Jump to content

Can't locate trojan.bitminer


Recommended Posts

Hello, as the topic title suggests I am confident that I have a trojan.bitminer on my computer (I have nothing to do with bitcoins). My display driver keeps on switching of and recovering so I browsed some forums and found a spot on reply. I had to run a few tests to check if it was the same problem as his - whichi it was - so I proceded to follow his instructions.

The first one was to get malware bytes, next i had to get a DDU. After I ran display driver uninstaller I started the computer in safe mode and ran malware bytes (the deep scan) it showed me about 80 different problems (2 were trojans I removed) but none of them was the bitminer. The problem is that I am 100% certain it is there but still can not find it.

Started my computer up: same problem again - display driver stopped working. So next I remove all the 80 'malwares'. However; then my internet stopped working so i am now restoring it (hopefully that will fix it).

I am new to malwarebytes so I am wondering if bitminer is being discovered by malwarebytes but it is disguising itself as something? Or maybe it is an entirely different matter. Please help because my computer is driving me craaaaazy!

Thanks in advance!

Mark

Link to post
Share on other sites

Welcome to the forum, please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt (DDS won't run on W8)

(please don't put logs in code or quotes and use the default font)

(Please don't forget to run the RogueKiller scan below)

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running, please create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

Dear MrC,

 

Thank you so much for your willingness to help! I think I have done as you asked and hope that I have not omitted any of your clear instructions.

 

