other sites
Borat2014

Borat2014

Posted
  • Author
Posted
 Results of screen317's Security Check version 0.99.79  

 Windows XP Service Pack 2 x86   


 Internet Explorer 6 Out of date! 

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

avast! Antivirus   

 Antivirus out of date!  

`````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware version 1.75.0.1300  

 CCleaner     

 Java 7 Update 25  

 Java version out of Date! 

 Adobe Reader 9 Adobe Reader out of Date! 

````````Process Check: objlist.exe by Laurent````````  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamgui.exe  

 Malwarebytes' Anti-Malware mbamscheduler.exe   

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:: 24% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please uninstall ALL versions of Java.  Go to your Control Panel, Add/Remove and uninstall all versions of Java.

 

Then run the following.

 

Please download JavaRa-1.16 and save it to your computer.

  • Double click to open the zip file and then select all and choose Copy.
  • Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
  • Quit all browsers and other running applications.
  • Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.

 

 

 

Then reboot the computer.

 

Then download the following Service Pack 3 from Microsoft to your computer and save it - don't run it.

Then quit your browser and all other applications.

Create a new System Restore Point

 

Windows XP Service Pack 3 Network Installation Package for IT Professionals and Developers

 

Then disable your Avast antivirus and run the Service Pack 3 installation.

 

 

Link to post
Share on other sites
Borat2014

Borat2014

Posted
  • Author
Posted

Found and removed: C:\Program Files\Java\jre1.6.0_07Found and removed: JavaPlugin.FamilyVersionSupportFound and removed: Software\JavaSoft\Java2D\1.5.0_06Found and removed: Software\JavaSoft\Java2D\1.5.0_09Found and removed: Software\JavaSoft\Java2D\1.5.0_10Found and removed: SOFTWARE\Classes\JavaPluginFound and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\JRE\Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}Found and removed: SOFTWARE\Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284}Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284}Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkitFound and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284}Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalledFound and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0Found and removed: SOFTWARE\Microsoft\Internet Explorer\Low RightsFound and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper ObjectsFound and removed: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Accessibility\ATsFound and removed: SOFTWARE\JavaSoftFound and removed: SOFTWARE\JreMetricsFound and removed: SOFTWARE\MozillaPlugins------------------------------------Finished reporting.

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please go ahead and install Service Pack 3 and when done (please be patient as it can take a while to complete and you DO NOT want to force restart the computer - let it finish on it's own) - then run a new DDS scan and post back new logs.
 
 
Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txt
  • You can ignore the note about zipping the Attach.txt file and just post it or attach it.
Link to post
Share on other sites
Borat2014

Borat2014

Posted
  • Author
Posted

DDS

 

 
============== Running Processes ================
.
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE
C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ste's\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uWindow Title = Microsoft Internet Explorer provided by blueyonder
uDefault_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=5061010
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\windows\system32\userinit.e­xe,
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: EPSON Web-To-Page: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: EPSON Web-To-Page: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: {FE54FA40-D68C-11D2-98FA-00C0F0318AFE} - <orphaned>
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe Run
uRun: [Google Update] "c:\documents and settings\ste's\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [AdobeBridge] <no file>
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "c:\program files\common files\adobe\cs6servicemanager\CS6ServiceManager.exe" -launchedbylogin
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Open in new background tab - c:\program files\windows live 
 
toolbar\components\en-gb\msntabres.dll.mui/229?d8c04efda877436abc79ae52b49d4970
IE: Open in new foreground tab - c:\program files\windows live 
 
toolbar\components\en-gb\msntabres.dll.mui/230?d8c04efda877436abc79ae52b49d4970
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {3015DB92-158E-4b77-9020-85C8E311FBB5} - c:\progra~1\casino~1\Casino.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{4C23B98B-D131-4411-A746-EDAB13CE1FBC} : DHCPNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft 
 
office\office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-7-24 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-7-24 175176]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-4-30 20624]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-7-14 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-8-11 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-8-11 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-7-24 66336]
S0 cyjkd;cyjkd;c:\windows\system32\drivers\ahgtnp.sys --> c:\windows\system32\drivers\ahgtnp.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-11-11 84248]
.
=============== Created Last 30 ================
.
2014-01-28 05:14:34 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2014-01-28 05:14:04 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2014-01-28 05:13:03 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2014-01-28 05:12:26 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2014-01-28 05:11:53 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2014-01-28 05:10:49 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2014-01-28 05:10:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2014-01-28 05:10:12 14976 -c----w- c:\windows\system32\dllcache\usbscan.sys
2014-01-28 05:09:12 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2014-01-28 05:09:11 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2014-01-28 05:07:52 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2014-01-28 05:07:51 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2014-01-28 05:07:51 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2014-01-28 05:07:51 110592 -c----w- c:\windows\system32\dllcache\services.exe
2014-01-28 05:07:50 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2014-01-28 05:07:50 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2014-01-28 05:07:48 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2014-01-28 05:07:19 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2014-01-28 05:07:06 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2014-01-28 05:07:06 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-01-28 05:07:06 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2014-01-28 05:06:10 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2014-01-28 05:06:10 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2014-01-28 05:05:15 26240 -c----w- c:\windows\system32\dllcache\usbser.sys
2014-01-28 05:03:43 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2014-01-28 05:03:36 536576 -c----w- c:\windows\system32\dllcache\msado15.dll
2014-01-28 05:03:17 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2014-01-28 05:02:05 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2014-01-28 04:58:23 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2014-01-28 04:58:19 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2014-01-28 04:58:19 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2014-01-28 04:58:19 144128 -c----w- c:\windows\system32\dllcache\usbport.sys
2014-01-28 04:58:16 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2014-01-28 04:53:52 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2014-01-28 04:53:51 2149888 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2014-01-28 04:53:50 2193536 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2014-01-28 04:53:49 2070144 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2014-01-28 04:53:49 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2014-01-28 04:53:25 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2014-01-28 04:52:33 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2014-01-28 04:52:24 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2014-01-28 04:47:19 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2014-01-28 04:27:45 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2014-01-28 04:27:45 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll
2014-01-28 04:21:19 166912 ------w- c:\windows\system32\drivers\s3gnbm.sys
2014-01-28 04:18:33 19569 ----a-w- c:\windows\003635_.tmp
2014-01-28 03:36:22 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2014-01-24 22:33:20 -------- d-----w- C:\FRST
2014-01-22 03:33:28 -------- d-----w- c:\program files\ESET
2014-01-18 01:53:41 -------- d-----w- C:\AdwCleaner
2014-01-18 01:38:21 -------- d-----w- c:\windows\ERUNT
2014-01-17 17:26:35 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes' Anti-Malware 
 
