Jump to content

Recommended Posts

  • Root Admin

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txt
  • You can ignore the note about zipping the Attach.txt file and just post it or attach it.
Link to post
Share on other sites

Attach file

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 03/01/2014 11:10:23
System Uptime: 30/01/2014 10:27:34 (1 hours ago)
.
Motherboard: Type2 - Board Vendor Name1 |  | Type2 - Board Product Name1
Processor: Intel® Pentium® CPU B950 @ 2.10GHz | U3E1 | 2100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 681 GiB total, 624.51 GiB free.
D: is CDROM ()
E: is FIXED (FAT32) - 7 GiB total, 7.439 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: McAfee Inc. mfeapfk
Device ID: ROOT\LEGACY_MFEAPFK\0000
Manufacturer:
Name: McAfee Inc. mfeapfk
PNP Device ID: ROOT\LEGACY_MFEAPFK\0000
Service: mfeapfk
.
==== System Restore Points ===================
.
RP31: 26/01/2014 19:56:14 - Removed Bet Angel - Professional
RP32: 29/01/2014 10:49:18 - Language Pack Removal
RP33: 29/01/2014 16:21:04 - Revo Uninstaller's restore point - Adobe Reader XI (11.0.06)
.
==== Installed Programs ======================
.
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06)
Advanced SystemCare 6
Agatha Christie - Death on the Nile
Aloha TriPeaks
BBC iPlayer Desktop
Bejeweled 3
Bluetooth Stack for Windows by Toshiba
BT NetProtect Plus
CactusVPN
Cake Mania
CCleaner
Chuzzle Deluxe
D3DX10
EPSON Scan
EPSON SX430 Series Printer Uninstall
FLV.com FLV Converter 5.1
Free RAR Extract Frog
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
High-Definition Video Playback
Insaniquarium Deluxe
Intel® Manageability Engine Firmware Recovery Agent
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® Trusted Connect Service Client
IObit Apps Toolbar v8.6
Java 7 Update 51
Java Auto Updater
Java 6 Update 30
Jewel Quest Solitaire 2
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Mystery P.I. - The London Caper
Nero 11 Essentials
Nero 11 Kwik Themes Basic
Nero BackItUp 11
Nero BackItUp 11 Help (CHM)
Nero Backup Drivers
Nero BurnRights 11
Nero BurnRights 11 Help (CHM)
Nero ControlCenter 11
Nero ControlCenter 11 Help (CHM)
Nero Core Components 11
Nero Express 11
Nero Express 11 Help (CHM)
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero RescueAgent 11
Nero RescueAgent 11 Help (CHM)
Nero Update
nero.prerequisites.msi
NTREGOPT 1.1j
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
Polar Bowler
Premium Sound HD
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Revo Uninstaller 1.95
RtkClassFilter
Skype™ 6.11
SpywareBlaster 5.0
Synaptics Pointing Device Driver
TOSHIBA Assist
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Manuals
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Online Product Information
TOSHIBA PC Health Monitor
TOSHIBA Places Icon Utility
TOSHIBA Recovery Media Creator
TOSHIBA Recovery Media Creator Reminder
TOSHIBA Resolution+ Plug-in for Windows Media Player
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA TEMPRO
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
VLC media player 2.1.2
welcome
WildTangent Games
WildTangent Games App (Toshiba Games)
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth  (12/02/2011 2.3.8.1)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalleri
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
Windows Live Mesh ActiveX-objekt til fjernforbindelser
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Meshin etäyhteyksien ActiveX-komponentti
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
.
==== Event Viewer Messages From Past Week ========
.
30/01/2014 11:23:44, Error: Service Control Manager [7030]  - The Advanced SystemCare Service 6 service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
30/01/2014 10:29:21, Error: Service Control Manager [7024]  - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
30/01/2014 10:27:55, Error: Service Control Manager [7000]  - The McAfee Inc. mfeapfk service failed to start due to the following error:  The specified service does not exist.
30/01/2014 10:27:54, Error: Service Control Manager [7024]  - The Windows Firewall service terminated with service-specific error Access is denied..
30/01/2014 10:08:25, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
30/01/2014 10:08:25, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
30/01/2014 10:05:37, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
30/01/2014 10:04:42, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
30/01/2014 10:04:42, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
30/01/2014 10:04:41, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
30/01/2014 10:04:36, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
30/01/2014 10:04:28, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
30/01/2014 10:04:23, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  discache spldr Wanarpv6
30/01/2014 10:04:12, Error: Service Control Manager [7001]  - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:  The dependency service or group failed to start.
29/01/2014 16:54:34, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:  An instance of the service is already running.
29/01/2014 16:54:04, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
29/01/2014 16:54:04, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.
29/01/2014 09:31:43, Error: Server [2505]  - The server could not bind to the transport \Device\NetBT_Tcpip_{48711CA6-B62F-46BD-9410-141DFDD9EAE9} because another computer on the network has the same name.  The server could not start.
26/01/2014 09:39:46, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the IPsec Policy Agent service to connect.
26/01/2014 09:39:46, Error: Service Control Manager [7000]  - The IPsec Policy Agent service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
24/01/2014 10:28:04, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.
24/01/2014 10:28:04, Error: Service Control Manager [7000]  - The McAfee Platform Services service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
24/01/2014 10:28:04, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service mcpltsvc with arguments "" in order to run the server: {20966775-18A4-4299-B8E3-772C336B52A7}
24/01/2014 08:22:16, Error: Service Control Manager [7031]  - The Microsoft .NET Framework NGEN v4.0.30319_X86 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
23/01/2014 08:17:11, Error: Service Control Manager [7034]  - The McAfee SiteAdvisor Service service terminated unexpectedly.  It has done this 1 time(s).
23/01/2014 08:17:11, Error: Service Control Manager [7031]  - The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
23/01/2014 08:17:11, Error: Service Control Manager [7031]  - The McAfee Proxy Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
23/01/2014 08:17:11, Error: Service Control Manager [7031]  - The McAfee Platform Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
23/01/2014 08:17:11, Error: Service Control Manager [7031]  - The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
23/01/2014 08:17:11, Error: Service Control Manager [7031]  - The McAfee Home Network service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
.
==== End Of File ===========================
 