Below are the logs in the following order: dds.txt; attach.txt; RKreport

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
Run by crazyness at 20:36:55 on 2014-01-28
Microsoft Windows 7 NVIDIA 2010   6.1.7601.1.1252.49.1033.18.4094.1631 [GMT 4:00]
.
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Protector Suite\upeksvr.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Penwes\PenwesService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\SysWOW64\Rundll32.exe
C:\Program Files (x86)\Chicony\GameKeys\MODPS2KEY.EXE
C:\Program Files (x86)\PenWes\penwes.exe
C:\Windows\BisonCam\BisonHK.exe
C:\Windows\BisonCam\DeLay.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Protector Suite\psqltray.exe
C:\Program Files (x86)\Chicony\GameKeys\Driver\ZGKY.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvMon.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\crazyness\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\crazyness\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\crazyness\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\crazyness\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\crazyness\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
uURLSearchHooks: {6edc3889-b841-4127-a2bf-c5fc48f972c7} - <orphaned>
uURLSearchHooks: {f16708b8-d2df-482d-9dfa-aa8d8894f0f4} - <orphaned>
uURLSearchHooks: AF-HSS Toolbar: {F0381DBD-E018-4E07-AE40-D96AB15083F0} - C:\Program Files (x86)\AF-HSS\prxtbAF-2.dll
uURLSearchHooks: Hotspot Shield Toolbar: {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot2.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
mURLSearchHooks: Hotspot Shield Toolbar: {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot2.dll
mURLSearchHooks: AF-HSS Toolbar: {F0381DBD-E018-4E07-AE40-D96AB15083F0} - C:\Program Files (x86)\AF-HSS\prxtbAF-2.dll
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
BHO: MathPlayer BrowserHelperObject Class: {32F66A28-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathPlayerBHO.dll
BHO: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - <orphaned>
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
BHO: Hotspot Shield Toolbar: {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot2.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: AF-HSS Toolbar: {F0381DBD-E018-4E07-AE40-D96AB15083F0} - C:\Program Files (x86)\AF-HSS\prxtbAF-2.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>
TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
TB: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
TB: Hotspot Shield Toolbar: {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot2.dll
TB: AF-HSS Toolbar: {F0381DBD-E018-4E07-AE40-D96AB15083F0} - C:\Program Files (x86)\AF-HSS\prxtbAF-2.dll
TB: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: AF-HSS Toolbar: {F0381DBD-E018-4E07-AE40-D96AB15083F0} - C:\Program Files (x86)\AF-HSS\prxtbAF-2.dll
TB: Hotspot Shield Toolbar: {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot2.dll
uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [Google Update] "C:\Users\crazyness\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "C:\Users\crazyness\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [backgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [LchGKey] C:\Program Files (x86)\Chicony\GameKeys\LchGKey.exe
mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE"
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Clarus Drive Manager] C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
dRun: [Welcome Center] C:\Windows\System32\rundll32.exe C:\Windows\System32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
dRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~1.LNK - C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
uPolicies-Explorer: NoResolveTrack = dword:1
uPolicies-Explorer: NoSMBalloonTip = dword:1
uPolicies-Explorer: NoThumbnailCache = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoSMBalloonTip = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Users\crazyness\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to iPhone Converter - C:\Users\crazyness\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm
IE: Free YouTube to iPod Converter - C:\Users\crazyness\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm
IE: Free YouTube to MP3 Converter - C:\Users\crazyness\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
LSP: C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: NameServer = 94.243.129.130 94.243.128.130 192.168.1.1
TCP: Interfaces\{1189A897-816E-40C1-AEC2-42476DFF7F3B} : NameServer = 127.0.0.1
TCP: Interfaces\{1189A897-816E-40C1-AEC2-42476DFF7F3B} : DHCPNameServer = 94.243.129.130 94.243.128.130 192.168.1.1
TCP: Interfaces\{1189A897-816E-40C1-AEC2-42476DFF7F3B}\2656C6B696E6E233666683 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{1189A897-816E-40C1-AEC2-42476DFF7F3B}\37E61696C637F65707F2F277563747 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{85CEB121-8140-4C0E-A0F8-A7127822D511} : NameServer = 127.0.0.1
TCP: Interfaces\{85CEB121-8140-4C0E-A0F8-A7127822D511} : DHCPNameServer = 10.173.192.1
TCP: Interfaces\{AE9137F2-A674-497C-8F7B-55C379EB9FC2} : DHCPNameServer = 10.111.81.129 10.129.32.1
TCP: Interfaces\{F0C6BF65-64F8-4362-B6EC-AA7751B07C4A} : DHCPNameServer = 10.111.81.129 10.129.32.1
Filter: application/xhtml+xml - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: psfus - <no file>
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages =  scecli C:\Program Files\Protector Suite\psqlpwd.dll
x64-BHO: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - 
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - 
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - 
x64-Run: [PSQLLauncher] "C:\Program Files\Protector Suite\launcher.exe" /startup
x64-Run: [bisonHK] C:\Windows\BisonCam\BisonHK.exe
x64-Run: [DeLay] C:\Windows\BisonCam\DeLay.exe
x64-Run: [LchGKey] C:\Program Files (x86)\Chicony\GameKeys\LchGKey.exe
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Filter: application/xhtml+xml - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: psfus - C:\Program Files\Protector Suite\psqlpwd.dll
x64-SSODL: WebCheck - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll
FF - component: C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\extensions\passwordbank@upek.com\components\pbgk1_91.dll
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Users\crazyness\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll
FF - plugin: C:\Users\crazyness\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\crazyness\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Users\crazyness\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\crazyness\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll
FF - plugin: C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: 2049-12-31 18:00; {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}; C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-25 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-11-1 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-6 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-5 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-11-1 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2009-9-8 87600]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-12 3478544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2010-7-23 296808]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-23 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-23 701512]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-27 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-24 15129376]
R2 PenWesController;Penwes.com Service;C:\Program Files (x86)\PenWes\PenWesService.exe [2014-1-25 1514496]
R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2013-9-29 106472]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-12-25 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 SZDrvSvc;Samsung Drive Manager Service;C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [2013-11-26 19456]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-8-1 2337144]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2014-1-21 173656]
R3 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2014-1-21 26208]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-23 25928]
R3 mdf16;mdf16;C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [2013-11-26 20400]
R3 mvd23;mvd23;C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [2013-11-26 99248]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-27 39200]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2012-12-1 31232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 avmeject;AVM Eject;C:\Windows\System32\drivers\avmeject.sys [2010-10-22 14120]
S3 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2014-1-9 25832]
S3 FWLANUSB;AVM FRITZ!WLAN;C:\Windows\System32\drivers\fwlanusb.sys [2010-10-22 460800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-16 111616]
S3 KoneFltr;ROCCAT Kone;C:\Windows\System32\drivers\Kone.sys [2010-12-25 15488]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-11 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-28 19456]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-28 57856]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-12-1 745368]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-25 1255736]
.
=============== File Associations ===============
.
FileExt: .reg: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-01-27 16:56:07 -------- d-----w- C:\Users\crazyness\AppData\Local\NVIDIA Corporation
2014-01-27 16:51:09 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-01-27 16:51:05 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-01-26 20:31:12 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-26 20:29:08 0 ----a-w- C:\Windows\SysWow64\RENB1D6.tmp
2014-01-26 20:29:08 0 ----a-w- C:\Windows\SysWow64\RENB1D5.tmp
2014-01-26 14:03:08 -------- d-----w- C:\Users\crazyness\AppData\Local\Clarus
2014-01-26 12:49:59 -------- d-----w- C:\Users\crazyness\AppData\Local\TSVNCache
2014-01-26 12:47:27 -------- d-----w- C:\Users\crazyness\AppData\Roaming\TortoiseSVN
2014-01-26 12:44:00 -------- d-----w- C:\Users\crazyness\AppData\Roaming\Subversion
2014-01-26 12:26:08 -------- d-----w- C:\Program Files (x86)\Common Files\TortoiseOverlays
2014-01-26 12:26:02 -------- d-----w- C:\Program Files\Common Files\TortoiseOverlays
2014-01-26 12:25:56 -------- d-----w- C:\Program Files\TortoiseSVN
2014-01-26 12:01:07 -------- d-----w- C:\Users\crazyness\AppData\Local\HonorbuddyMeshes
2014-01-25 09:28:40 202240 ----a-w- C:\Users\crazyness\AppData\Local\Keygenerator.exe
2014-01-25 09:28:38 -------- d-----w- C:\ProgramData\Penwes
2014-01-25 09:28:37 -------- d-----w- C:\Program Files (x86)\PenWes
2014-01-25 08:27:57 -------- d-----w- C:\Users\crazyness\AppData\Local\NVIDIA
2014-01-24 11:45:36 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-01-24 11:45:36 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-01-24 11:42:28 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2014-01-24 11:42:05 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-01-24 11:42:05 6669600 ----a-w- C:\Windows\System32\nvcpl.dll
2014-01-24 11:42:05 63776 ----a-w- C:\Windows\System32\nvshext.dll
2014-01-24 11:42:05 3489568 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-01-24 11:42:05 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-01-24 11:42:05 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2014-01-24 11:41:09 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2014-01-24 11:41:09 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-01-24 11:40:12 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2014-01-24 11:37:53 3067560 ----a-w- C:\Windows\System32\nvapi64.dll
2014-01-24 11:37:53 2695200 ----a-w- C:\Windows\SysWow64\nvapi.dll
2014-01-24 11:37:53 25257248 ----a-w- C:\Windows\System32\nvcompiler.dll
2014-01-24 11:37:53 17560352 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2014-01-23 19:26:20 -------- d-----w- C:\Users\crazyness\AppData\Local\WindowsApplication1
2014-01-23 14:31:55 -------- d-----w- C:\Users\crazyness\AppData\Roaming\Malwarebytes
2014-01-23 14:31:39 -------- d-----w- C:\ProgramData\Malwarebytes
2014-01-23 14:31:37 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-01-23 14:31:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-23 14:20:59 -------- d-----w- C:\Windows\SysWow64\directx
2014-01-23 14:19:56 -------- d-----w- C:\Program Files (x86)\MSI Afterburner
2014-01-21 11:36:43 -------- d-----w- C:\Windows\SysWow64\drivers\da-DK
2014-01-21 11:36:33 -------- d-----w- C:\Windows\SysWow64\da
2014-01-21 11:36:32 -------- d-----w- C:\Windows\SysWow64\wbem\da-DK
2014-01-21 11:36:31 -------- d-----w- C:\Windows\da-DK
2014-01-21 11:36:30 -------- d-----w- C:\Windows\System32\drivers\UMDF\da-DK
2014-01-21 11:36:30 -------- d-----w- C:\Windows\System32\drivers\da-DK
2014-01-21 11:36:13 -------- d-----w- C:\Windows\System32\da
2014-01-21 11:36:12 -------- d-----w- C:\Windows\System32\wbem\da-DK
2014-01-21 11:14:38 6144 ----a-w- C:\Windows\System32\drivers\da-DK\rdvgkmd.sys.mui
2014-01-21 11:14:38 2560 ----a-w- C:\Windows\System32\drivers\da-DK\rdpwd.sys.mui
2014-01-21 11:14:37 2560 ----a-w- C:\Windows\System32\drivers\da-DK\serscan.sys.mui
2014-01-21 11:14:35 8192 ----a-w- C:\Windows\System32\drivers\da-DK\tunnel.sys.mui
2014-01-21 11:14:35 4096 ----a-w- C:\Windows\System32\drivers\da-DK\tsusbhub.sys.mui
2014-01-21 11:14:35 3584 ----a-w- C:\Windows\System32\drivers\da-DK\tsusbflt.sys.mui
2014-01-21 11:14:34 24576 ----a-w- C:\Windows\System32\drivers\da-DK\usbport.sys.mui
2014-01-21 11:14:34 11776 ----a-w- C:\Windows\System32\drivers\da-DK\usbhub.sys.mui
2014-01-21 11:14:26 9728 ----a-w- C:\Windows\System32\drivers\da-DK\battc.sys.mui
2014-01-21 11:12:58 35840 ----a-w- C:\Windows\System32\drivers\da-DK\http.sys.mui
2014-01-21 11:08:56 -------- d-----w- C:\Windows\SysWow64\cs
2014-01-21 11:08:45 -------- d-----w- C:\Windows\SysWow64\drivers\cs-CZ
2014-01-21 11:08:44 -------- d-----w- C:\Windows\SysWow64\wbem\cs-CZ
2014-01-21 11:08:44 -------- d-----w- C:\Windows\cs-CZ
2014-01-21 11:08:42 -------- d-----w- C:\Windows\System32\cs
2014-01-21 11:08:27 -------- d-----w- C:\Windows\System32\drivers\UMDF\cs-CZ
2014-01-21 11:08:27 -------- d-----w- C:\Windows\System32\drivers\cs-CZ
2014-01-21 11:08:23 -------- d-----w- C:\Windows\System32\wbem\cs-CZ
2014-01-21 10:47:42 6656 ----a-w- C:\Windows\System32\drivers\cs-CZ\rdvgkmd.sys.mui
2014-01-21 10:47:41 2560 ----a-w- C:\Windows\System32\drivers\cs-CZ\rdpwd.sys.mui
2014-01-21 10:47:37 9216 ----a-w- C:\Windows\System32\drivers\cs-CZ\tunnel.sys.mui
2014-01-21 10:47:37 4096 ----a-w- C:\Windows\System32\drivers\cs-CZ\tsusbhub.sys.mui
2014-01-21 10:47:37 3584 ----a-w- C:\Windows\System32\drivers\cs-CZ\tsusbflt.sys.mui
2014-01-21 10:47:37 2560 ----a-w- C:\Windows\System32\drivers\cs-CZ\UAGP35.SYS.mui
2014-01-21 10:47:37 25088 ----a-w- C:\Windows\System32\drivers\cs-CZ\usbport.sys.mui
2014-01-21 10:47:32 9728 ----a-w- C:\Windows\System32\drivers\cs-CZ\battc.sys.mui
2014-01-21 10:47:31 4608 ----a-w- C:\Windows\System32\drivers\cs-CZ\kbdclass.sys.mui
2014-01-21 10:47:31 3072 ----a-w- C:\Windows\System32\drivers\cs-CZ\GAGP30KX.SYS.mui
2014-01-21 10:47:31 2560 ----a-w- C:\Windows\System32\drivers\cs-CZ\kbdhid.sys.mui
2014-01-21 10:45:59 61440 ----a-w- C:\Windows\System32\drivers\cs-CZ\ntfs.sys.mui
2014-01-21 10:43:16 -------- d-----w- C:\Windows\lv-LV
2014-01-21 10:43:06 -------- d-----w- C:\Windows\SysWow64\wbem\lv-LV
2014-01-21 10:43:06 -------- d-----w- C:\Windows\SysWow64\drivers\lv-LV
2014-01-21 10:43:01 -------- d-----w- C:\Windows\System32\wbem\lv-LV
2014-01-21 10:43:01 -------- d-----w- C:\Windows\System32\drivers\lv-LV
2014-01-21 10:30:31 2560 ----a-w- C:\Windows\System32\drivers\lv-LV\scfilter.sys.mui
2014-01-21 10:29:40 3584 ----a-w- C:\Windows\System32\drivers\lv-LV\portcls.sys.mui
2014-01-21 10:29:40 2560 ----a-w- C:\Windows\System32\drivers\lv-LV\serscan.sys.mui
2014-01-21 10:29:36 3072 ----a-w- C:\Windows\System32\drivers\lv-LV\ataport.sys.mui
2014-01-21 10:29:36 2048 ----a-w- C:\Windows\System32\drivers\lv-LV\amdide.sys.mui
2014-01-21 10:29:31 47616 ----a-w- C:\Windows\System32\drivers\lv-LV\tcpip.sys.mui
2014-01-21 10:28:56 7168 ----a-w- C:\Windows\System32\drivers\lv-LV\bthport.sys.mui
2014-01-21 10:28:56 3072 ----a-w- C:\Windows\System32\drivers\lv-LV\hidbth.sys.mui
2014-01-21 10:28:56 2560 ----a-w- C:\Windows\System32\drivers\lv-LV\BTHUSB.SYS.mui
2014-01-21 10:28:56 2048 ----a-w- C:\Windows\System32\drivers\lv-LV\bthenum.sys.mui
2014-01-20 23:26:26 -------- d-----w- C:\Users\crazyness\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
2014-01-20 23:24:31 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2014-01-20 22:13:14 -------- d-----w- C:\Users\crazyness\AppData\Roaming\MechCAD
2014-01-20 22:13:08 -------- d-----w- C:\Program Files (x86)\AceMoney
2014-01-20 21:27:31 -------- d-----w- C:\Program Files\Realtek
2014-01-20 21:25:59 2036992 ----a-w- C:\Windows\System32\MaxxAudioEQ64.dll
2014-01-20 21:25:53 790272 ----a-w- C:\Windows\SysWow64\MaxxAudioAPOShell.dll
2014-01-20 21:25:53 1012992 ----a-w- C:\Windows\System32\MaxxAudioAPOShell64.dll
2014-01-20 21:25:52 663296 ----a-w- C:\Windows\System32\MaxxAudioAPO30.dll
2014-01-20 21:25:52 318808 ----a-w- C:\Windows\System32\MaxxAudioAPO20.dll
2014-01-20 21:25:52 1345280 ----a-w- C:\Windows\System32\MaxxAudioAPO5064.dll
2014-01-20 21:25:52 1084160 ----a-w- C:\Windows\System32\MaxxAudioAPO4064.dll
2014-01-20 21:25:50 603984 ----a-w- C:\Windows\System32\KAAPORT64.dll
2014-01-20 21:23:47 605496 ----a-w- C:\Windows\System32\audioLibVc.dll
2014-01-20 21:23:46 209096 ----a-w- C:\Windows\System32\AERTAC64.dll
2014-01-20 21:23:46 109848 ----a-w- C:\Windows\System32\AcpiServiceVnA64.dll
2014-01-20 21:23:46 108640 ----a-w- C:\Windows\System32\AERTAR64.dll
2014-01-20 21:22:54 2080472 ----a-w- C:\Windows\RtlExUpd.dll
2014-01-20 21:06:50 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-01-20 21:06:50 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-01-20 21:06:49 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-01-20 21:06:48 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-01-20 20:56:44 -------- d-----w- C:\Windows\Migration
2014-01-20 20:49:40 1930752 ----a-w- C:\Windows\System32\authui.dll
2014-01-20 20:49:40 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2014-01-20 20:49:36 197120 ----a-w- C:\Windows\System32\credui.dll
2014-01-20 20:49:36 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2014-01-20 20:49:36 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2014-01-20 20:49:36 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2014-01-20 20:46:15 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-01-20 20:46:15 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-01-20 20:46:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-01-20 20:45:41 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-01-20 20:45:41 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-01-20 20:27:04 26208 ----a-w- C:\Windows\System32\drivers\johci.sys
2014-01-20 20:24:58 -------- d-----w- C:\Windows\SysWow64\SDA
2014-01-20 20:24:53 203352 ----a-w- C:\Windows\SysWow64\jmcricon.dll
2014-01-20 20:24:53 203352 ----a-w- C:\Windows\System32\jmcricon.dll
2014-01-20 20:24:53 173656 ----a-w- C:\Windows\System32\drivers\jmcr.sys