(portable)
2014-01-17 03:34:24 51416 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-01-15 03:07:49 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2014-01-15 03:07:41 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2014-01-15 03:07:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2014-01-15 03:07:07 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2014-01-15 03:07:01 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2014-01-15 03:06:56 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2014-01-15 03:06:45 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2014-01-15 03:06:01 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2014-01-15 03:05:57 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2014-01-15 03:05:37 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2014-01-15 03:05:31 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2014-01-15 03:05:27 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2014-01-15 03:05:12 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys
2014-01-15 03:05:10 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys
2014-01-15 03:05:03 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys
2014-01-15 03:04:52 33599 -c--a-w- c:\windows\system32\dllcache\watv04nt.sys
2014-01-15 03:04:51 19551 -c--a-w- c:\windows\system32\dllcache\watv02nt.sys
2014-01-15 03:04:48 29311 -c--a-w- c:\windows\system32\dllcache\watv01nt.sys
2014-01-15 03:04:35 11775 -c--a-w- c:\windows\system32\dllcache\wadv05nt.sys
2014-01-15 03:04:33 12127 -c--a-w- c:\windows\system32\dllcache\wadv02nt.sys
2014-01-15 03:04:30 12415 -c--a-w- c:\windows\system32\dllcache\wadv01nt.sys
2014-01-15 03:04:19 16925 -c--a-w- c:\windows\system32\dllcache\w940nd.sys
2014-01-15 03:04:15 19016 -c--a-w- c:\windows\system32\dllcache\w926nd.sys
2014-01-15 03:04:11 19528 -c--a-w- c:\windows\system32\dllcache\w840nd.sys
2014-01-15 03:04:01 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys
2014-01-15 03:03:52 397502 -c--a-w- c:\windows\system32\dllcache\vpctcom.sys
2014-01-15 03:03:46 604253 -c--a-w- c:\windows\system32\dllcache\vmodem.sys
2014-01-15 03:03:40 249402 -c--a-w- c:\windows\system32\dllcache\vinwm.sys
2014-01-15 03:03:34 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys
2014-01-15 03:03:17 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2014-01-15 03:03:11 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2014-01-15 03:03:05 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2014-01-15 03:03:01 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2014-01-15 03:02:56 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys
2014-01-15 03:02:52 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2014-01-15 03:02:47 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys
2014-01-15 03:02:42 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys
2014-01-15 03:02:15 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys
2014-01-15 03:02:00 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll
2014-01-15 03:01:57 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll
2014-01-15 03:01:53 26624 -c--a-w- c:\windows\system32\dllcache\umaxu22.dll
2014-01-15 03:01:49 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll
2014-01-15 03:01:46 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll
2014-01-15 03:01:42 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys
2014-01-15 03:01:38 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2014-01-15 03:01:35 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2014-01-15 03:01:31 211968 -c--a-w- c:\windows\system32\dllcache\um54scan.dll
2014-01-15 03:01:27 216064 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2014-01-15 03:01:17 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2014-01-15 03:00:58 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2014-01-15 03:00:54 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2014-01-15 03:00:50 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2014-01-15 03:00:46 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2014-01-15 03:00:43 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2014-01-15 03:00:39 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2014-01-15 03:00:29 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2014-01-15 03:00:26 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2014-01-15 03:00:21 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2014-01-15 03:00:11 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2014-01-15 03:00:07 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2014-01-15 03:00:00 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2014-01-15 02:59:49 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2014-01-15 02:59:39 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2014-01-15 02:59:35 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2014-01-15 02:59:20 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2014-01-15 02:59:15 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2014-01-15 02:59:00 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2014-01-15 02:58:47 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2014-01-15 02:58:42 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2014-01-15 02:58:39 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2014-01-15 02:58:18 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll
2014-01-15 02:58:15 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2014-01-15 02:58:11 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2014-01-15 02:58:08 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2014-01-15 02:58:04 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2014-01-15 02:57:59 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll
2014-01-15 02:57:55 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll
2014-01-15 02:57:46 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2014-01-15 02:57:43 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2014-01-15 02:57:40 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2014-01-15 02:57:35 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2014-01-15 02:57:13 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2014-01-15 02:57:07 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2014-01-15 02:57:00 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2014-01-15 02:56:46 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2014-01-15 02:56:43 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2014-01-15 02:56:35 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2014-01-15 02:56:31 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2014-01-15 02:56:28 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2014-01-15 02:56:25 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2014-01-15 02:56:20 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2014-01-15 02:56:09 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2014-01-15 02:55:50 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2014-01-15 02:55:46 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll
2014-01-15 02:55:40 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys
2014-01-15 02:55:34 35913 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2014-01-15 02:55:31 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2014-01-15 02:55:24 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys
2014-01-15 02:55:16 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll
2014-01-15 02:55:13 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll
2014-01-15 02:55:09 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2014-01-15 02:55:05 28160 -c--a-w- c:\windows\system32\dllcache\sm91w.dll
2014-01-15 02:54:51 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys
2014-01-15 02:54:46 91294 -c--a-w- c:\windows\system32\dllcache\skfpwin.sys
2014-01-15 02:54:41 94698 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys
2014-01-15 02:54:38 157696 -c--a-w- c:\windows\system32\dllcache\sisv256.dll
2014-01-15 02:54:33 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys
2014-01-15 02:54:30 32768 -c--a-w- c:\windows\system32\dllcache\sisnic.sys
2014-01-15 02:54:27 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll
2014-01-15 02:54:22 104064 -c--a-w- c:\windows\system32\dllcache\sisgrp.sys
2014-01-15 02:54:19 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll
2014-01-15 02:54:15 68608 -c--a-w- c:\windows\system32\dllcache\sis6306p.sys
2014-01-15 02:54:12 252032 -c--a-w- c:\windows\system32\dllcache\sis300iv.dll
2014-01-15 02:54:08 101760 -c--a-w- c:\windows\system32\dllcache\sis300ip.sys
2014-01-15 02:53:46 161568 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2014-01-15 02:53:42 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2014-01-15 02:53:39 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2014-01-15 02:53:36 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2014-01-15 02:53:31 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
2014-01-15 02:53:13 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2014-01-15 02:53:08 17664 -c--a-w- c:\windows\system32\dllcache\sermouse.sys
2014-01-15 02:52:59 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2014-01-15 02:52:50 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys
2014-01-15 02:52:40 17280 -c--a-w- c:\windows\system32\dllcache\scr111.sys
2014-01-15 02:52:35 16640 -c--a-w- c:\windows\system32\dllcache\scmstcs.sys
2014-01-15 02:52:29 23936 -c--a-w- c:\windows\system32\dllcache\sccmusbm.sys
2014-01-15 02:52:24 23936 -c--a-w- c:\windows\system32\dllcache\sccmn50m.sys
2014-01-15 02:52:14 495616 -c--a-w- c:\windows\system32\dllcache\sblfx.dll
2014-01-15 02:52:06 75392 -c--a-w- c:\windows\system32\dllcache\s3savmxm.sys
2014-01-15 02:52:03 245632 -c--a-w- c:\windows\system32\dllcache\s3savmx.dll
2014-01-15 02:52:00 77824 -c--a-w- c:\windows\system32\dllcache\s3sav4m.sys
2014-01-15 02:50:59 19017 -c--a-w- c:\windows\system32\dllcache\rtl8029.sys
2014-01-15 02:50:54 30720 -c--a-w- c:\windows\system32\dllcache\rthwcls.sys
2014-01-15 02:50:41 9216 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2014-01-15 02:50:35 3840 -c--a-w- c:\windows\system32\dllcache\rpfun.sys
2014-01-15 02:50:20 37563 -c--a-w- c:\windows\system32\dllcache\rlnet5.sys
2014-01-15 02:50:11 86097 -c--a-w- c:\windows\system32\dllcache\reslog32.dll
2014-01-15 02:49:20 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2014-01-15 02:49:08 714762 -c--a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2014-01-15 02:49:04 899146 -c--a-w- c:\windows\system32\dllcache\r2mdkxga.sys
2014-01-15 02:49:00 41472 -c--a-w- c:\windows\system32\dllcache\qvusd.dll
2014-01-15 02:48:55 3328 -c--a-w- c:\windows\system32\dllcache\qv2kux.sys
2014-01-15 02:48:30 130942 -c--a-w- c:\windows\system32\dllcache\ptserlv.sys
2014-01-15 02:48:26 112574 -c--a-w- c:\windows\system32\dllcache\ptserlp.sys
2014-01-15 02:48:23 128286 -c--a-w- c:\windows\system32\dllcache\ptserli.sys
2014-01-15 02:48:19 5632 -c--a-w- c:\windows\system32\dllcache\ptpusb.dll
2014-01-15 02:48:15 35328 -c--a-w- c:\windows\system32\dllcache\psisload.dll
2014-01-15 02:48:11 16128 -c--a-w- c:\windows\system32\dllcache\pscr.sys
2014-01-15 02:47:50 17792 -c--a-w- c:\windows\system32\dllcache\ppa.sys
2014-01-15 02:47:40 7168 -c--a-w- c:\windows\system32\dllcache\pnrmc.sys
2014-01-15 02:47:26 121344 -c--a-w- c:\windows\system32\dllcache\phvfwext.dll
2014-01-15 02:47:20 19840 -c--a-w- c:\windows\system32\dllcache\philtune.sys
2014-01-15 02:47:16 92416 -c--a-w- c:\windows\system32\dllcache\phildec.sys
2014-01-15 02:47:13 173696 -c--a-w- c:\windows\system32\dllcache\philcam2.sys
2014-01-15 02:47:09 75776 -c--a-w- c:\windows\system32\dllcache\philcam1.sys
2014-01-15 02:47:06 16384 -c--a-w- c:\windows\system32\dllcache\philcam1.dll
2014-01-15 02:46:48 169984 -c--a-w- c:\windows\system32\dllcache\pcx500.sys
2014-01-15 02:46:43 86016 -c--a-w- c:\windows\system32\dllcache\pctspk.exe
2014-01-15 02:46:39 35328 -c--a-w- c:\windows\system32\dllcache\pcntpci5.sys
2014-01-15 02:46:34 29769 -c--a-w- c:\windows\system32\dllcache\pcntn5m.sys
2014-01-15 02:46:31 30282 -c--a-w- c:\windows\system32\dllcache\pcntn5hl.sys
2014-01-15 02:46:27 26153 -c--a-w- c:\windows\system32\dllcache\pcmlm56.sys
2014-01-15 02:46:19 29502 -c--a-w- c:\windows\system32\dllcache\pca200e.sys
2014-01-15 02:46:15 30495 -c--a-w- c:\windows\system32\dllcache\pc100nds.sys
2014-01-15 02:44:40 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys
2014-01-15 02:44:37 123776 -c--a-w- c:\windows\system32\dllcache\nv3.dll
2014-01-15 02:44:19 51552 -c--a-w- c:\windows\system32\dllcache\ntgrip.sys
2014-01-15 02:44:11 9344 -c--a-w- c:\windows\system32\dllcache\ntapm.sys
2014-01-15 02:44:08 7552 -c--a-w- c:\windows\system32\dllcache\nsmmc.sys
2014-01-15 02:43:51 87040 -c--a-w- c:\windows\system32\dllcache\nm6wdm.sys
2014-01-15 02:43:47 126080 -c--a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2014-01-15 02:43:39 32840 -c--a-w- c:\windows\system32\dllcache\ngrpci.sys