 

dds file

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
Run by allan.nancy.liam at 11:28:30 on 2014-01-30
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.6034.3633 [GMT 0:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\GFNEXSrv.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\windows\system32\mfevtps.exe
C:\windows\system32\rundll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\windows\system32\rundll32.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
C:\Windows\System32\StikyNot.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\McAfee\VirusScan\mcods.exe
C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\windows\system32\msiexec.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.


uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll
mWinlogon: Userinit = userinit.exe,
BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE.dll
uRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
uRun: [EPSON SX430 Series] C:\windows\System32\spool\DRIVERS\x64\3\E_IATIHAE.EXE /FU "C:\Users\ALLANN~1.LIA\AppData\Local\Temp\E_S7FF8.tmp" /EF "HKCU"
uRun: [RESTART_STICKY_NOTES] C:\windows\System32\StikyNot.exe
uRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
StartupFolder: C:\Users\ALLANN~1.LIA\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TRDCRE~1.LNK - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TOSHIB~1.LNK - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.



TCP: NameServer = 192.168.1.254
TCP: Interfaces\{D7F5D7B3-E4F8-4388-B3FE-E902478BE6AC} : NameServer = 192.168.1.254
TCP: Interfaces\{D7F5D7B3-E4F8-4388-B3FE-E902478BE6AC} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{D7F5D7B3-E4F8-4388-B3FE-E902478BE6AC}\244564F4E4 : NameServer = 192.168.1.254
TCP: Interfaces\{D7F5D7B3-E4F8-4388-B3FE-E902478BE6AC}\244564F4E4 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{D7F5D7B3-E4F8-4388-B3FE-E902478BE6AC}\244575966496D277964786D264F4E4 : NameServer = 192.168.1.254
TCP: Interfaces\{D7F5D7B3-E4F8-4388-B3FE-E902478BE6AC}\244575966496D277964786D264F4E4 : DHCPNameServer = 192.168.22.22 192.168.22.23
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [sRS Premium Sound HD] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe"  /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
x64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\allan.nancy.liam\AppData\Roaming\Mozilla\Firefox\Profiles\g945swsu.default-1391023072094\
FF - prefs.js: browser.search.selectedEngine - Yahoo!

FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 NBVol;Nero Backup Volume Filter Driver;C:\windows\System32\drivers\NBVol.sys [2012-5-11 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\windows\System32\drivers\NBVolUp.sys [2012-5-11 15920]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-24 482384]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2014-1-30 574272]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2014-1-16 807800]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2014-1-7 168448]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2014-1-7 131072]
R2 GFNEXSrv;GFNEX Service;C:\windows\System32\GFNEXSrv.exe [2014-1-3 162824]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-1-3 328928]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2014-1-3 128280]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2014-1-3 161560]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-3 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-3 701512]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-1-3 328928]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2014-1-3 178048]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-1-3 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-1-3 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-1-3 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-1-3 328928]
R2 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2013-11-4 311120]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-1-3 1025232]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2014-1-3 219272]
R2 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2013-9-24 782360]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2014-1-3 182752]
R2 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2013-11-4 343696]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-4 687400]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-11-24 294848]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-20 14472]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2014-1-3 363800]
R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\drivers\cfwids.sys [2013-11-4 70112]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2014-1-3 25928]
R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2013-11-4 519576]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\windows\System32\drivers\mfencbdc.sys [2013-11-26 411944]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2014-1-3 38096]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2014-1-3 251496]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2014-1-3 565352]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtwlane.sys [2014-1-3 1082472]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2014-1-3 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-11-26 138152]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-12-14 833976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\drivers\HipShieldK.sys [2014-1-22 197704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-1-4 111616]
S3 mfencrk;McAfee Inc. mfencrk;C:\windows\System32\drivers\mfencrk.sys [2013-11-26 96112]
S3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\windows\System32\drivers\RtkBtfilter.sys [2012-1-5 21096]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2014-1-3 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2014-01-30 11:23:34    --------    d-----w-    C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2014-01-30 11:23:32    --------    d-----w-    C:\ProgramData\IObit
2014-01-30 11:23:31    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Roaming\IObit
2014-01-30 11:22:59    --------    d-----w-    C:\Program Files (x86)\IObit
2014-01-30 11:22:48    --------    d-----w-    C:\Program Files (x86)\Application Updater
2014-01-30 11:22:46    --------    d-----w-    C:\Program Files (x86)\IObit Apps Toolbar
2014-01-30 11:22:46    --------    d-----w-    C:\Program Files (x86)\Common Files\Spigot
2014-01-30 10:24:34    --------    d-----w-    C:\Program Files (x86)\NT Registry Optimizer