2014-01-20 19:31:09 -------- d-----w- C:\Program Files (x86)\DriverUpdate
2014-01-15 11:50:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 11:50:15 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-15 11:50:15 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-15 11:50:15 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-15 11:50:15 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-15 11:50:15 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 11:50:15 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-15 11:50:14 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-10 21:18:25 -------- d-----w- C:\Users\crazyness\AppData\Local\Blizzard Entertainment
2014-01-09 16:02:54 -------- d-----w- C:\Program Files (x86)\Dragon Age 2
2014-01-09 12:11:58 -------- d-----w- C:\ProgramData\BioWare
2014-01-09 11:53:01 -------- d-----w- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2014-01-09 11:29:12 -------- d-----w- C:\Program Files (x86)\Dragon Age
2013-12-30 16:29:10 -------- d-----w- C:\Users\crazyness\AppData\Roaming\Synthesia
2013-12-30 16:28:55 -------- d-----w- C:\Program Files (x86)\Synthesia
.
==================== Find3M  ====================
.
2014-01-07 16:55:14 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-01-07 16:55:14 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-01-07 16:54:47 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-12-13 14:12:45 0 ----a-w- C:\Windows\SysWow64\RENE082.tmp
2013-12-13 14:12:45 0 ----a-w- C:\Windows\SysWow64\RENE081.tmp
2013-12-11 19:06:03 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 19:06:03 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-11 19:05:53 9293192 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-11-07 16:21:03 88480 ----a-w- C:\Windows\System32\drivers\atksgt.sys
2013-11-07 16:21:03 46400 ----a-w- C:\Windows\System32\drivers\lirsgt.sys
2013-11-05 21:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2013-11-04 21:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-10-31 23:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-10-31 22:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2006-05-03 11:06:54 163328 --sha-r- C:\Windows\SysWOW64\flvDX.dll
2007-02-21 12:47:16 31232 --sha-r- C:\Windows\SysWOW64\msfDX.dll
2008-03-16 14:30:52 216064 --sha-r- C:\Windows\SysWOW64\nbDX.dll
.
============= FINISH: 20:40:40,16 ===============
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 NVIDIA 2010 
Boot Device: \Device\HarddiskVolume1
Install Date: 25.12.2010 01:23:48
System Uptime: 28.01.2014 20:27:34 (0 hours ago)
.
Motherboard: CLEVO            |  | M980NU          
Processor: Intel® Core2 Quad  CPU   Q9000  @ 2.00GHz | Socket 479 | 2001/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 90,708 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 322,747 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP387: 22.01.2014 01:21:28 - Windows Update
RP389: 22.01.2014 03:00:45 - Windows Update
RP390: 25.01.2014 12:51:01 - Restore Operation
RP391: 26.01.2014 16:23:09 - Installed TortoiseSVN 1.8.4.24972 (64 bit)
RP392: 27.01.2014 00:25:00 - Installed Java 7 Update 51
RP393: 27.01.2014 20:56:18 - Installed DirectX
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20
ABBYY FineReader 6.0 Sprint
ABBYY FineReader 9.0 Sprint
AceMoney
Adobe Acrobat XI Pro
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe CSI CS4
Adobe CSI CS4 x64
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS6
Adobe Reader X (10.1.9) - Deutsch
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe XMP Panels CS4
AF-HSS Toolbar
Amazon Kindle
Apple Application Support
Apple Mobile Device Support
Apple Software Update
µTorrent
Audacity 1.3.13 (Unicode)
AutoHotkey 1.1.13.01
AVG 2014
AVM FRITZ!WLAN
Battlefield 3™
Battlefield Heroes
BisonCam
Bonjour
BulletStorm
bwin Download Casino
bwin Poker 1.0.0
calibre
Call of Duty: Black Ops - Multiplayer
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
CamStudio
Cheat Engine 6.0
Citrix Online Plug-in - Web
Citrix Online Plug-in (DV)
Citrix Online Plug-in (HDX)
Citrix Online Plug-in (USB)
Citrix Online Plug-in (Web)
Connect
Copywhiz 4.0
Core Temp 1.0 RC3
Counter-Strike: Global Offensive
Counter-Strike: Source
Crysis® 2
Dota 2
Dragon Age II
Dragon Age: Origins
Dragon NaturallySpeaking 11
DriverUpdate
Dropbox
Druckerdeinstallation für EPSON SX125 Series
DVD Shrink 3.2 deutsch (DeCSS-frei)
EA SPORTS Game Face Browser Plugin 1.5.3.0
EAX Unified
Empire Earth
Epson Easy Photo Print 2
Epson Event Manager
EPSON Scan
Epson Stylus SX210_SX410_TX210_TX410 Handbuch
EPSON SX210 Series Printer Uninstall
ESN Sonar
EVEREST Home Edition v2.20
Explorer Suite III
F1 2011
Facebook Messenger 2.1.4814.0
Facebook Video Calling 2.0.0.447
facemoods
Fences
FIFA 14
FixCleaner
Fraps
Free Audio CD Burner version 2.0.22.128
Free Audio CD to MP3 Converter version 1.3.12.1228
Free Disc Burner version 3.0.18.128
Free DVD Video Burner version 3.2.6.128
Free DVD Video Converter version 2.0.13.128
Free Video to iPhone Converter version 5.0.22.128
Free YouTube Download version 3.2.1.320
FreeMind
Full Tilt Poker
FUSSBALL MANAGER 06
GameCenter
Gaming Keyboard Driver
GeForce Experience NvStream Client Components
GOM Player
Google Chrome
Google Earth Plug-in
Google Update Helper
Gothic
GRID 2
Guitar Pro 6
HandBrake 0.9.8
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973)
Hotspot Shield Toolbar
HyperCam 2
iCloud
ImgBurn
inSSIDer 3
inSSIDer Office
iTunes
Java 7 Update 51
Java Auto Updater
JavaFX 2.1.0
JDownloader 0.9
JMicron 1394 Filter Driver
JMicron Flash Media Controller Driver
kuler
League of Legends
LOLReplay
Mafia Game
Malwarebytes Anti-Malware version 1.75.0.1300
MathPlayer
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (DEU)
Microsoft .NET Framework 4.5.1 (Deutsch)
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Help Viewer 1.1
Microsoft Help Viewer 1.1 Language Pack - DEU
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 DEU
Microsoft SQL Server Compact 3.5 SP2 x64 DEU
Microsoft SQL Server System CLR Types
Microsoft Visual Basic 2010 Express - DEU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
Microsoft WSE 3.0 Runtime
Microsoft Xbox 360 Accessories 1.2
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MobileMe Control Panel
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSI Afterburner 2.3.1
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser und SDK
MSXML4 Parser
NVIDIA 3D Vision Driver 331.65
NVIDIA Control Panel 331.65
NVIDIA GeForce Experience 1.8.1
NVIDIA Graphics Driver 331.65
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.11.15
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 10.11.15
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.19
OpenAL
OpenOffice.org 3.2
Origin
Pando Media Booster
PDF Settings CS6
PenWes [10863]
Photoshop Camera Raw
Pivot Stickfigure Animator
Plus500
PokerStars.eu
Pop Drop and Stack Championship
Protector Suite 2009
PunkBuster Services
QuickTime
Rapture3D 2.4.9 Game
Razer Game Booster
Realtek High Definition Audio Driver
Recuva
Red Eye Remover 2.0
ROCCAT Kone[+] Mouse Driver
Rockstar Games Social Club
Safari
Samsung Drive Manager
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition 
SHIELD Streaming
Skype Click to Call
Skype™ 6.11
Smart PC Cleaner v3.0
SopCast 3.4.0
SpeedFan (remove only)
Spybot - Search & Destroy
Steam
Suite Shared Configuration CS4
Synthesia
System Requirements Lab
TeamSpeak 3 Client
TeamViewer 6
TechPowerUp GPU-Z
TortoiseSVN 1.8.4.24972 (64 bit)
Tunngle beta
Ubisoft Game Launcher
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
uTorrentBar Toolbar
v2011.build.46
Veetle TV
Virtua Tennis 4™
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player 2.1.2
Wallpaper Changer
Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB  (04/21/2011 01.0.0.0)
Windows Driver Package - Intel (NETwLv64) net  (08/15/2010 13.3.0.137)
Windows Driver Package - Intel (NETwNs64) net  (07/14/2010 13.3.0.24)
Windows Live ID Sign-in Assistant
Windows Movie Maker 2.6
WinRAR
WinX Free DVD Ripper 4.5.11
World of Warcraft
Xfire (remove only)
XviD MPEG-4 Video Codec
.
==== Event Viewer Messages From Past Week ========
.
28.01.2014 20:31:17, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The system cannot find the path specified.
28.01.2014 20:29:07, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  uGuru
28.01.2014 20:28:35, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the ForceWare Intelligent Application Manager (IAM) service to connect.
28.01.2014 20:28:35, Error: Service Control Manager [7000]  - The ForceWare Intelligent Application Manager (IAM) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
28.01.2014 20:20:38, Error: Service Control Manager [7034]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 3 time(s).
28.01.2014 20:20:38, Error: Service Control Manager [7034]  - The Superfetch service terminated unexpectedly.  It has done this 3 time(s).
28.01.2014 20:20:38, Error: Service Control Manager [7034]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 3 time(s).
28.01.2014 20:20:38, Error: Service Control Manager [7034]  - The Network Connections service terminated unexpectedly.  It has done this 3 time(s).
28.01.2014 20:20:38, Error: Service Control Manager [7034]  - The HomeGroup Listener service terminated unexpectedly.  It has done this 3 time(s).
28.01.2014 20:17:53, Error: Service Control Manager [7031]  - The WLAN AutoConfig service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
28.01.2014 20:17:53, Error: Service Control Manager [7031]  - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
28.01.2014 20:17:53, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 20:17:53, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 20:17:53, Error: Service Control Manager [7031]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 20:17:53, Error: Service Control Manager [7031]  - The Offline Files service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
28.01.2014 20:17:53, Error: Service Control Manager [7031]  - The Network Connections service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
28.01.2014 20:17:53, Error: Service Control Manager [7031]  - The Human Interface Device Access service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
28.01.2014 20:17:53, Error: Service Control Manager [7031]  - The HomeGroup Listener service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 20:17:53, Error: Service Control Manager [7031]  - The Distributed Link Tracking Client service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
28.01.2014 20:17:53, Error: Service Control Manager [7031]  - The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
28.01.2014 20:15:46, Error: Service Control Manager [7034]  - The Diagnostic System Host service terminated unexpectedly.  It has done this 1 time(s).
28.01.2014 20:15:46, Error: Service Control Manager [7031]  - The WLAN AutoConfig service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 20:15:46, Error: Service Control Manager [7031]  - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 20:15:46, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 20:15:46, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 20:15:46, Error: Service Control Manager [7031]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 20:15:46, Error: Service Control Manager [7031]  - The Offline Files service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 20:15:46, Error: Service Control Manager [7031]  - The Network Connections service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
28.01.2014 20:15:46, Error: Service Control Manager [7031]  - The Human Interface Device Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 20:15:46, Error: Service Control Manager [7031]  - The HomeGroup Listener service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 20:15:46, Error: Service Control Manager [7031]  - The Distributed Link Tracking Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 20:15:46, Error: Service Control Manager [7031]  - The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 20:01:33, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
28.01.2014 20:01:33, Error: Service Control Manager [7000]  - The SBSD Security Center Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
28.01.2014 16:49:44, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the WLAN AutoConfig service, but this action failed with the following error:  An instance of the service is already running.
28.01.2014 16:12:44, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:  An instance of the service is already running.
28.01.2014 16:12:44, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error:  An instance of the service is already running.
28.01.2014 16:12:44, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Extensible Authentication Protocol service, but this action failed with the following error:  An instance of the service is already running.
28.01.2014 16:12:44, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error:  An instance of the service is already running.
28.01.2014 16:11:44, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:  An instance of the service is already running.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The User Profile Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Task Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The IP Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Extensible Authentication Protocol service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Computer Browser service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Certificate Propagation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Background Intelligent Transfer Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Application Experience service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
27.01.2014 20:53:06, Error: Service Control Manager [7034]  - The Expat Shield Monitoring Service service terminated unexpectedly.  It has done this 1 time(s).
27.01.2014 20:52:10, Error: Service Control Manager [7034]  - The Expat Shield Routing Service service terminated unexpectedly.  It has done this 1 time(s).
27.01.2014 19:38:13, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Program Compatibility Assistant Service service, but this action failed with the following error:  An instance of the service is already running.
27.01.2014 18:28:26, Error: NetBT [4311]  - Initialization failed because the driver device could not be created. Use the string "00806494DFDA" to identify the interface for which initialization failed. It represents the MAC address of the failed interface or the  Globally Unique Interface Identifier (GUID) if NetBT was unable to  map from GUID to MAC address. If neither the MAC address nor the GUID were  available, the string represents a cluster device name. 
27.01.2014 14:08:42, Error: NetBT [4311]  - Initialization failed because the driver device could not be created. Use the string "00216A1FFA23" to identify the interface for which initialization failed. It represents the MAC address of the failed interface or the  Globally Unique Interface Identifier (GUID) if NetBT was unable to  map from GUID to MAC address. If neither the MAC address nor the GUID were  available, the string represents a cluster device name. 
27.01.2014 14:08:33, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000116 (0xfffffa8008388180, 0xfffff8800fc0e074, 0xffffffffc000009a, 0x0000000000000004). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012714-58656-01.
27.01.2014 11:07:19, Error: Service Control Manager [7034]  - The NVIDIA Streamer Service service terminated unexpectedly.  It has done this 1 time(s).
27.01.2014 11:04:06, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000117 (0xfffffa80087404e0, 0xfffff8800f422034, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\Minidump\012714-49046-01.dmp. Report Id: 012714-49046-01.
26.01.2014 01:43:45, Error: Service Control Manager [7023]  - The Windows Time service terminated with the following error:  A system shutdown is in progress.
25.01.2014 13:07:12, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy13.
25.01.2014 12:48:21, Error: VDS Basic Provider [1]  - Unexpected failure. Error code: 490@01010004
24.01.2014 12:48:05, Error: Service Control Manager [7043]  - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.
24.01.2014 03:23:08, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:23:06, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
24.01.2014 03:23:06, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
24.01.2014 03:23:02, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
24.01.2014 03:23:02, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
24.01.2014 03:23:00, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
24.01.2014 03:22:52, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
24.01.2014 03:22:34, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD Avgdiska AVGIDSDriver Avgldx64 Avgtdia CSC ctxusbm DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx uGuru VWiFiFlt Wanarpv6 WfpLwf
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The Expat Shield Service service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  A device attached to the system is not functioning.
24.01.2014 03:22:03, Error: sptd [4]  - Driver detected an internal error in its data structures for .
23.01.2014 23:19:24, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
23.01.2014 23:19:24, Error: Service Control Manager [7000]  - The Apple Mobile Device service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
23.01.2014 18:41:43, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
22.01.2014 22:37:26, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000116 (0xfffffa80092db170, 0xfffff8800f352e64, 0x0000000000000000, 0x000000000000000d). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012214-445507-01.
22.01.2014 22:37:14, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
22.01.2014 22:35:10, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
22.01.2014 22:32:59, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the IPsec Policy Agent service to connect.
22.01.2014 22:32:59, Error: Service Control Manager [7000]  - The IPsec Policy Agent service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
22.01.2014 03:00:45, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
22.01.2014 02:03:17, Error: Service Control Manager [7022]  - The Server service hung on starting.
22.01.2014 01:44:17, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
22.01.2014 01:21:13, Error: nvstor64 [3]  - Data error on device.    Device: \Device\RaidPort0  Model: ST9500420AS  Firmware Version: 0002  Serial Number:             5VJ0746R  Port: 2
21.01.2014 23:16:42, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000116 (0xfffffa8004f51420, 0xfffff8800f3e1e64, 0x0000000000000000, 0x000000000000000d). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012114-72384-01.
21.01.2014 03:10:29, Error: nvstor64 [3]  - Data error on device.    Device: \Device\RaidPort0  Model: ST9500325AS  Firmware Version: 0001  Serial Number:             5VE0JA76  Port: 4
21.01.2014 01:25:48, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The system cannot find the file specified.
.
==== End Of File ===========================
 