2014-01-15 02:43:37 132695 -c--a-w- c:\windows\system32\dllcache\netwlan5.sys
2014-01-15 02:43:24 65278 -c--a-w- c:\windows\system32\dllcache\netflx3.sys
2014-01-15 02:43:13 39264 -c--a-w- c:\windows\system32\dllcache\neo20xx.sys
2014-01-15 02:43:10 60480 -c--a-w- c:\windows\system32\dllcache\neo20xx.dll
2014-01-15 02:43:07 15872 -c--a-w- c:\windows\system32\dllcache\ne2000.sys
2014-01-15 02:41:32 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys
2014-01-15 02:41:17 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2014-01-15 02:40:53 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2014-01-15 02:40:46 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2014-01-15 02:40:01 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys
2014-01-15 02:39:47 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
2014-01-15 02:39:33 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
2014-01-15 02:39:30 235648 -c--a-w- c:\windows\system32\dllcache\mgaud.dll
2014-01-15 02:39:20 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2014-01-15 02:39:17 8320 -c--a-w- c:\windows\system32\dllcache\memcard.sys
2014-01-15 02:39:12 164586 -c--a-w- c:\windows\system32\dllcache\mdgndis5.sys
2014-01-15 02:39:03 7424 -c--a-w- c:\windows\system32\dllcache\mammoth.sys
2014-01-15 02:38:57 48768 -c--a-w- c:\windows\system32\dllcache\maestro.sys
2014-01-15 02:38:54 58880 -c--a-w- c:\windows\system32\dllcache\m3092dc.dll
2014-01-15 02:38:51 58368 -c--a-w- c:\windows\system32\dllcache\m3091dc.dll
2014-01-15 02:38:47 22848 -c--a-w- c:\windows\system32\dllcache\lwusbhid.sys
2014-01-15 02:38:45 20864 -c--a-w- c:\windows\system32\dllcache\lwadihid.sys
2014-01-15 02:38:41 797500 -c--a-w- c:\windows\system32\dllcache\ltsmt.sys
2014-01-15 02:38:37 802683 -c--a-w- c:\windows\system32\dllcache\ltsm.sys
2014-01-15 02:38:32 420992 -c--a-w- c:\windows\system32\dllcache\ltmdmntt.sys
2014-01-15 02:38:28 576746 -c--a-w- c:\windows\system32\dllcache\ltmdmntl.sys
2014-01-15 02:38:26 606684 -c--a-w- c:\windows\system32\dllcache\ltmdmnt.sys
2014-01-15 02:38:22 727786 -c--a-w- c:\windows\system32\dllcache\ltck000c.sys
2014-01-15 02:38:13 4992 -c--a-w- c:\windows\system32\dllcache\loop.sys
2014-01-15 02:37:55 70730 -c--a-w- c:\windows\system32\dllcache\lne100tx.sys
2014-01-15 02:37:51 20573 -c--a-w- c:\windows\system32\dllcache\lne100.sys
2014-01-15 02:37:47 25065 -c--a-w- c:\windows\system32\dllcache\lmndis3.sys
2014-01-15 02:37:44 15744 -c--a-w- c:\windows\system32\dllcache\lit220p.sys
2014-01-15 02:37:34 26442 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2014-01-15 02:37:30 19016 -c--a-w- c:\windows\system32\dllcache\ktc111.sys
2014-01-15 02:37:25 37376 -c--a-w- c:\windows\system32\dllcache\kousd.dll
2014-01-15 02:37:04 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2014-01-15 02:37:01 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2014-01-15 02:36:42 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2014-01-15 02:36:39 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2014-01-15 02:36:36 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2014-01-15 02:36:25 26624 -c--a-w- c:\windows\system32\dllcache\irstusb.sys
2014-01-15 02:36:21 18688 -c--a-w- c:\windows\system32\dllcache\irsir.sys
2014-01-15 02:36:18 23552 -c--a-w- c:\windows\system32\dllcache\irmk7.sys
2014-01-15 02:35:52 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2014-01-15 02:35:49 90200 -c--a-w- c:\windows\system32\dllcache\io8ports.dll
2014-01-15 02:35:45 38784 -c--a-w- c:\windows\system32\dllcache\io8.sys
2014-01-15 02:35:37 13056 -c--a-w- c:\windows\system32\dllcache\inport.sys
2014-01-15 02:34:31 372824 -c--a-w- c:\windows\system32\dllcache\iconf32.dll
2014-01-15 02:34:28 100992 -c--a-w- c:\windows\system32\dllcache\icam5usb.sys
2014-01-15 02:34:25 20480 -c--a-w- c:\windows\system32\dllcache\icam5ext.dll
2014-01-15 02:34:23 45056 -c--a-w- c:\windows\system32\dllcache\icam5com.dll
2014-01-15 02:34:20 154496 -c--a-w- c:\windows\system32\dllcache\icam4usb.sys
2014-01-15 02:34:17 61952 -c--a-w- c:\windows\system32\dllcache\icam4ext.dll
2014-01-15 02:34:15 91136 -c--a-w- c:\windows\system32\dllcache\icam4com.dll
2014-01-15 02:34:12 26624 -c--a-w- c:\windows\system32\dllcache\icam3ext.dll
2014-01-15 02:34:09 141056 -c--a-w- c:\windows\system32\dllcache\icam3.sys
2014-01-15 02:34:05 38528 -c--a-w- c:\windows\system32\dllcache\ibmvcap.sys
2014-01-15 02:34:01 109085 -c--a-w- c:\windows\system32\dllcache\ibmtrp.sys
2014-01-15 02:33:58 100936 -c--a-w- c:\windows\system32\dllcache\ibmtok.sys
2014-01-15 02:33:55 9216 -c--a-w- c:\windows\system32\dllcache\ibmsgnet.dll
2014-01-15 02:33:52 28700 -c--a-w- c:\windows\system32\dllcache\ibmexmp.sys
2014-01-15 02:33:49 161020 -c--a-w- c:\windows\system32\dllcache\i81xnt5.sys
2014-01-15 02:33:43 58592 -c--a-w- c:\windows\system32\dllcache\i740nt5.sys
2014-01-15 02:33:40 353184 -c--a-w- c:\windows\system32\dllcache\i740dnt5.dll
2014-01-15 02:33:09 488383 -c--a-w- c:\windows\system32\dllcache\hsf_v124.sys
2014-01-15 02:33:05 50751 -c--a-w- c:\windows\system32\dllcache\hsf_tone.sys
2014-01-15 02:33:01 73279 -c--a-w- c:\windows\system32\dllcache\hsf_spkp.sys
2014-01-15 02:31:58 126976 -c--a-w- c:\windows\system32\dllcache\hpgt34tk.dll
2014-01-15 02:31:56 101376 -c--a-w- c:\windows\system32\dllcache\hpgt34.dll
2014-01-15 02:31:53 48128 -c--a-w- c:\windows\system32\dllcache\hpgt33tk.dll
2014-01-15 02:31:51 89088 -c--a-w- c:\windows\system32\dllcache\hpgt33.dll
2014-01-15 02:31:49 123392 -c--a-w- c:\windows\system32\dllcache\hpgt21tk.dll
2014-01-15 02:31:47 83968 -c--a-w- c:\windows\system32\dllcache\hpgt21.dll
2014-01-15 02:31:44 119296 -c--a-w- c:\windows\system32\dllcache\hpdigwia.dll
2014-01-15 02:31:38 2688 -c--a-w- c:\windows\system32\dllcache\hidswvd.sys
2014-01-15 02:31:32 8576 -c--a-w- c:\windows\system32\dllcache\hidgame.sys
2014-01-15 02:31:15 907456 -c--a-w- c:\windows\system32\dllcache\hcf_msft.sys
2014-01-15 02:31:05 82304 -c--a-w- c:\windows\system32\dllcache\grclass.sys
2014-01-15 02:30:59 17408 -c--a-w- c:\windows\system32\dllcache\gpr400.sys
2014-01-15 02:30:45 322432 -c--a-w- c:\windows\system32\dllcache\g400m.sys
2014-01-15 02:30:43 1733120 -c--a-w- c:\windows\system32\dllcache\g400d.dll
2014-01-15 02:30:40 320384 -c--a-w- c:\windows\system32\dllcache\g200m.sys
2014-01-15 02:30:38 470144 -c--a-w- c:\windows\system32\dllcache\g200d.dll
2014-01-15 02:30:35 454912 -c--a-w- c:\windows\system32\dllcache\fxusbase.sys