2014-01-29 16:20:14    --------    d-----w-    C:\Program Files (x86)\VS Revo Group
2014-01-29 16:11:17    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Roaming\tor
2014-01-29 13:53:24    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Roaming\HandBrake
2014-01-29 09:29:44    --------    d-----w-    C:\Program Files (x86)\CactusVPN
2014-01-28 11:59:17    --------    d-----w-    C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-28 11:59:06    91352    ----a-w-    C:\windows\System32\drivers\mbamchameleon.sys
2014-01-28 11:27:10    --------    d-----w-    C:\Program Files (x86)\VideoLAN
2014-01-28 11:14:41    --------    d-----w-    C:\Program Files (x86)\GreenTree Applications
2014-01-28 11:11:46    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\{BF6923FB-FA84-4281-96BE-5F0D52812120}
2014-01-28 11:11:46    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\{17493466-6040-49A9-A52D-B886C71F3E16}
2014-01-22 10:02:45    197704    ----a-w-    C:\windows\System32\drivers\HipShieldK.sys
2014-01-21 20:56:51    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Roaming\Philipp Winterberg
2014-01-21 20:56:46    --------    d-----w-    C:\Program Files (x86)\Free RAR Extract Frog
2014-01-16 09:36:31    --------    d-----w-    C:\ProgramData\Oracle
2014-01-16 09:36:13    96168    ----a-w-    C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-16 00:56:17    --------    d-----w-    C:\dd6d63709d03022f0a2a838d4c74
2014-01-15 13:53:09    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\Deployment
2014-01-15 13:53:09    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\Apps
2014-01-15 12:44:08    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Roaming\BetTraderEvolution
2014-01-15 12:44:08    --------    d-----w-    C:\Program Files (x86)\BetTraderEvolution
2014-01-15 12:43:05    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Roaming\EvoTray
2014-01-15 12:40:19    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Roaming\Bet Angel
2014-01-15 08:45:26    99840    ----a-w-    C:\windows\System32\drivers\usbccgp.sys
2014-01-15 08:45:26    7808    ----a-w-    C:\windows\System32\drivers\usbd.sys
2014-01-15 08:45:26    53248    ----a-w-    C:\windows\System32\drivers\usbehci.sys
2014-01-15 08:45:26    343040    ----a-w-    C:\windows\System32\drivers\usbhub.sys
2014-01-15 08:45:26    325120    ----a-w-    C:\windows\System32\drivers\usbport.sys
2014-01-15 08:45:26    30720    ----a-w-    C:\windows\System32\drivers\usbuhci.sys
2014-01-15 08:45:26    25600    ----a-w-    C:\windows\System32\drivers\usbohci.sys
2014-01-15 08:45:24    3156480    ----a-w-    C:\windows\System32\win32k.sys
2014-01-15 08:45:23    376768    ----a-w-    C:\windows\System32\drivers\netio.sys
2014-01-10 12:06:10    --------    d-----r-    C:\Program Files (x86)\Skype
2014-01-07 17:37:07    465920    ----a-w-    C:\windows\System32\esxw2ud.dll
2014-01-07 17:37:07    13824    ----a-w-    C:\windows\System32\esxcdev.dll
2014-01-07 17:37:07    132560    ----a-w-    C:\windows\System32\esdevapp.exe
2014-01-07 17:35:26    --------    d-----w-    C:\Program Files (x86)\epson
2014-01-07 14:39:28    --------    d-----w-    C:\Program Files\Common Files\EPSON
2014-01-07 14:37:38    10752    ----a-w-    C:\windows\System32\E_GCINST.DLL
2014-01-07 14:37:37    88064    ----a-w-    C:\windows\System32\E_IBCBHAE.DLL
2014-01-07 14:37:37    118784    ----a-w-    C:\windows\System32\E_ILMHAE.DLL
2014-01-07 14:34:12    --------    d-----w-    C:\ProgramData\EPSON
2014-01-05 18:49:53    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\{38CF6140-3827-4CFE-AE9B-E97DFD6B16A0}
2014-01-05 18:49:00    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\{1EBF2983-58A0-4B26-B65B-8841F35529C5}
2014-01-04 09:54:19    --------    d-----w-    C:\ProgramData\VirtualizedApplications
2014-01-04 09:35:39    --------    d-----w-    C:\windows\Migration
2014-01-03 18:58:16    --------    d-----w-    C:\windows\OemDrv