 
RogueKiller V8.8.4 _x64_ [Jan 27 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : crazyness [Admin rights]
Mode : Scan -- Date : 01/28/2014 20:47:27
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[sUSP PATH][DLL] rundll32.exe -- C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll [7] -> rundll32.exe KILLED [TermProc]
 
¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : BackgroundContainer ("C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][7][x]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-2325383642-1778774376-3964343246-1001\[...]\Run : BackgroundContainer ("C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][7][x]) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][sUSP PATH] BackgroundContainer Startup Task : "C:\Windows\SysWOW64\Rundll32.exe" - "C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][7][x] -> FOUND
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST950042 0AS SCSI Disk Device +++++
--- User ---
[MBR] 639965790f062b0e5b59430c03da908f
[bSP] 81162043a2d0535271a054b8b6fd6ee1 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Incorrect function. )
 
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST950032 5AS SCSI Disk Device +++++
--- User ---
[MBR] aa538b97611fff9258fe449579819418
[bSP] 4b9e80c08c4dac71a4652fd2781e3c87 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476938 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Incorrect function. )
 
Finished : << RKreport[0]_S_01282014_204727.txt >>
 
 
 
Link to post
Share on other sites

I have to stop here because there's evidence of illegal software on your system.

The software is Adobe and the crack is your host file, it allows you to by-pass Adobe activation.

It's not like you weren't warned about this in my first post to you.

Read the policy on Piracy here:

http://forums.malwarebytes.org/index.php?showtopic=97700

I suggest you clean up the system of any illegal software, keygens, etc.

This post will be closed.

MrC

Link to post
Share on other sites

Dear MrC,

 

Thank you for pointing this out.

 

I am currently in the process of uninstalling Adobe. This was obtained legally for a different computer and I used the host file as a temporary replacement.

 

I, of course, will delete it and shan't reinstall it until I have located the activation key.

 

Apologies for having wasted your time and making you deal with this.

 

Once I have deleted the software would you be able to kindly proceed to help me?

 

Yours sincerely,

Mark

Link to post
Share on other sites

Delete all the software and any other cracks, keygens, etc that are on the system.

Run RogueKiller again and click Scan

When the scan completes ..............

Click Fix Host on the right hand column under Options

Rescan with DDS and RogueKiller, post the new logs.

MrC

Link to post
Share on other sites

Dear MrC,

 

Thank you for your patience.

 

I believe I have done as you requested concerning the software. Please do inform me I have omitted something and I shall correct it immediately.

 

I am posting 4 logs in the following order: the first RogueKiller scan, the second RogueKiller scan (post Fix Host), dds.txt & attach.txt:

 

RogueKiller V8.8.4 _x64_ [Jan 27 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : crazyness [Admin rights]
Mode : Scan -- Date : 01/29/2014 18:37:00
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[sUSP PATH][DLL] rundll32.exe -- C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll [7] -> rundll32.exe KILLED [TermProc]
 
¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : BackgroundContainer ("C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][7][x]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-2325383642-1778774376-3964343246-1001\[...]\Run : BackgroundContainer ("C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][7][x]) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][sUSP PATH] BackgroundContainer Startup Task : "C:\Windows\SysWOW64\Rundll32.exe" - "C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][7][x] -> FOUND
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST950042 0AS SCSI Disk Device +++++
--- User ---
[MBR] 639965790f062b0e5b59430c03da908f
[bSP] 81162043a2d0535271a054b8b6fd6ee1 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Incorrect function. )
 
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST950032 5AS SCSI Disk Device +++++
--- User ---
[MBR] aa538b97611fff9258fe449579819418
[bSP] 4b9e80c08c4dac71a4652fd2781e3c87 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476938 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Incorrect function. )
 
Finished : << RKreport[0]_S_01292014_183700.txt >>
 
 
 
RogueKiller V8.8.4 _x64_ [Jan 27 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : crazyness [Admin rights]
Mode : HOSTSFix -- Date : 01/29/2014 18:37:13
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[sUSP PATH][DLL] rundll32.exe -- C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll [7] -> rundll32.exe KILLED [TermProc]
 