2014-01-15 02:30:23 92160 -c--a-w- c:\windows\system32\dllcache\fuusd.dll
2014-01-15 02:30:19 455296 -c--a-w- c:\windows\system32\dllcache\fusbbase.sys
2014-01-15 02:30:15 455680 -c--a-w- c:\windows\system32\dllcache\fus2base.sys
2014-01-15 02:30:00 442240 -c--a-w- c:\windows\system32\dllcache\fpnpbase.sys
2014-01-15 02:29:56 441728 -c--a-w- c:\windows\system32\dllcache\fpcmbase.sys
2014-01-15 02:29:52 444416 -c--a-w- c:\windows\system32\dllcache\fpcibase.sys
2014-01-15 02:29:48 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2014-01-15 02:29:42 71680 -c--a-w- c:\windows\system32\dllcache\fnfilter.dll
2014-01-15 02:29:25 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
2014-01-15 02:29:16 22090 -c--a-w- c:\windows\system32\dllcache\fem556n5.sys
2014-01-15 02:29:08 24618 -c--a-w- c:\windows\system32\dllcache\fa410nd5.sys
2014-01-15 02:29:06 16074 -c--a-w- c:\windows\system32\dllcache\fa312nd5.sys
2014-01-15 02:29:02 11850 -c--a-w- c:\windows\system32\dllcache\f3ab18xj.sys
2014-01-15 02:27:59 40704 -c--a-w- c:\windows\system32\dllcache\es1371mp.sys
2014-01-15 02:26:59 77386 -c--a-w- c:\windows\system32\dllcache\el656nd5.sys
2014-01-15 02:26:58 634134 -c--a-w- c:\windows\system32\dllcache\el656ct5.sys
2014-01-15 02:26:55 69194 -c--a-w- c:\windows\system32\dllcache\el656cd5.sys
2014-01-15 02:26:52 26141 -c--a-w- c:\windows\system32\dllcache\el589nd5.sys
2014-01-15 02:26:49 69692 -c--a-w- c:\windows\system32\dllcache\el575nd5.sys
2014-01-15 02:26:47 24653 -c--a-w- c:\windows\system32\dllcache\el574nd4.sys
2014-01-15 02:26:46 55999 -c--a-w- c:\windows\system32\dllcache\el556nd5.sys
2014-01-15 02:26:43 44103 -c--a-w- c:\windows\system32\dllcache\el515.sys
2014-01-15 02:26:40 19594 -c--a-w- c:\windows\system32\dllcache\e100isa4.sys
2014-01-15 02:26:35 50719 -c--a-w- c:\windows\system32\dllcache\e1000nt5.sys
2014-01-15 02:26:15 334208 -c--a-w- c:\windows\system32\dllcache\ds1wdm.sys
2014-01-15 02:24:58 614429 -c--a-w- c:\windows\system32\dllcache\digiview.exe
2014-01-15 02:23:58 63208 -c--a-w- c:\windows\system32\dllcache\dc21x4.sys
2014-01-15 02:22:57 175104 -c--a-w- c:\windows\system32\dllcache\csamsp.dll
2014-01-15 02:22:55 42112 -c--a-w- c:\windows\system32\dllcache\crtaud.sys
2014-01-15 02:22:53 216064 -c--a-w- c:\windows\system32\dllcache\cpscan.dll
2014-01-15 02:22:49 60970 -c--a-w- c:\windows\system32\dllcache\cpqtrnd5.sys
2014-01-15 02:22:46 21533 -c--a-w- c:\windows\system32\dllcache\cpqndis5.sys
2014-01-15 02:22:17 39936 -c--a-w- c:\windows\system32\dllcache\cnxt1803.sys
2014-01-15 02:22:16 44032 -c--a-w- c:\windows\system32\dllcache\cnusd.dll
2014-01-15 02:22:04 20736 -c--a-w- c:\windows\system32\dllcache\cmbp0wdm.sys
2014-01-15 02:21:52 248064 -c--a-w- c:\windows\system32\dllcache\cl546xm.sys
2014-01-15 02:21:51 170880 -c--a-w- c:\windows\system32\dllcache\cl546x.dll
2014-01-15 02:21:51 111232 -c--a-w- c:\windows\system32\dllcache\cl5465.dll
2014-01-15 02:21:46 45696 -c--a-w- c:\windows\system32\dllcache\cirrus.sys
2014-01-15 02:21:45 91264 -c--a-w- c:\windows\system32\dllcache\cirrus.dll
2014-01-15 02:21:36 272640 -c--a-w- c:\windows\system32\dllcache\cinemclc.sys
2014-01-15 02:21:33 980034 -c--a-w- c:\windows\system32\dllcache\cicap.sys
2014-01-15 02:21:10 49182 -c--a-w- c:\windows\system32\dllcache\cem56n5.sys
2014-01-15 02:21:08 22044 -c--a-w- c:\windows\system32\dllcache\cem33n5.sys
2014-01-15 02:21:05 22044 -c--a-w- c:\windows\system32\dllcache\cem28n5.sys
2014-01-15 02:21:03 27164 -c--a-w- c:\windows\system32\dllcache\ce3n5.sys
2014-01-15 02:21:01 21530 -c--a-w- c:\windows\system32\dllcache\ce2n5.sys
2014-01-15 02:20:50 714698 -c--a-w- c:\windows\system32\dllcache\cbmdmkxx.sys
2014-01-15 02:20:46 46108 -c--a-w- c:\windows\system32\dllcache\cben5.sys
2014-01-15 02:20:44 39680 -c--a-w- c:\windows\system32\dllcache\cb325.sys
2014-01-15 02:20:41 37916 -c--a-w- c:\windows\system32\dllcache\cb102.sys
2014-01-15 02:20:38 32256 -c--a-w- c:\windows\system32\dllcache\diapi2NT.dll
2014-01-15 02:20:35 164923 -c--a-w- c:\windows\system32\dllcache\diapi2.sys
2014-01-15 02:20:32 236032 -c--a-w- c:\windows\system32\dllcache\camext20.dll
2014-01-15 02:20:30 74240 -c--a-w- c:\windows\system32\dllcache\camexo20.dll
2014-01-15 02:20:28 171264 -c--a-w- c:\windows\system32\dllcache\camdrv30.sys
2014-01-15 02:20:25 223232 -c--a-w- c:\windows\system32\dllcache\camdrv21.sys
2014-01-15 02:20:23 314752 -c--a-w- c:\windows\system32\dllcache\camdro21.sys
2014-01-15 02:18:53 36128 -c--a-w- c:\windows\system32\dllcache\banshee.sys
2014-01-15 02:17:59 104832 -c--a-w- c:\windows\system32\dllcache\atiraged.dll
2014-01-15 02:17:57 10240 -c--a-w- c:\windows\system32\dllcache\atipcxxx.sys
2014-01-15 02:17:40 281600 -c--a-w- c:\windows\system32\dllcache\atimtai.sys
2014-01-15 02:17:38 75136 -c--a-w- c:\windows\system32\dllcache\atimpae.sys
2014-01-15 02:17:37 289664 -c--a-w- c:\windows\system32\dllcache\atimpab.sys
2014-01-15 02:17:36 37376 -c--a-w- c:\windows\system32\dllcache\atievxx.exe
2014-01-15 02:17:35 268160 -c--a-w- c:\windows\system32\dllcache\atidvai.dll
2014-01-15 02:17:35 137216 -c--a-w- c:\windows\system32\dllcache\atidrae.dll
2014-01-15 02:17:34 382592 -c--a-w- c:\windows\system32\dllcache\atidrab.dll
2014-01-15 02:17:32 46464 -c--a-w- c:\windows\system32\dllcache\atibt829.sys
2014-01-15 02:17:12 96128 -c--a-w- c:\windows\system32\dllcache\ati.dll
2014-01-15 02:17:12 77568 -c--a-w- c:\windows\system32\dllcache\ati.sys
2014-01-15 02:16:58 97354 -c--a-w- c:\windows\system32\dllcache\aspndis3.sys
2014-01-15 02:16:44 6272 -c--a-w- c:\windows\system32\dllcache\apmbatt.sys
2014-01-15 02:16:42 36224 -c--a-w- c:\windows\system32\dllcache\an983.sys
2014-01-15 02:16:33 16969 -c--a-w- c:\windows\system32\dllcache\amb8002.sys
2014-01-15 02:16:28 26624 -c--a-w- c:\windows\system32\dllcache\alifir.sys
2014-01-15 02:16:26 27678 -c--a-w- c:\windows\system32\dllcache\ali5261.sys
2014-01-15 02:13:08 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2014-01-11 16:34:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-11 16:34:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-06 18:57:24 -------- d-sh--w- C:\found.008
.
==================== Find3M  ====================
.
2014-01-18 02:27:22 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-13 01:42:59 0 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-07-24 22:53:18 6583664 ----a-w- c:\program files\Alwil Softwar
.
============= FINISH:  2:06:22.70 ===============
Link to post
Share on other sites
Borat2014