2014-01-03 18:54:04    38096    ----a-w-    C:\windows\System32\drivers\PGEffect.sys
2014-01-03 18:47:31    --------    d-----w-    C:\Program Files (x86)\TOSHIBA Corporation
2014-01-03 18:47:31    --------    d-----w-    C:\Program Files (x86)\Common Files\Toshiba Shared
2014-01-03 18:40:59    24576    ----a-w-    C:\windows\SysWow64\TSCI.dll
2014-01-03 18:40:59    24576    ----a-w-    C:\windows\SysWow64\THCI.dll
2014-01-03 18:40:12    --------    d-----w-    C:\windows\sv
2014-01-03 18:39:30    --------    d-----w-    C:\windows\en
2014-01-03 18:39:27    --------    d-----w-    C:\windows\da
2014-01-03 18:39:23    --------    d-----w-    C:\windows\fi
2014-01-03 18:39:20    --------    d-----w-    C:\windows\no
2014-01-03 18:39:01    --------    d-----w-    C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-01-03 18:37:34    --------    d-----w-    C:\windows\PCHEALTH
2014-01-03 18:37:22    69464    ----a-w-    C:\windows\SysWow64\XAPOFX1_3.dll
2014-01-03 18:37:22    523088    ----a-w-    C:\windows\System32\d3dx10_42.dll
2014-01-03 18:37:22    515416    ----a-w-    C:\windows\SysWow64\XAudio2_5.dll
2014-01-03 18:37:22    453456    ----a-w-    C:\windows\SysWow64\d3dx10_42.dll
2014-01-03 18:37:20    4398360    ----a-w-    C:\windows\System32\d3dx9_32.dll
2014-01-03 18:37:20    3426072    ----a-w-    C:\windows\SysWow64\d3dx9_32.dll
2014-01-03 18:36:41    15712    ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\be7cf1cf1cf08b204\MeshBetaRemover.exe
2014-01-03 18:36:40    94040    ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\be4d564a1cf08b203\DSETUP.dll
2014-01-03 18:36:40    94040    ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\be1696a41cf08b202\DSETUP.dll
2014-01-03 18:36:40    6260088    ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\bdcf2d5b1cf08b201\Silverlight.4.0.exe
2014-01-03 18:36:40    525656    ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\be4d564a1cf08b203\DXSETUP.exe
2014-01-03 18:36:40    525656    ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\be1696a41cf08b202\DXSETUP.exe
2014-01-03 18:36:40    1691480    ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\be4d564a1cf08b203\dsetup32.dll
2014-01-03 18:36:40    1691480    ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\be1696a41cf08b202\dsetup32.dll
2014-01-03 18:36:39    --------    d-----w-    C:\Program Files (x86)\Common Files\Windows Live
2014-01-03 18:34:08    162824    ----a-w-    C:\windows\System32\GFNEXSrv.exe
2014-01-03 18:34:08    152376    ----a-w-    C:\windows\System32\GFNEX64.dll
2014-01-03 18:34:08    128312    ----a-w-    C:\windows\SysWow64\GFNEX.dll
2014-01-03 18:33:51    --------    d-----w-    C:\windows\SysWow64\sda
2014-01-03 18:33:47    251496    ----a-w-    C:\windows\System32\drivers\RtsUStor.sys
2014-01-03 18:33:46    9887848    ----a-w-    C:\windows\SysWow64\RtsUStoricon.dll
2014-01-03 18:33:46    422504    ----a-w-    C:\windows\System32\RtsUStor.dll
2014-01-03 18:32:52    40832    ----a-w-    C:\windows\System32\drivers\TosBtCi.dll
2014-01-03 18:32:27    28528    ----a-w-    C:\windows\rlt8723a_chip_bt40_fw_asic_rom_patch.dll
2014-01-03 18:29:42    626792    ----a-w-    C:\windows\System32\drivers\rtl819xp.sys
2014-01-03 18:29:42    451072    ----a-w-    C:\windows\SysWow64\ISSRemoveSP.exe
2014-01-03 18:29:42    450048    ----a-w-    C:\windows\System32\drivers\rtl8187B.sys
2014-01-03 18:29:42    442368    ----a-w-    C:\windows\System32\drivers\rtl8187Se.sys
2014-01-03 18:29:42    1225832    ----a-w-    C:\windows\System32\drivers\rtl8192se.sys
2014-01-03 18:29:42    1145448    ----a-w-    C:\windows\System32\drivers\rtl8192ce.sys
2014-01-03 18:29:42    1082472    ----a-w-    C:\windows\System32\drivers\rtwlane.sys
2014-01-03 18:29:42    --------    d-----w-    C:\Program Files (x86)\Realtek WLAN Driver
2014-01-03 18:28:39    74272    ----a-w-    C:\windows\System32\RtNicProp64.dll
2014-01-03 18:28:39    565352    ----a-w-    C:\windows\System32\drivers\Rt64win7.sys