¤¤¤ Registry Entries : 0 ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
 
 
¤¤¤ Reset HOSTS: ¤¤¤
127.0.0.1 localhost
 
 
Finished : << RKreport[0]_H_01292014_183713.txt >>
RKreport[0]_S_01292014_183700.txt
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
Run by crazyness at 18:38:00 on 2014-01-29
Microsoft Windows 7 NVIDIA 2010   6.1.7601.1.1252.49.1033.18.4094.2088 [GMT 4:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Protector Suite\upeksvr.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Chicony\GameKeys\MODPS2KEY.EXE
C:\Program Files (x86)\PenWes\penwes.exe
C:\Windows\BisonCam\BisonHK.exe
C:\Windows\BisonCam\DeLay.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Protector Suite\psqltray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Chicony\GameKeys\Driver\ZGKY.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvMon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Penwes\PenwesService.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\crazyness\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\crazyness\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\crazyness\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
uURLSearchHooks: {6edc3889-b841-4127-a2bf-c5fc48f972c7} - <orphaned>
uURLSearchHooks: {f16708b8-d2df-482d-9dfa-aa8d8894f0f4} - <orphaned>
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
BHO: MathPlayer BrowserHelperObject Class: {32F66A28-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathPlayerBHO.dll
BHO: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - <orphaned>
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>
TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
TB: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [Google Update] "C:\Users\crazyness\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "C:\Users\crazyness\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [backgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [LchGKey] C:\Program Files (x86)\Chicony\GameKeys\LchGKey.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Clarus Drive Manager] C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
dRun: [Welcome Center] C:\Windows\System32\rundll32.exe C:\Windows\System32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
dRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~1.LNK - C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
uPolicies-Explorer: NoResolveTrack = dword:1
uPolicies-Explorer: NoSMBalloonTip = dword:1
uPolicies-Explorer: NoThumbnailCache = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoSMBalloonTip = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to iPhone Converter - C:\Users\crazyness\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm
IE: Free YouTube to iPod Converter - C:\Users\crazyness\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
LSP: C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: NameServer = 94.243.129.130 94.243.128.130 192.168.1.1
TCP: Interfaces\{1189A897-816E-40C1-AEC2-42476DFF7F3B} : NameServer = 127.0.0.1
TCP: Interfaces\{1189A897-816E-40C1-AEC2-42476DFF7F3B} : DHCPNameServer = 94.243.129.130 94.243.128.130 192.168.1.1
TCP: Interfaces\{1189A897-816E-40C1-AEC2-42476DFF7F3B}\2656C6B696E6E233666683 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{1189A897-816E-40C1-AEC2-42476DFF7F3B}\37E61696C637F65707F2F277563747 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{85CEB121-8140-4C0E-A0F8-A7127822D511} : NameServer = 127.0.0.1
TCP: Interfaces\{85CEB121-8140-4C0E-A0F8-A7127822D511} : DHCPNameServer = 10.173.192.1
TCP: Interfaces\{AE9137F2-A674-497C-8F7B-55C379EB9FC2} : DHCPNameServer = 10.111.81.129 10.129.32.1
TCP: Interfaces\{F0C6BF65-64F8-4362-B6EC-AA7751B07C4A} : DHCPNameServer = 10.111.81.129 10.129.32.1
Filter: application/xhtml+xml - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: psfus - <no file>
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli C:\Program Files\Protector Suite\psqlpwd.dll
x64-BHO: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - 
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - 
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - 
x64-Run: [PSQLLauncher] "C:\Program Files\Protector Suite\launcher.exe" /startup
x64-Run: [bisonHK] C:\Windows\BisonCam\BisonHK.exe
x64-Run: [DeLay] C:\Windows\BisonCam\DeLay.exe
x64-Run: [LchGKey] C:\Program Files (x86)\Chicony\GameKeys\LchGKey.exe
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Filter: application/xhtml+xml - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: psfus - C:\Program Files\Protector Suite\psqlpwd.dll
x64-SSODL: WebCheck - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll
FF - component: C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\extensions\passwordbank@upek.com\components\pbgk1_91.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Users\crazyness\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll
FF - plugin: C:\Users\crazyness\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\crazyness\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Users\crazyness\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\crazyness\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll
FF - plugin: C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: 2049-12-31 18:00; {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}; C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-25 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-11-1 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-6 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-5 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-11-1 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2009-9-8 87600]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-12 3478544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-27 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-24 15129376]
R2 PenWesController;Penwes.com Service;C:\Program Files (x86)\PenWes\PenWesService.exe [2014-1-25 1514496]
R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2013-9-29 106472]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-12-25 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 SZDrvSvc;Samsung Drive Manager Service;C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [2013-11-26 19456]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-1-29 5341536]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2014-1-21 173656]
R3 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2014-1-21 26208]
R3 mdf16;mdf16;C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [2013-11-26 20400]
R3 mvd23;mvd23;C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [2013-11-26 99248]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-27 39200]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2012-12-1 31232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 avmeject;AVM Eject;C:\Windows\System32\drivers\avmeject.sys [2010-10-22 14120]
S3 FWLANUSB;AVM FRITZ!WLAN;C:\Windows\System32\drivers\fwlanusb.sys [2010-10-22 460800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-16 111616]
S3 KoneFltr;ROCCAT Kone;C:\Windows\System32\drivers\Kone.sys [2010-12-25 15488]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-11 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-28 19456]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2014-1-20 16152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-28 57856]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-12-1 745368]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-25 1255736]
.
=============== File Associations ===============
.
FileExt: .reg: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
.txt: <filetype is not registered>
.js: <filetype is not registered>
.
=============== Created Last 30 ================
.
2014-01-29 14:30:27 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-01-29 14:30:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-28 21:36:15 -------- d-----w- C:\Users\crazyness\AppData\Local\CrashDumps
2014-01-27 16:56:07 -------- d-----w- C:\Users\crazyness\AppData\Local\NVIDIA Corporation
2014-01-27 16:51:09 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-01-27 16:51:05 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-01-26 20:31:12 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-26 20:29:08 0 ----a-w- C:\Windows\SysWow64\RENB1D6.tmp
2014-01-26 20:29:08 0 ----a-w- C:\Windows\SysWow64\RENB1D5.tmp
2014-01-26 14:03:08 -------- d-----w- C:\Users\crazyness\AppData\Local\Clarus
2014-01-26 12:49:59 -------- d-----w- C:\Users\crazyness\AppData\Local\TSVNCache
2014-01-26 12:47:27 -------- d-----w- C:\Users\crazyness\AppData\Roaming\TortoiseSVN
2014-01-26 12:44:00 -------- d-----w- C:\Users\crazyness\AppData\Roaming\Subversion
2014-01-26 12:26:08 -------- d-----w- C:\Program Files (x86)\Common Files\TortoiseOverlays
2014-01-26 12:26:02 -------- d-----w- C:\Program Files\Common Files\TortoiseOverlays
2014-01-26 12:25:56 -------- d-----w- C:\Program Files\TortoiseSVN
2014-01-26 12:01:07 -------- d-----w- C:\Users\crazyness\AppData\Local\HonorbuddyMeshes
2014-01-25 09:28:40 202240 ----a-w- C:\Users\crazyness\AppData\Local\Keygenerator.exe
2014-01-25 09:28:38 -------- d-----w- C:\ProgramData\Penwes
2014-01-25 09:28:37 -------- d-----w- C:\Program Files (x86)\PenWes
2014-01-25 08:27:57 -------- d-----w- C:\Users\crazyness\AppData\Local\NVIDIA
2014-01-24 11:45:36 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-01-24 11:45:36 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-01-24 11:42:28 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2014-01-24 11:42:05 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-01-24 11:42:05 6669600 ----a-w- C:\Windows\System32\nvcpl.dll
2014-01-24 11:42:05 63776 ----a-w- C:\Windows\System32\nvshext.dll
2014-01-24 11:42:05 3489568 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-01-24 11:42:05 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-01-24 11:42:05 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2014-01-24 11:41:09 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2014-01-24 11:41:09 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-01-24 11:40:12 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2014-01-24 11:37:53 3067560 ----a-w- C:\Windows\System32\nvapi64.dll
2014-01-24 11:37:53 2695200 ----a-w- C:\Windows\SysWow64\nvapi.dll
2014-01-24 11:37:53 25257248 ----a-w- C:\Windows\System32\nvcompiler.dll
2014-01-24 11:37:53 17560352 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2014-01-23 19:26:20 -------- d-----w- C:\Users\crazyness\AppData\Local\WindowsApplication1
2014-01-23 14:31:55 -------- d-----w- C:\Users\crazyness\AppData\Roaming\Malwarebytes
2014-01-23 14:31:39 -------- d-----w- C:\ProgramData\Malwarebytes
2014-01-23 14:20:59 -------- d-----w- C:\Windows\SysWow64\directx
2014-01-23 14:19:56 -------- d-----w- C:\Program Files (x86)\MSI Afterburner
2014-01-21 11:36:43 -------- d-----w- C:\Windows\SysWow64\drivers\da-DK
2014-01-21 11:36:33 -------- d-----w- C:\Windows\SysWow64\da
2014-01-21 11:36:32 -------- d-----w- C:\Windows\SysWow64\wbem\da-DK
2014-01-21 11:36:31 -------- d-----w- C:\Windows\da-DK
2014-01-21 11:36:30 -------- d-----w- C:\Windows\System32\drivers\UMDF\da-DK
2014-01-21 11:36:30 -------- d-----w- C:\Windows\System32\drivers\da-DK
2014-01-21 11:36:13 -------- d-----w- C:\Windows\System32\da
2014-01-21 11:36:12 -------- d-----w- C:\Windows\System32\wbem\da-DK
2014-01-21 11:14:38 6144 ----a-w- C:\Windows\System32\drivers\da-DK\rdvgkmd.sys.mui
2014-01-21 11:14:38 2560 ----a-w- C:\Windows\System32\drivers\da-DK\rdpwd.sys.mui
2014-01-21 11:14:37 2560 ----a-w- C:\Windows\System32\drivers\da-DK\serscan.sys.mui
2014-01-21 11:14:35 8192 ----a-w- C:\Windows\System32\drivers\da-DK\tunnel.sys.mui
2014-01-21 11:14:35 4096 ----a-w- C:\Windows\System32\drivers\da-DK\tsusbhub.sys.mui
2014-01-21 11:14:35 3584 ----a-w- C:\Windows\System32\drivers\da-DK\tsusbflt.sys.mui
2014-01-21 11:14:34 24576 ----a-w- C:\Windows\System32\drivers\da-DK\usbport.sys.mui
2014-01-21 11:14:34 11776 ----a-w- C:\Windows\System32\drivers\da-DK\usbhub.sys.mui
2014-01-21 11:14:26 9728 ----a-w- C:\Windows\System32\drivers\da-DK\battc.sys.mui
2014-01-21 11:12:58 35840 ----a-w- C:\Windows\System32\drivers\da-DK\http.sys.mui
2014-01-21 11:08:56 -------- d-----w- C:\Windows\SysWow64\cs
2014-01-21 11:08:45 -------- d-----w- C:\Windows\SysWow64\drivers\cs-CZ
2014-01-21 11:08:44 -------- d-----w- C:\Windows\SysWow64\wbem\cs-CZ
2014-01-21 11:08:44 -------- d-----w- C:\Windows\cs-CZ
2014-01-21 11:08:42 -------- d-----w- C:\Windows\System32\cs
2014-01-21 11:08:27 -------- d-----w- C:\Windows\System32\drivers\UMDF\cs-CZ
2014-01-21 11:08:27 -------- d-----w- C:\Windows\System32\drivers\cs-CZ
2014-01-21 11:08:23 -------- d-----w- C:\Windows\System32\wbem\cs-CZ
2014-01-21 10:47:42 6656 ----a-w- C:\Windows\System32\drivers\cs-CZ\rdvgkmd.sys.mui
2014-01-21 10:47:41 2560 ----a-w- C:\Windows\System32\drivers\cs-CZ\rdpwd.sys.mui
2014-01-21 10:47:37 9216 ----a-w- C:\Windows\System32\drivers\cs-CZ\tunnel.sys.mui
2014-01-21 10:47:37 4096 ----a-w- C:\Windows\System32\drivers\cs-CZ\tsusbhub.sys.mui
2014-01-21 10:47:37 3584 ----a-w- C:\Windows\System32\drivers\cs-CZ\tsusbflt.sys.mui
2014-01-21 10:47:37 2560 ----a-w- C:\Windows\System32\drivers\cs-CZ\UAGP35.SYS.mui
2014-01-21 10:47:37 25088 ----a-w- C:\Windows\System32\drivers\cs-CZ\usbport.sys.mui
2014-01-21 10:47:32 9728 ----a-w- C:\Windows\System32\drivers\cs-CZ\battc.sys.mui
2014-01-21 10:47:31 4608 ----a-w- C:\Windows\System32\drivers\cs-CZ\kbdclass.sys.mui
2014-01-21 10:47:31 3072 ----a-w- C:\Windows\System32\drivers\cs-CZ\GAGP30KX.SYS.mui
2014-01-21 10:47:31 2560 ----a-w- C:\Windows\System32\drivers\cs-CZ\kbdhid.sys.mui
2014-01-21 10:45:59 61440 ----a-w- C:\Windows\System32\drivers\cs-CZ\ntfs.sys.mui
2014-01-21 10:43:16 -------- d-----w- C:\Windows\lv-LV
2014-01-21 10:43:06 -------- d-----w- C:\Windows\SysWow64\wbem\lv-LV
2014-01-21 10:43:06 -------- d-----w- C:\Windows\SysWow64\drivers\lv-LV
2014-01-21 10:43:01 -------- d-----w- C:\Windows\System32\wbem\lv-LV
2014-01-21 10:43:01 -------- d-----w- C:\Windows\System32\drivers\lv-LV
2014-01-21 10:30:31 2560 ----a-w- C:\Windows\System32\drivers\lv-LV\scfilter.sys.mui
2014-01-21 10:29:40 3584 ----a-w- C:\Windows\System32\drivers\lv-LV\portcls.sys.mui
2014-01-21 10:29:40 2560 ----a-w- C:\Windows\System32\drivers\lv-LV\serscan.sys.mui
2014-01-21 10:29:36 3072 ----a-w- C:\Windows\System32\drivers\lv-LV\ataport.sys.mui
2014-01-21 10:29:36 2048 ----a-w- C:\Windows\System32\drivers\lv-LV\amdide.sys.mui
2014-01-21 10:29:31 47616 ----a-w- C:\Windows\System32\drivers\lv-LV\tcpip.sys.mui
2014-01-21 10:28:56 7168 ----a-w- C:\Windows\System32\drivers\lv-LV\bthport.sys.mui
2014-01-21 10:28:56 3072 ----a-w- C:\Windows\System32\drivers\lv-LV\hidbth.sys.mui
2014-01-21 10:28:56 2560 ----a-w- C:\Windows\System32\drivers\lv-LV\BTHUSB.SYS.mui
2014-01-21 10:28:56 2048 ----a-w- C:\Windows\System32\drivers\lv-LV\bthenum.sys.mui
2014-01-20 23:26:26 -------- d-----w- C:\Users\crazyness\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
2014-01-20 23:24:31 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2014-01-20 22:13:14 -------- d-----w- C:\Users\crazyness\AppData\Roaming\MechCAD
2014-01-20 21:27:31 -------- d-----w- C:\Program Files\Realtek
2014-01-20 21:25:59 2036992 ----a-w- C:\Windows\System32\MaxxAudioEQ64.dll
2014-01-20 21:25:53 790272 ----a-w- C:\Windows\SysWow64\MaxxAudioAPOShell.dll
2014-01-20 21:25:53 1012992 ----a-w- C:\Windows\System32\MaxxAudioAPOShell64.dll
2014-01-20 21:25:52 663296 ----a-w- C:\Windows\System32\MaxxAudioAPO30.dll
2014-01-20 21:25:52 318808 ----a-w- C:\Windows\System32\MaxxAudioAPO20.dll
2014-01-20 21:25:52 1345280 ----a-w- C:\Windows\System32\MaxxAudioAPO5064.dll
2014-01-20 21:25:52 1084160 ----a-w- C:\Windows\System32\MaxxAudioAPO4064.dll
2014-01-20 21:25:50 603984 ----a-w- C:\Windows\System32\KAAPORT64.dll
2014-01-20 21:23:47 605496 ----a-w- C:\Windows\System32\audioLibVc.dll
2014-01-20 21:23:46 209096 ----a-w- C:\Windows\System32\AERTAC64.dll
2014-01-20 21:23:46 109848 ----a-w- C:\Windows\System32\AcpiServiceVnA64.dll
2014-01-20 21:23:46 108640 ----a-w- C:\Windows\System32\AERTAR64.dll
2014-01-20 21:22:54 2080472 ----a-w- C:\Windows\RtlExUpd.dll
2014-01-20 21:06:50 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-01-20 21:06:50 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-01-20 21:06:49 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-01-20 21:06:48 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-01-20 20:56:44 -------- d-----w- C:\Windows\Migration
2014-01-20 20:49:40 1930752 ----a-w- C:\Windows\System32\authui.dll
2014-01-20 20:49:40 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2014-01-20 20:49:36 197120 ----a-w- C:\Windows\System32\credui.dll
2014-01-20 20:49:36 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2014-01-20 20:49:36 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2014-01-20 20:49:36 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2014-01-20 20:46:15 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2014-01-20 20:46:15 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2014-01-20 20:46:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-01-20 20:45:41 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-01-20 20:45:41 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-01-20 20:27:04 26208 ----a-w- C:\Windows\System32\drivers\johci.sys
2014-01-20 20:24:58 -------- d-----w- C:\Windows\SysWow64\SDA
2014-01-20 20:24:53 203352 ----a-w- C:\Windows\SysWow64\jmcricon.dll
2014-01-20 20:24:53 203352 ----a-w- C:\Windows\System32\jmcricon.dll
2014-01-20 20:24:53 173656 ----a-w- C:\Windows\System32\drivers\jmcr.sys
2014-01-20 19:31:15 16152 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
2014-01-15 11:50:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 11:50:15 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-15 11:50:15 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-15 11:50:15 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-15 11:50:15 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-15 11:50:15 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 11:50:15 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-15 11:50:14 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-10 21:18:25 -------- d-----w- C:\Users\crazyness\AppData\Local\Blizzard Entertainment
2014-01-09 12:11:58 -------- d-----w- C:\ProgramData\BioWare