Borat2014

Posted
  • Author
Posted

ATTACH

 

==== Disk Partitions =========================

.
C: is FIXED (NTFS) - 107 GiB total, 7.618 GiB free.
D: is FIXED (NTFS) - 37 GiB total, 0.162 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP174: 15/01/2014 02:15:21 - System Checkpoint
RP175: 15/01/2014 16:25:41 - System Checkpoint
RP176: 17/01/2014 04:25:46 - System Checkpoint
RP177: 17/01/2014 14:46:47 - Malwarebytes Anti-Rootkit Restore Point
RP178: 21/01/2014 01:34:32 - System Checkpoint
RP179: 22/01/2014 16:30:16 - System Checkpoint
RP180: 24/01/2014 02:43:56 - System Checkpoint
RP181: 26/01/2014 01:48:50 - System Checkpoint
RP182: 27/01/2014 17:00:13 - System Checkpoint
RP183: 28/01/2014 03:36:02 - Removed Java 7 Update 25
RP184: 28/01/2014 04:04:17 - Malware restore
RP185: 28/01/2014 04:18:51 - Installed Windows XP Service Pack 3.
RP186: 28/01/2014 04:36:39 - Installed Windows XP KB938464.
RP187: 28/01/2014 15:11:42 - Software Distribution Service 3.0
RP188: 29/01/2014 02:04:25 - Software Distribution Service 3.0
RP189: 29/01/2014 03:11:12 - Software Distribution Service 3.0
RP190: 29/01/2014 04:07:15 - Software Distribution Service 3.0
RP191: 29/01/2014 16:28:50 - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
7-Zip 9.20
Adobe AIR
Adobe Download Assistant
Adobe Photoshop CS6
Adobe Reader 9.5.2
Adobe Shockwave Player 12.0
Adobe Support Advisor
Amazon MP3 Downloader 1.0.17
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ARTEuro
avast! Free Antivirus
Bonjour
CCleaner
Corel Paint Shop Pro X
Corel Photo Album 6
Dell CinePlayer
Dell Driver Reset Tool
Dell Network Assistant
Dell Support 3.2
Dell System Restore
Email Updater
Epson Easy Photo Print 2
Epson Event Manager
EPSON Printer Software
Epson Printer Software Downloader
EPSON Scan
Epson Stylus SX210_SX410_TX210_TX410 Manual
EPSON SX210 Series Printer Uninstall
EPSON Web-To-Page
ERUNT 1.1j
ESET Online Scanner v3
FFdshow [2006-08-21 | rev 2546]
Football Manager 2007
GemMaster Mystic
GIMPshop 2.2.8
Google Chrome
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
IncrediMail
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections
Interlex 2.5
iPod Update 2004-04-28
iTunes
Learn2 Player (Uninstall Only)
LiveUpdate 2.6 (Symantec Corporation)
Malwarebytes Anti-Malware version 1.75.0.1300
MCU
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007 Trial
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 12
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft_VC100_CRT_SP1_x86
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MSVC80_x86
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB954459)
Nokia Connectivity Cable Driver
Nokia Multimedia Factory
Nokia PC Suite
Nokia Software Updater
Nokia Suite
OpenOffice.org 3.0
Otto
PC Connectivity Solution
PDF Settings CS6
Photodex Presenter
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
School Tycoon
SearchAssist
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Media Player (KB2834905-v2)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2884256)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2898785)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Segoe UI
Shockwave
Sonic Activation Module
Sonic Encoders
Sonic Update Manager
SopCast 2.0.4
Spotify
swMSM
Tesco Download Manager
Tesco Download Manager - Install/Uninstall (v1.0.9.0)
TVAnts 1.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Update for Windows XP (KB2345886)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2904266)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
URL Assistant
WebFldrs XP
Windows Driver Package - Nokia Modem  (02/15/2007 3.1)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9)
Windows Driver Package - Nokia Modem  (03/05/2008 3.7)
Windows Driver Package - Nokia Modem  (03/13/2008 6.86.0.1)
Windows Driver Package - Nokia Modem  (05/24/2007 6.84.0.1)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Media Center Edition 2005 KB908246
Windows XP Service Pack 3
WinZip 15.0
x264 Revision 564 x264.nl (remove only)
Xirrus Wi-Fi Inspector
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
29/01/2014 15:20:01, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) 
 
service to connect.
29/01/2014 15:20:01, error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the 
 
following error:  The service did not respond to the start or control request in a timely fashion.
29/01/2014 15:19:59, error: DCOM [10005]  - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order 
 
to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
28/01/2014 16:12:05, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 
 
0x8007f0f4: Security Update for Windows XP (KB2686509).
28/01/2014 04:42:09, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  sptd
28/01/2014 04:41:08, error: sptd [4]  - Driver detected an internal error in its data structures for .
28/01/2014 03:51:54, error: Service Control Manager [7031]  - The Media Center Receiver Service service terminated unexpectedly.  It has done 
 
this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
28/01/2014 03:51:52, error: Service Control Manager [7034]  - The MBAMService service terminated unexpectedly.  It has done this 1 time(s).
27/01/2014 01:35:00, error: Schedule [7901]  - The At1.job command failed to start due to the following error:  %%2147942403
24/01/2014 02:53:54, error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the 
 
volume C:.
24/01/2014 00:58:28, error: Service Control Manager [7024]  - The Background Intelligent Transfer Service service terminated with 
 
service-specific error 2147500037 (0x80004005).
.
==== End Of File ===========================
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

The DDS log is not complete.  Please run the following scanner and post back it's log.

 

Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files


Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.
 

Link to post
Share on other sites
Borat2014

Borat2014

Posted
  • Author
Posted
 

========================= Flush DNS: ===================================

 

 

Windows IP Configuration

 

 

 

Successfully flushed the DNS Resolver Cache.

 

 

========================= IE Proxy Settings: ============================== 

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

========================= FF Proxy Settings: ============================== 

 

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

 

========================= Hosts content: =================================

 

 

127.0.0.1       localhost

127.0.0.1 symantec.

127.0.0.1 nod32.com

127.0.0.1 nod32.ru

 

========================= IP Configuration: ================================

 

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)

 

 

# ---------------------------------- 

# Interface IP Configuration         

# ---------------------------------- 

pushd interface ip

 

 

# Interface IP Configuration for "Local Area Connection"

 

set address name="Local Area Connection" source=dhcp 

set dns name="Local Area Connection" source=dhcp register=PRIMARY

set wins name="Local Area Connection" source=dhcp

 

 

popd

# End of interface IP configuration

 

 

 

 

Windows IP Configuration

 

 

 

        Host Name . . . . . . . . . . . . : STE

 

        Primary Dns Suffix  . . . . . . . : 

 

        Node Type . . . . . . . . . . . . : Mixed

 

        IP Routing Enabled. . . . . . . . : No

 

        WINS Proxy Enabled. . . . . . . . : No

 

 

 

Ethernet adapter Local Area Connection:

 

 

 

        Connection-specific DNS Suffix  . : 

 

        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

 

        Physical Address. . . . . . . . . : 00-16-76-AF-49-29

 

        Dhcp Enabled. . . . . . . . . . . : Yes

 

        Autoconfiguration Enabled . . . . : Yes

 

        IP Address. . . . . . . . . . . . : 192.168.0.108

 

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

 

        Default Gateway . . . . . . . . . : 192.168.0.1

 

        DHCP Server . . . . . . . . . . . : 192.168.0.1

 

        DNS Servers . . . . . . . . . . . : 192.168.0.1

 

        Lease Obtained. . . . . . . . . . : 30 January 2014 15:47:24

 

        Lease Expires . . . . . . . . . . : 06 February 2014 15:47:24

 

Server:  UnKnown

Address:  192.168.0.1

 

DNS request timed out.

    timeout was 2 seconds.