2014-01-09 11:53:01 -------- d-----w- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-12-30 16:29:10 -------- d-----w- C:\Users\crazyness\AppData\Roaming\Synthesia
.
==================== Find3M  ====================
.
2014-01-07 16:55:14 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-01-07 16:55:14 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-01-07 16:54:47 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-12-13 14:12:45 0 ----a-w- C:\Windows\SysWow64\RENE082.tmp
2013-12-13 14:12:45 0 ----a-w- C:\Windows\SysWow64\RENE081.tmp
2013-12-11 19:06:03 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 19:06:03 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-11 19:05:53 9293192 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-11-07 16:21:03 88480 ----a-w- C:\Windows\System32\drivers\atksgt.sys
2013-11-07 16:21:03 46400 ----a-w- C:\Windows\System32\drivers\lirsgt.sys
2013-11-05 21:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2013-11-04 21:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-10-31 23:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-10-31 22:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2006-05-03 11:06:54 163328 --sha-r- C:\Windows\SysWOW64\flvDX.dll
2007-02-21 12:47:16 31232 --sha-r- C:\Windows\SysWOW64\msfDX.dll
2008-03-16 14:30:52 216064 --sha-r- C:\Windows\SysWOW64\nbDX.dll
.
============= FINISH: 18:40:14,35 ===============
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 NVIDIA 2010 
Boot Device: \Device\HarddiskVolume1
Install Date: 25.12.2010 01:23:48
System Uptime: 29.01.2014 18:25:29 (0 hours ago)
.
Motherboard: CLEVO            |  | M980NU          
Processor: Intel® Core2 Quad  CPU   Q9000  @ 2.00GHz | Socket 479 | 2001/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 158,447 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 366,595 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP390: 25.01.2014 12:51:01 - Restore Operation
RP391: 26.01.2014 16:23:09 - Installed TortoiseSVN 1.8.4.24972 (64 bit)
RP392: 27.01.2014 00:25:00 - Installed Java 7 Update 51
RP393: 27.01.2014 20:56:18 - Installed DirectX
RP394: 28.01.2014 21:54:09 - Removed Adobe Acrobat XI Pro.
RP395: 29.01.2014 15:08:49 - Removed Dragon NaturallySpeaking 11.
RP396: 29.01.2014 15:24:21 - Removed DriverUpdate
RP397: 29.01.2014 15:29:09 - Entfernt Empire Earth
RP398: 29.01.2014 15:36:40 - Removed FixCleaner
RP399: 29.01.2014 16:05:49 - Removed inSSIDer Office
RP400: 29.01.2014 16:09:18 - Removed inSSIDer 3
RP401: 29.01.2014 16:14:28 - Removed Microsoft Office Enterprise 2007
RP402: 29.01.2014 16:28:20 - Removed Microsoft Office File Validation Add-In
RP403: 29.01.2014 17:01:08 - Removed Pivot Stickfigure Animator
RP404: 29.01.2014 17:06:59 - Wallpaper Changer
RP405: 29.01.2014 17:08:02 - Removed Windows Movie Maker 2.6
RP406: 29.01.2014 17:56:28 - Removed Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64).
.
==== Installed Programs ======================
.
7-Zip 9.20
ABBYY FineReader 6.0 Sprint
ABBYY FineReader 9.0 Sprint
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Reader X (10.1.9) - Deutsch
Amazon Kindle
Apple Application Support
Apple Mobile Device Support
Apple Software Update
µTorrent
Audacity 1.3.13 (Unicode)
AutoHotkey 1.1.13.01
AVG 2014
AVM FRITZ!WLAN
Battlefield 3™
Battlefield Heroes
BisonCam
Bonjour
BulletStorm
bwin Download Casino
bwin Poker 1.0.0
calibre
Call of Duty: Black Ops - Multiplayer
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
CamStudio
Cheat Engine 6.0
Citrix Online Plug-in - Web
Citrix Online Plug-in (DV)
Citrix Online Plug-in (HDX)
Citrix Online Plug-in (USB)
Citrix Online Plug-in (Web)
Copywhiz 4.0
Core Temp 1.0 RC3
Counter-Strike: Global Offensive
Counter-Strike: Source
Crysis® 2
Dota 2
Dropbox
Druckerdeinstallation für EPSON SX125 Series
DVD Shrink 3.2 deutsch (DeCSS-frei)
EA SPORTS Game Face Browser Plugin 1.5.3.0
EAX Unified
Epson Easy Photo Print 2
Epson Event Manager
EPSON Scan
Epson Stylus SX210_SX410_TX210_TX410 Handbuch
EPSON SX210 Series Printer Uninstall
Facebook Messenger 2.1.4814.0
Facebook Video Calling 2.0.0.447
Fences
FIFA 14
Free Audio CD Burner version 2.0.22.128
Free Audio CD to MP3 Converter version 1.3.12.1228
Free Disc Burner version 3.0.18.128
Free DVD Video Burner version 3.2.6.128
Free DVD Video Converter version 2.0.13.128
Free Video to iPhone Converter version 5.0.22.128
Full Tilt Poker
GameCenter
Gaming Keyboard Driver
GeForce Experience NvStream Client Components
GOM Player
Google Chrome
Google Earth Plug-in
Google Update Helper
GRID 2
HandBrake 0.9.8
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973)
HyperCam 2
iCloud
ImgBurn
inSSIDer 3
iTunes
Java 7 Update 51
Java Auto Updater
JavaFX 2.1.0
JDownloader 0.9
JMicron 1394 Filter Driver
JMicron Flash Media Controller Driver
League of Legends
LOLReplay
Malwarebytes Anti-Malware version 1.75.0.1300
MathPlayer
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (DEU)
Microsoft .NET Framework 4.5.1 (Deutsch)
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Help Viewer 1.1
Microsoft Help Viewer 1.1 Language Pack - DEU
Microsoft Silverlight
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 DEU
Microsoft SQL Server Compact 3.5 SP2 x64 DEU
Microsoft SQL Server System CLR Types
Microsoft Visual Basic 2010 Express - DEU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
Microsoft WSE 3.0 Runtime
Microsoft Xbox 360 Accessories 1.2
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MobileMe Control Panel
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSI Afterburner 2.3.1
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser und SDK
MSXML4 Parser
NVIDIA 3D Vision Driver 331.65
NVIDIA Control Panel 331.65
NVIDIA GeForce Experience 1.8.1
NVIDIA Graphics Driver 331.65
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.11.15
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 10.11.15
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.19
OpenAL
OpenOffice.org 3.2
Origin
Pando Media Booster
PenWes [10863]
Plus500
PokerStars.eu
Pop Drop and Stack Championship
Protector Suite 2009
PunkBuster Services
QuickTime
Rapture3D 2.4.9 Game
Razer Game Booster
Realtek High Definition Audio Driver
Recuva
ROCCAT Kone[+] Mouse Driver
Rockstar Games Social Club
Safari
Samsung Drive Manager
SHIELD Streaming
Skype Click to Call
Skype™ 6.11
SopCast 3.4.0
SpeedFan (remove only)
Spybot - Search & Destroy
Steam
System Requirements Lab
TeamSpeak 3 Client
TeamViewer 9
TechPowerUp GPU-Z
TortoiseSVN 1.8.4.24972 (64 bit)
Tunngle beta
Ubisoft Game Launcher
Unity Web Player
uTorrentBar Toolbar
v2011.build.46
Veetle TV
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player 2.1.2
Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB  (04/21/2011 01.0.0.0)
Windows Driver Package - Intel (NETwLv64) net  (08/15/2010 13.3.0.137)
Windows Driver Package - Intel (NETwNs64) net  (07/14/2010 13.3.0.24)
Windows Live ID Sign-in Assistant
WinRAR
WinX Free DVD Ripper 4.5.11
World of Warcraft
Xfire (remove only)
XviD MPEG-4 Video Codec
.
==== Event Viewer Messages From Past Week ========
.
29.01.2014 18:30:10, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The system cannot find the path specified.
29.01.2014 18:28:04, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  uGuru
29.01.2014 18:27:37, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the ForceWare Intelligent Application Manager (IAM) service to connect.
29.01.2014 18:27:37, Error: Service Control Manager [7000]  - The ForceWare Intelligent Application Manager (IAM) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
29.01.2014 17:46:03, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
29.01.2014 17:40:58, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
29.01.2014 17:40:58, Error: Service Control Manager [7000]  - The SBSD Security Center Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
29.01.2014 15:48:03, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the TeamViewer 9 service to connect.
29.01.2014 15:48:03, Error: Service Control Manager [7000]  - The TeamViewer 9 service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
29.01.2014 02:07:28, Error: Service Control Manager [7043]  - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.
29.01.2014 01:35:09, Error: Service Control Manager [7034]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 3 time(s).
29.01.2014 01:35:09, Error: Service Control Manager [7034]  - The Superfetch service terminated unexpectedly.  It has done this 3 time(s).
29.01.2014 01:35:09, Error: Service Control Manager [7034]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 3 time(s).
29.01.2014 01:35:09, Error: Service Control Manager [7034]  - The Offline Files service terminated unexpectedly.  It has done this 3 time(s).
29.01.2014 01:35:09, Error: Service Control Manager [7034]  - The Network Connections service terminated unexpectedly.  It has done this 3 time(s).
29.01.2014 01:35:09, Error: Service Control Manager [7034]  - The HomeGroup Listener service terminated unexpectedly.  It has done this 3 time(s).
29.01.2014 01:35:09, Error: Service Control Manager [7034]  - The Distributed Link Tracking Client service terminated unexpectedly.  It has done this 3 time(s).
29.01.2014 01:35:09, Error: Service Control Manager [7034]  - The Diagnostic System Host service terminated unexpectedly.  It has done this 1 time(s).
29.01.2014 01:35:09, Error: Service Control Manager [7031]  - The WLAN AutoConfig service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
29.01.2014 01:35:09, Error: Service Control Manager [7031]  - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
29.01.2014 01:35:09, Error: Service Control Manager [7031]  - The Human Interface Device Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
29.01.2014 01:35:09, Error: Service Control Manager [7031]  - The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
29.01.2014 00:54:46, Error: Service Control Manager [7031]  - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
29.01.2014 00:54:46, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
29.01.2014 00:54:46, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
29.01.2014 00:54:46, Error: Service Control Manager [7031]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
29.01.2014 00:54:46, Error: Service Control Manager [7031]  - The Offline Files service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
29.01.2014 00:54:46, Error: Service Control Manager [7031]  - The Network Connections service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
29.01.2014 00:54:46, Error: Service Control Manager [7031]  - The Human Interface Device Access service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
29.01.2014 00:54:46, Error: Service Control Manager [7031]  - The HomeGroup Listener service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
29.01.2014 00:54:46, Error: Service Control Manager [7031]  - The Distributed Link Tracking Client service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
29.01.2014 00:54:46, Error: Service Control Manager [7031]  - The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
29.01.2014 00:43:20, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
29.01.2014 00:43:20, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
29.01.2014 00:43:20, Error: Service Control Manager [7031]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
29.01.2014 00:43:20, Error: Service Control Manager [7031]  - The Offline Files service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
29.01.2014 00:43:20, Error: Service Control Manager [7031]  - The Network Connections service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
29.01.2014 00:43:20, Error: Service Control Manager [7031]  - The HomeGroup Listener service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
29.01.2014 00:43:20, Error: Service Control Manager [7031]  - The Distributed Link Tracking Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 20:17:53, Error: Service Control Manager [7031]  - The WLAN AutoConfig service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
28.01.2014 16:49:44, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the WLAN AutoConfig service, but this action failed with the following error:  An instance of the service is already running.
28.01.2014 16:12:44, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:  An instance of the service is already running.
28.01.2014 16:12:44, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error:  An instance of the service is already running.
28.01.2014 16:12:44, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Extensible Authentication Protocol service, but this action failed with the following error:  An instance of the service is already running.
28.01.2014 16:12:44, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error:  An instance of the service is already running.
28.01.2014 16:11:44, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:  An instance of the service is already running.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The User Profile Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Task Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The IP Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Extensible Authentication Protocol service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Computer Browser service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Certificate Propagation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Background Intelligent Transfer Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
28.01.2014 16:10:44, Error: Service Control Manager [7031]  - The Application Experience service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
27.01.2014 20:53:06, Error: Service Control Manager [7034]  - The Expat Shield Monitoring Service service terminated unexpectedly.  It has done this 1 time(s).
27.01.2014 20:52:10, Error: Service Control Manager [7034]  - The Expat Shield Routing Service service terminated unexpectedly.  It has done this 1 time(s).
27.01.2014 19:38:13, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Program Compatibility Assistant Service service, but this action failed with the following error:  An instance of the service is already running.
27.01.2014 18:28:26, Error: NetBT [4311]  - Initialization failed because the driver device could not be created. Use the string "00806494DFDA" to identify the interface for which initialization failed. It represents the MAC address of the failed interface or the  Globally Unique Interface Identifier (GUID) if NetBT was unable to  map from GUID to MAC address. If neither the MAC address nor the GUID were  available, the string represents a cluster device name. 
27.01.2014 14:08:42, Error: NetBT [4311]  - Initialization failed because the driver device could not be created. Use the string "00216A1FFA23" to identify the interface for which initialization failed. It represents the MAC address of the failed interface or the  Globally Unique Interface Identifier (GUID) if NetBT was unable to  map from GUID to MAC address. If neither the MAC address nor the GUID were  available, the string represents a cluster device name. 
27.01.2014 14:08:33, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000116 (0xfffffa8008388180, 0xfffff8800fc0e074, 0xffffffffc000009a, 0x0000000000000004). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012714-58656-01.
27.01.2014 11:07:19, Error: Service Control Manager [7034]  - The NVIDIA Streamer Service service terminated unexpectedly.  It has done this 1 time(s).
27.01.2014 11:04:06, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000117 (0xfffffa80087404e0, 0xfffff8800f422034, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\Minidump\012714-49046-01.dmp. Report Id: 012714-49046-01.
26.01.2014 01:43:45, Error: Service Control Manager [7023]  - The Windows Time service terminated with the following error:  A system shutdown is in progress.
25.01.2014 13:07:12, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy13.
25.01.2014 12:48:21, Error: VDS Basic Provider [1]  - Unexpected failure. Error code: 490@01010004
24.01.2014 03:23:08, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:23:06, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
24.01.2014 03:23:06, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
24.01.2014 03:23:02, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
24.01.2014 03:23:02, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
24.01.2014 03:23:00, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
24.01.2014 03:22:52, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
24.01.2014 03:22:34, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD Avgdiska AVGIDSDriver Avgldx64 Avgtdia CSC ctxusbm DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx uGuru VWiFiFlt Wanarpv6 WfpLwf
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The Expat Shield Service service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
24.01.2014 03:22:34, Error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  A device attached to the system is not functioning.
24.01.2014 03:22:03, Error: sptd [4]  - Driver detected an internal error in its data structures for .
23.01.2014 23:19:24, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
23.01.2014 23:19:24, Error: Service Control Manager [7000]  - The Apple Mobile Device service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
23.01.2014 18:41:43, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
22.01.2014 22:37:26, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000116 (0xfffffa80092db170, 0xfffff8800f352e64, 0x0000000000000000, 0x000000000000000d). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012214-445507-01.
22.01.2014 22:35:10, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
22.01.2014 22:32:59, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the IPsec Policy Agent service to connect.
22.01.2014 22:32:59, Error: Service Control Manager [7000]  - The IPsec Policy Agent service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
22.01.2014 03:00:45, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2.
22.01.2014 02:03:17, Error: Service Control Manager [7022]  - The Server service hung on starting.
22.01.2014 01:44:17, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
22.01.2014 01:21:13, Error: nvstor64 [3]  - Data error on device.    Device: \Device\RaidPort0  Model: ST9500420AS  Firmware Version: 0002  Serial Number:             5VJ0746R  Port: 2
.
==== End Of File ===========================
 
 
Thank you again,
 
Yours sincerely,
Mark
Link to post
Share on other sites

Please start with this procedure:

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a FULL Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

MrC

Link to post
Share on other sites

Dear MrC,

 

Thank you for the prompt reply.

 

I am attempting to do as you requested; however, as I have a large computer hard drive it takes some time and so far I was forced to restart my computer (due to persistent display driver problems) before the completion of any tests.

 

Please bear with me while I attempt to complete a scan.

 

Yours sincerely,

Mark

Link to post
Share on other sites

Dear MrC,

 

I am back on my computer having restored all items quarantined by malwarebytes.

 

I am unsure if you still require the previous reports due to the change in circumstances; however, will still post them below. (There are two Malwarebytes reports)

 

Thank you again for your continued help!

 

# AdwCleaner v3.010 - Report created 29/01/2014 at 21:31:43
# Updated 20/10/2013 by Xplode
# Operating System : Windows Seven Black Edition Service Pack 1 (64 bits)
# Username : crazyness - CRAZYNESS-PC
# Running from : C:\Users\crazyness\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\MyPC Backup 
Folder Deleted : C:\Program Files (x86)\uTorrentBar
Folder Deleted : C:\Users\crazyness\AppData\Local\apn
Folder Deleted : C:\Users\crazyness\AppData\Local\Conduit
Folder Deleted : C:\Users\crazyness\AppData\Local\torch
Folder Deleted : C:\Users\CRAZYN~1\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\CRAZYN~1\AppData\Local\Temp\CT1561552
Folder Deleted : C:\Users\CRAZYN~1\AppData\Local\Temp\CT2707060
Folder Deleted : C:\Users\crazyness\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\crazyness\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\crazyness\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\crazyness\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\crazyness\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\crazyness\AppData\LocalLow\uTorrentBar
Folder Deleted : C:\Users\Mama\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Mama\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\Extensions\engine@conduit.com
Folder Deleted : C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
Folder Deleted : C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\Extensions\{f16708b8-d2df-482d-9dfa-aa8d8894f0f4}
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
File Deleted : C:\Users\CRAZYN~1\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\foxydeal.sqlite
File Deleted : C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\invalidprefs.js
File Deleted : C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\searchplugins\Askcom.xml
File Deleted : C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitUninstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitUninstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2707060
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2765711
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2770693
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_sopcast_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_sopcast_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hypercam_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hypercam_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{50E961AD-53B3-419F-8AB5-50C57C67647C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50E961AD-53B3-419F-8AB5-50C57C67647C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{50E961AD-53B3-419F-8AB5-50C57C67647C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3591E92-D6A1-4F17-A42D-B72F30A68A3E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0A9BA2E7-82CC-4659-B6FE-24C9A05FB3DB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9025A305-7A53-4123-BB19-50B7F54CE303}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\eRightSoft\OpenCandy
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [searchAssistant]
 