Name:    google.com

Addresses:  173.194.41.78, 173.194.41.70, 173.194.41.72, 173.194.41.67

 173.194.41.71, 173.194.41.68, 173.194.41.65, 173.194.41.66, 173.194.41.64

 173.194.41.73, 173.194.41.69

 

 

 

Pinging google.com [173.194.41.72] with 32 bytes of data:

 

 

 

Reply from 173.194.41.72: bytes=32 time=19ms TTL=56

 

Reply from 173.194.41.72: bytes=32 time=19ms TTL=56

 

 

 

Ping statistics for 173.194.41.72:

 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

 

Approximate round trip times in milli-seconds:

 

    Minimum = 19ms, Maximum = 19ms, Average = 19ms

 

Server:  UnKnown

Address:  192.168.0.1

 

Name:    yahoo.com

Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24

 

 

 

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

 

 

 

Reply from 98.138.253.109: bytes=32 time=176ms TTL=48

 

Reply from 98.138.253.109: bytes=32 time=230ms TTL=48

 

 

 

Ping statistics for 98.138.253.109:

 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

 

Approximate round trip times in milli-seconds:

 

    Minimum = 176ms, Maximum = 230ms, Average = 203ms

 

 

 

Pinging 127.0.0.1 with 32 bytes of data:

 

 

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

 

 

Ping statistics for 127.0.0.1:

 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

 

Approximate round trip times in milli-seconds:

 

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

 

===========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x10003 ...00 16 76 af 49 29 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport

===========================================================================

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.0.1   192.168.0.108  20

        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1

      169.254.0.0      255.255.0.0    192.168.0.108   192.168.0.108  20

      192.168.0.0    255.255.255.0    192.168.0.108   192.168.0.108  20

    192.168.0.108  255.255.255.255        127.0.0.1       127.0.0.1  20

    192.168.0.255  255.255.255.255    192.168.0.108   192.168.0.108  20

        224.0.0.0        240.0.0.0    192.168.0.108   192.168.0.108  20

  255.255.255.255  255.255.255.255    192.168.0.108   192.168.0.108  1

Default Gateway:       192.168.0.1

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

 

Catalog5 01 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Catalog5 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog5 03 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)

Catalog5 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (01/30/2014 04:24:02 PM) (Source: Application Error) (User: )

Description: Faulting application iexplore.exe, version 6.0.2900.5512, faulting module ieframe.dll, version 8.0.6001.19394, fault address 0x0000fe0d.

Processing media-specific event for [iexplore.exe!ws!]

 

Error: (01/30/2014 04:09:48 PM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Bing Bar -- Bing Bar requires Internet Explorer 7 or later.

 

Error: (01/29/2014 04:34:57 PM) (Source: MsiInstaller) (User: STE)

Description: Product: Bing Bar -- Bing Bar requires Internet Explorer 7 or later.

 

Error: (01/29/2014 02:48:33 PM) (Source: MsiInstaller) (User: NT AUTHORITY)

Description: Product: Bing Bar -- Bing Bar requires Internet Explorer 7 or later.

 

Error: (01/29/2014 01:55:24 AM) (Source: Application Error) (User: )

Description: Faulting application mbamservice.exe, version 1.70.0.0, faulting module mbamservice.exe, version 1.70.0.0, fault address 0x000608f4.

Error in creating result PEAP-TLV in response to received PEAP-TLV (mbamservice.exe!ld!)

 

Error: (01/28/2014 05:03:55 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

 

Error: (01/28/2014 03:22:32 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: PresentationUI, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131506

 

Error: (01/28/2014 11:50:33 AM) (Source: MsiInstaller) (User: STE)

Description: Product: Bing Bar -- Bing Bar requires Internet Explorer 7 or later.

 

 

System errors:

=============

Error: (01/30/2014 03:47:41 PM) (Source: 0) (User: )

Description: 

 

Error: (01/30/2014 03:47:39 PM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load: 

sptd

 

Error: (01/30/2014 00:55:18 AM) (Source: 0) (User: )

Description: 

 

Error: (01/30/2014 00:55:12 AM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load: 

sptd

 

Error: (01/29/2014 04:31:14 PM) (Source: 0) (User: )

Description: 

 

Error: (01/29/2014 04:31:08 PM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load: 

sptd

 

Error: (01/29/2014 04:29:15 PM) (Source: Windows Update Agent) (User: )

Description: Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Security Update for Windows XP (KB2686509).

 

Error: (01/29/2014 03:20:01 PM) (Source: Service Control Manager) (User: )

Description: The Google Update Service (gupdate) service failed to start due to the following error: 

%%1053

 

Error: (01/29/2014 03:20:01 PM) (Source: Service Control Manager) (User: )

Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

 

Error: (01/29/2014 03:19:59 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: DCOM got error "%%1053" attempting to start the service gupdate with arguments "/comsvc"

in order to run the server:

{4EB61BAC-A3B6-4760-9581-655041EF4D69}

 

 

Microsoft Office Sessions:

=========================

Error: (01/13/2014 07:09:28 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 163 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (02/26/2013 03:53:49 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 769 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (12/05/2012 07:44:50 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1151 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (04/03/2012 00:55:01 AM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 742 seconds with 480 seconds of active time.  This session ended with a crash.

 

 

=========================== Installed Programs ============================

 

7-Zip 9.20

Adobe AIR (Version: 3.9.0.1030)

Adobe Download Assistant (Version: 1.2.6)

Adobe Photoshop CS6 (Version: 13.0)

Adobe Reader 9.5.2 (Version: 9.5.2)

Adobe Shockwave Player 12.0 (Version: 12.0.4.144)

Adobe Support Advisor (Version: 1.6.1)

Adobe Support Advisor (Version: 1.6.1.20120504)

Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)

Apple Application Support (Version: 2.3.6)

Apple Mobile Device Support (Version: 7.0.0.117)

Apple Software Update (Version: 2.1.3.127)

ARTEuro (Version: 1.00.0000)

avast! Free Antivirus (Version: 8.0.1489.0)

Bonjour (Version: 3.0.0.10)

CCleaner (Version: 3.28)

Corel Paint Shop Pro X (Version: 10.01)

Corel Photo Album 6 (Version: 6.33)

Dell CinePlayer (Version: 3.0)

Dell Driver Reset Tool (Version: 1.02.0000)

Dell Network Assistant (Version: 3.0.0.0)

Dell Support 3.2 (Version: 5.5.2038)

Dell System Restore (Version: 2.00.0000)

Email Updater (Version: 1.0.4)

Epson Easy Photo Print 2 (Version: 2.1.0.0)

Epson Event Manager (Version: 2.30.01)

EPSON Printer Software

Epson Printer Software Downloader

Epson Printer Software Downloader (Version: 2.0.0)

EPSON Scan

Epson Stylus SX210_SX410_TX210_TX410 Manual

EPSON SX210 Series Printer Uninstall

EPSON Web-To-Page

ERUNT 1.1j

ESET Online Scanner v3

FFdshow [2006-08-21 | rev 2546] (Version: 1.0.0)

Football Manager 2007

GemMaster Mystic

GIMPshop 2.2.8 (Version: 2.2.8)

Google Chrome (Version: 32.0.1700.102)

Google Desktop (Version: -)

Google Toolbar for Internet Explorer (Version: 1.0.0)

Google Toolbar for Internet Explorer (Version: 7.5.4805.320)

Google Update Helper (Version: 1.3.22.3)

IncrediMail (Version:  5.8.6.4237)

Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4410)

Intel® PRO Network Connections Drivers

Intel® PROSet for Wired Connections (Version: 9.20.0000)

Interlex 2.5 (Version: 2.5)

iPod Update 2004-04-28 (Version: 1.1)

iTunes (Version: 11.1.2.32)

Learn2 Player (Uninstall Only)

LiveUpdate 2.6 (Symantec Corporation) (Version: 2.6.14.0)

Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)

MCU (Version: 1.00.0000)

Microsoft .NET Framework 1.0 Hotfix (KB979904)