-\\ Mozilla Firefox v26.0 (en-US)
 
[ File : C:\Users\crazyness\AppData\Roaming\Mozilla\Firefox\Profiles\iiroa5l2.default\prefs.js ]
 
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.enabledAddons", "battlefieldheroespatcher%40ea.com:5.0.196.0,DivXWebPlayer%40divx.com:2.0.2.039,ich%40maltegoetz.de:1.5.5,personas%40christopher.beard:1.7.3,%7B37E4D8EA-8BDA-4831[...]
Line Deleted : user_pref("extensions.facemoods.aflt", "_#ddr");
Line Deleted : user_pref("extensions.facemoods.firstRun", false);
Line Deleted : user_pref("extensions.facemoods.lastActv", "25");
 
[ File : C:\Users\Mama\AppData\Roaming\Mozilla\Firefox\Profiles\rkfi6okd.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\crazyness\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [17021 octets] - [29/01/2014 21:29:21]
AdwCleaner[s0].txt - [15610 octets] - [29/01/2014 21:31:43]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [15671 octets] ##########
 
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.29.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
crazyness :: CRAZYNESS-PC [administrator]
 
Protection: Enabled
 
30.01.2014 12:53:40
mbam-log-2014-01-30 (12-53-40).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 677520
Time elapsed: 2 hour(s), 48 minute(s), 48 second(s)
 
Memory Processes Detected: 1
C:\Program Files (x86)\PenWes\PenWesService.exe (PUP.Optional.PenWes.A) -> 2732 -> Delete on reboot.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 3
HKLM\SYSTEM\CurrentControlSet\Services\PenWesController (PUP.Optional.PenWes.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Penwes (PUP.Optional.PenWes.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\PENSEWEB (PUP.Optional.PenWes.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BackgroundContainer (PUP.Optional.Conduit) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun -> Quarantined and deleted successfully.
HKLM\SOFTWARE\PENSEWEB|AffID (PUP.Optional.PenWes.A) -> Data: 10863 -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 2
C:\ProgramData\Penwes (PUP.Optional.PenWes.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PenWes (PUP.Optional.PenWes.A) -> Delete on reboot.
 
Files Detected: 26
C:\Program Files (x86)\PenWes\PenWesService.exe (PUP.Optional.PenWes.A) -> Delete on reboot.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert0.dll.vir (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\uTorrentBar\uTorrentBarToolbarHelper.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\crazyness\AppData\Local\Conduit\CT2786678\uTorrentBarAutoUpdaterHelper.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\crazyness\AppData\Local\Temp\tbAF-0.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Users\crazyness\AppData\Local\Temp\tbHot2.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\7ZipSetup.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\coretemp_1236.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\FreeMediaPlayerSetup-4kgtWV1.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\iLividSetup-r484-n-bc.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\iLividSetup-r484-n-bf.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\Razer_Game_Booster_downloader.exe (PUP.Optional.FreeNew.A) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\Setup (1).exe (PUP.Optional.Firser.A) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\SoftonicDownloader_for_vdraw.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\Sopcast Downloader.exe (PUP.OfferBundler.ST) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\veetle.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\video-media-download_setup (1).exe (PUP.Downware) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\video-media-download_setup (2).exe (PUP.Downware) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\video-media-download_setup (3).exe (PUP.Downware) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\video-media-download_setup.exe (PUP.Downware) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\VLCMediaPlayerSetup-d4IOn40.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\ProgramData\Penwes\definitions.dat (PUP.Optional.PenWes.A) -> Quarantined and deleted successfully.
C:\ProgramData\Penwes\cache.dat (PUP.Optional.PenWes.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PenWes\license.txt (PUP.Optional.PenWes.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\PenWes\uninstall.exe (PUP.Optional.PenWes.A) -> Quarantined and deleted successfully.
 
(end)
 
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.29.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
crazyness :: CRAZYNESS-PC [administrator]
 
Protection: Enabled
 
30.01.2014 12:53:40
MBAM-log-2014-01-30 (15-50-59).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 677520
Time elapsed: 2 hour(s), 48 minute(s), 48 second(s)
 
Memory Processes Detected: 1
C:\Program Files (x86)\PenWes\PenWesService.exe (PUP.Optional.PenWes.A) -> 2732 -> No action taken.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 3
HKLM\SYSTEM\CurrentControlSet\Services\PenWesController (PUP.Optional.PenWes.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Penwes (PUP.Optional.PenWes.A) -> No action taken.
HKLM\SOFTWARE\PENSEWEB (PUP.Optional.PenWes.A) -> No action taken.
 
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BackgroundContainer (PUP.Optional.Conduit) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun -> No action taken.
HKLM\SOFTWARE\PENSEWEB|AffID (PUP.Optional.PenWes.A) -> Data: 10863 -> No action taken.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 2
C:\ProgramData\Penwes (PUP.Optional.PenWes.A) -> No action taken.
C:\Program Files (x86)\PenWes (PUP.Optional.PenWes.A) -> No action taken.
 
Files Detected: 26
C:\Program Files (x86)\PenWes\PenWesService.exe (PUP.Optional.PenWes.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert0.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\uTorrentBar\uTorrentBarToolbarHelper.exe.vir (PUP.Optional.Conduit.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Users\crazyness\AppData\Local\Conduit\CT2786678\uTorrentBarAutoUpdaterHelper.exe.vir (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\crazyness\AppData\Local\Temp\tbAF-0.dll (PUP.Optional.Conduit) -> No action taken.
C:\Users\crazyness\AppData\Local\Temp\tbHot2.dll (PUP.Optional.Conduit) -> No action taken.
C:\Users\crazyness\Downloads\7ZipSetup.exe (PUP.Optional.Somoto) -> No action taken.
C:\Users\crazyness\Downloads\coretemp_1236.exe (PUP.Optional.InstallIQ.A) -> No action taken.
C:\Users\crazyness\Downloads\FreeMediaPlayerSetup-4kgtWV1.exe (PUP.Optional.Somoto) -> No action taken.
C:\Users\crazyness\Downloads\iLividSetup-r484-n-bc.exe (PUP.Optional.Bandoo) -> No action taken.
C:\Users\crazyness\Downloads\iLividSetup-r484-n-bf.exe (PUP.Optional.Bandoo) -> No action taken.
C:\Users\crazyness\Downloads\Razer_Game_Booster_downloader.exe (PUP.Optional.FreeNew.A) -> No action taken.
C:\Users\crazyness\Downloads\Setup (1).exe (PUP.Optional.Firser.A) -> No action taken.
C:\Users\crazyness\Downloads\SoftonicDownloader_for_vdraw.exe (PUP.Optional.Softonic.A) -> No action taken.
C:\Users\crazyness\Downloads\Sopcast Downloader.exe (PUP.OfferBundler.ST) -> No action taken.
C:\Users\crazyness\Downloads\veetle.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\crazyness\Downloads\video-media-download_setup (1).exe (PUP.Downware) -> No action taken.
C:\Users\crazyness\Downloads\video-media-download_setup (2).exe (PUP.Downware) -> No action taken.
C:\Users\crazyness\Downloads\video-media-download_setup (3).exe (PUP.Downware) -> No action taken.
C:\Users\crazyness\Downloads\video-media-download_setup.exe (PUP.Downware) -> No action taken.
C:\Users\crazyness\Downloads\VLCMediaPlayerSetup-d4IOn40.exe (PUP.Optional.Somoto) -> No action taken.
C:\ProgramData\Penwes\definitions.dat (PUP.Optional.PenWes.A) -> No action taken.
C:\ProgramData\Penwes\cache.dat (PUP.Optional.PenWes.A) -> No action taken.
C:\Program Files (x86)\PenWes\license.txt (PUP.Optional.PenWes.A) -> No action taken.
C:\Program Files (x86)\PenWes\uninstall.exe (PUP.Optional.PenWes.A) -> No action taken.
 
(end)
 
Yours sincerely,
Mark
Link to post
Share on other sites

If you're a MB pro user, you're entitled to help from Malwarebytes.

------------------------------

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
If the logs are large, you can attach them:

To attach a log:

Bottom right corner of this page.

reply1.jpg

New window that comes up.

replyer1.jpg

MrC

Link to post
Share on other sites

Here's the reason you loose your internet:
http://www.penwes.com/977-everything-you-need-to-know-about-penwes.php

----------------------------

See if you can uninstall it from your add/remove programs:
PenWes [10863] (x32 Version: - )

and if there's a problem with your connections:


PenWes is uninstalled without any issue on almost all systems. More than 20,000 people have uninstalled PenWes without experiencing any problems. However, a problem may occur for people who have changed Internet provider while PenWes was installed. When you uninstall PenWes, it returns the settings on your PC to those in place when it was installed. If these settings have changed, Internet access may be disrupted. To get it running smoothly again, just follow these simple steps:
- Ensure that you have administrator access on your computer
- Open the network connections
- Right click on the local network connection (if the PC is connected to the Internet by cable) or on the wireless network connection (if the PC is connected to the Internet by Wi-Fi)
- Select Properties
- Select Internet Protocol TCP/IP
- Click on Properties
- Select Obtain DNS servers automatically
- Confirm by clicking OK, close all windows and restart your PC.

 

 

MrC

Link to post
Share on other sites

Dear MrC,

 

I have performed the quick scan. Removed all the malware it found (The report is below) and I still have full use of the internet. Your solution concerning PenWes was spot on.

 

What do you suggest I do next?

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.29.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
crazyness :: CRAZYNESS-PC [administrator]
 
Protection: Enabled
 
31.01.2014 18:36:55
mbam-log-2014-01-31 (18-36-55).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 245171
Time elapsed: 14 minute(s), 21 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKLM\SYSTEM\CurrentControlSet\Services\PenWesController (PUP.Optional.PenWes.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BackgroundContainer (PUP.Optional.Conduit) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\crazyness\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 17
C:\Users\crazyness\AppData\Local\Temp\tbAF-0.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Users\crazyness\AppData\Local\Temp\tbHot2.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\7ZipSetup.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\coretemp_1236.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\FreeMediaPlayerSetup-4kgtWV1.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\iLividSetup-r484-n-bc.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\iLividSetup-r484-n-bf.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\Razer_Game_Booster_downloader.exe (PUP.Optional.FreeNew.A) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\Setup (1).exe (PUP.Optional.Firser.A) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\SoftonicDownloader_for_vdraw.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\Sopcast Downloader.exe (PUP.OfferBundler.ST) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\veetle.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\video-media-download_setup (1).exe (PUP.Downware) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\video-media-download_setup (2).exe (PUP.Downware) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\video-media-download_setup (3).exe (PUP.Downware) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\video-media-download_setup.exe (PUP.Downware) -> Quarantined and deleted successfully.
C:\Users\crazyness\Downloads\VLCMediaPlayerSetup-d4IOn40.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
 
(end)
 
Yours sincerely,
Mark
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.