Microsoft .NET Framework 1.0 Security Update (KB2742607)

Microsoft .NET Framework 1.0 Security Update (KB2833951)

Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)

Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)

Microsoft Application Error Reporting (Version: 12.0.6012.5000)

Microsoft Choice Guard (Version: 2.0.48.0)

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)

Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)

Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Professional 2007 (Version: 12.0.6612.1000)

Microsoft Office Professional 2007 Trial (Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Silverlight (Version: 5.1.20513.0)

Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)

Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)

Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)

Microsoft User-Mode Driver Framework Feature Pack 1.9

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Works (Version: 08.05.0818)

Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)

Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)

Microsoft_VC90_CRT_x86 (Version: 1.00.0000)

MSVC80_x86 (Version: 1.0.1.0)

MSVC80_x86_v2 (Version: 1.0.3.0)

MSVC90_x86 (Version: 1.0.1.2)

MSVCRT (Version: 14.0.1468.721)

MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)

MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)

MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)

Nokia Connectivity Cable Driver (Version: 7.1.78.0)

Nokia Multimedia Factory (Version: 1.3)

Nokia Multimedia Factory (Version: 1.3.2.0)

Nokia PC Suite (Version: 7.1.180.94)

Nokia Software Updater (Version: 01.04.036.32635)

Nokia Suite (Version: 3.3.86.0)

OpenOffice.org 3.0 (Version: 3.0.9379)

Otto

PC Connectivity Solution (Version: 12.0.27.0)

PDF Settings CS6 (Version: 11.0)

Photodex Presenter

QuickTime (Version: 7.74.80.86)

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)

RealPlayer

RealUpgrade 1.1 (Version: 1.1.0)

Roxio DLA (Version: 5.2.0)

Roxio MyDVD LE (Version: 6.1.6)

Roxio RecordNow Audio (Version: 2.0.4)

Roxio RecordNow Copy (Version: 2.0.4)

Roxio RecordNow Data (Version: 2.0.4)

Samsung Kies (Version: 2.6.1.13105_6)

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0)

School Tycoon

SearchAssist

Segoe UI (Version: 14.0.4327.805)

Sonic Activation Module (Version: 1.0)

Sonic Encoders (Version: 1.00)

Sonic Update Manager (Version: 3.0.0)

SopCast 2.0.4 (Version: 2.0.4)

Spotify (Version: 0.4.10)

Spotify (Version: 0.8.3.222.g317ab79d)

swMSM (Version: 12.0.0.1)

Tesco Download Manager - Install/Uninstall (v1.0.9.0) (Version: 1.0.9.0)

TVAnts 1.0

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition

Update for Windows XP (KB2345886) (Version: 1)

Update for Windows XP (KB2749655) (Version: 1)

Update for Windows XP (KB2904266) (Version: 1)

Update for Windows XP (KB951978) (Version: 1)

Update for Windows XP (KB955759) (Version: 1)

Update for Windows XP (KB961503) (Version: 1)

Update for Windows XP (KB968389) (Version: 1)

Update for Windows XP (KB971029) (Version: 1)

Update for Windows XP (KB973815) (Version: 1)

Update Rollup 2 for Windows XP Media Center Edition 2005

URL Assistant

WebFldrs XP (Version: 9.50.7523)

Windows Driver Package - Nokia Modem  (02/15/2007 3.1) (Version: 02/15/2007 3.1)

Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)

Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)

Windows Driver Package - Nokia Modem  (03/05/2008 3.7) (Version: 03/05/2008 3.7)

Windows Driver Package - Nokia Modem  (03/13/2008 6.86.0.1) (Version: 03/13/2008 6.86.0.1)

Windows Driver Package - Nokia Modem  (05/24/2007 6.84.0.1) (Version: 05/24/2007 6.84.0.1)

Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)

Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)

Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.5.0530.0)

Windows Live Call (Version: 14.0.8117.0416)

Windows Live Communications Platform (Version: 14.0.8117.416)

Windows Live Essentials (Version: 14.0.8117.0416)

Windows Live Essentials (Version: 14.0.8117.416)

Windows Live Messenger (Version: 14.0.8117.0416)

Windows Live Sign-in Assistant (Version: 5.000.818.5)

Windows Live Upload Tool (Version: 14.0.8014.1029)

Windows Media Format 11 runtime

Windows Media Player 11

Windows Media Player Firefox Plugin (Version: 1.0.0.8)

Windows XP Media Center Edition 2005 KB908246

Windows XP Service Pack 3 (Version: 20080414.031525)

WinZip 15.0 (Version: 15.0.9334)

x264 Revision 564 x264.nl (remove only)

Xirrus Wi-Fi Inspector (Version: 1.2.1.4)

XML Paper Specification Shared Components Pack 1.0

 

========================= Devices: ================================

 

 

========================= Memory info: ===================================

 

Percentage of memory in use: 79%

Total physical RAM: 1014.07 MB

Available physical RAM: 211.28 MB

Total Pagefile: 2440.46 MB

Available Pagefile: 1322.88 MB

Total Virtual: 2047.88 MB

Available Virtual: 1979.1 MB

 

========================= Partitions: =====================================

 

1 Drive c: () (Fixed) (Total:107.08 GB) (Free:7.52 GB) NTFS

2 Drive d: (Backup) (Fixed) (Total:37.24 GB) (Free:0.16 GB) NTFS

 

========================= Users: ========================================

 

User accounts for \\STE

 

Administrator            Clare                    Guest                    

HelpAssistant            Ste's                    SUPPORT_388945a0         

 

========================= Minidump Files ==================================

 

C:\WINDOWS\Minidump\Mini011614-01.dmp

C:\WINDOWS\Minidump\Mini011614-02.dmp

C:\WINDOWS\Minidump\Mini011714-01.dmp

C:\WINDOWS\Minidump\Mini012113-01.dmp

C:\WINDOWS\Minidump\Mini020613-01.dmp

C:\WINDOWS\Minidump\Mini021013-01.dmp

C:\WINDOWS\Minidump\Mini021713-01.dmp

C:\WINDOWS\Minidump\Mini030113-01.dmp

C:\WINDOWS\Minidump\Mini030113-02.dmp

C:\WINDOWS\Minidump\Mini031413-01.dmp

C:\WINDOWS\Minidump\Mini072513-01.dmp

C:\WINDOWS\Minidump\Mini081213-01.dmp

C:\WINDOWS\Minidump\Mini082113-01.dmp

C:\WINDOWS\Minidump\Mini083013-01.dmp

C:\WINDOWS\Minidump\Mini101212-01.dmp

C:\WINDOWS\Minidump\Mini101612-01.dmp

C:\WINDOWS\Minidump\Mini102012-01.dmp

C:\WINDOWS\Minidump\Mini102312-01.dmp

C:\WINDOWS\Minidump\Mini102412-01.dmp

C:\WINDOWS\Minidump\Mini102612-01.dmp

C:\WINDOWS\Minidump\Mini103012-01.dmp

C:\WINDOWS\Minidump\Mini112112-01.dmp

C:\WINDOWS\Minidump\Mini112512-01.dmp

C:\WINDOWS\Minidump\Mini121212-01.dmp

C:\WINDOWS\Minidump\Mini121612-01.dmp

C:\WINDOWS\Minidump\Mini121709-01.dmp

C:\WINDOWS\Minidump\Mini122506-01.dmp

 

**** End of log ****
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.