2014-01-03 18:28:39    107552    ----a-w-    C:\windows\System32\RTNUninst64.dll
2014-01-03 18:28:13    --------    d-----w-    C:\Program Files\Synaptics
2014-01-03 18:27:32    --------    d-----w-    C:\Program Files\SRS Labs
2014-01-03 18:24:07    568600    ----a-w-    C:\windows\System32\drivers\iaStor.sys
2014-01-03 18:20:05    --------    d-----w-    C:\Program Files\Common Files\Intel
2014-01-03 18:20:05    --------    d-----w-    C:\Program Files (x86)\Common Files\Intel
2014-01-03 18:18:20    15128    ----a-w-    C:\windows\System32\drivers\IntelMEFWVer.dll
2014-01-03 18:17:44    --------    d-----w-    C:\Program Files (x86)\Common Files\postureAgent
2014-01-03 18:17:40    --------    d-----w-    C:\Intel
2014-01-03 18:17:39    60184    ----a-w-    C:\windows\System32\drivers\HECIx64.sys
2014-01-03 18:15:20    53248    ----a-w-    C:\windows\SysWow64\CSVer.dll
2014-01-03 15:49:25    --------    d-----w-    C:\windows\SysWow64\Wat
2014-01-03 15:49:25    --------    d-----w-    C:\windows\System32\Wat
2014-01-03 15:43:03    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\Macromedia
2014-01-03 14:53:24    465920    ----a-w-    C:\windows\System32\WMPhoto.dll
2014-01-03 14:53:24    417792    ----a-w-    C:\windows\SysWow64\WMPhoto.dll
2014-01-03 14:53:22    1424384    ----a-w-    C:\windows\System32\WindowsCodecs.dll
2014-01-03 14:53:22    1230336    ----a-w-    C:\windows\SysWow64\WindowsCodecs.dll
2014-01-03 14:53:18    67072    ----a-w-    C:\windows\splwow64.exe
2014-01-03 14:53:18    559104    ----a-w-    C:\windows\System32\spoolsv.exe
2014-01-03 14:27:12    167424    ----a-w-    C:\Program Files\Windows Media Player\wmplayer.exe
2014-01-03 14:27:12    164864    ----a-w-    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-01-03 14:27:12    12625920    ----a-w-    C:\windows\System32\wmploc.DLL
2014-01-03 14:27:11    12625408    ----a-w-    C:\windows\SysWow64\wmploc.DLL
2014-01-03 13:48:03    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\SoftGrid Client
2014-01-03 13:48:02    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Roaming\SoftGrid Client
2014-01-03 13:46:48    2560    ----a-w-    C:\windows\System32\drivers\en-US\wdf01000.sys.mui
2014-01-03 13:46:48    --------    d-----w-    C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-01-03 13:46:23    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Roaming\TP
2014-01-03 13:06:30    294912    ----a-w-    C:\windows\System32\browserchoice.exe
2014-01-03 12:47:45    87040    ----a-w-    C:\windows\System32\drivers\WUDFPf.sys
2014-01-03 12:47:45    84992    ----a-w-    C:\windows\System32\WUDFSvc.dll
2014-01-03 12:47:45    744448    ----a-w-    C:\windows\System32\WUDFx.dll
2014-01-03 12:47:45    45056    ----a-w-    C:\windows\System32\WUDFCoinstaller.dll
2014-01-03 12:47:45    229888    ----a-w-    C:\windows\System32\WUDFHost.exe
2014-01-03 12:47:45    198656    ----a-w-    C:\windows\System32\drivers\WUDFRd.sys
2014-01-03 12:47:45    194048    ----a-w-    C:\windows\System32\WUDFPlatform.dll
2014-01-03 12:39:03    --------    d-----w-    C:\windows\System32\MRT
2014-01-03 12:32:29    5120    ----a-w-    C:\windows\SysWow64\wmi.dll
2014-01-03 12:32:29    5120    ----a-w-    C:\windows\System32\wmi.dll
2014-01-03 12:32:29    23408    ----a-w-    C:\windows\System32\drivers\fs_rec.sys
2014-01-03 12:25:04    2048    ----a-w-    C:\windows\SysWow64\msxml3r.dll
2014-01-03 12:25:04    2048    ----a-w-    C:\windows\System32\msxml3r.dll
2014-01-03 12:25:04    2002432    ----a-w-    C:\windows\System32\msxml6.dll
2014-01-03 12:25:04    1882624    ----a-w-    C:\windows\System32\msxml3.dll
2014-01-03 12:25:04    1389568    ----a-w-    C:\windows\SysWow64\msxml6.dll
2014-01-03 12:25:04    1236992    ----a-w-    C:\windows\SysWow64\msxml3.dll
2014-01-03 12:25:03    1903552    ----a-w-    C:\windows\System32\drivers\tcpip.sys
2014-01-03 12:25:02    327168    ----a-w-    C:\windows\System32\mswsock.dll
2014-01-03 12:25:01    231424    ----a-w-    C:\windows\SysWow64\mswsock.dll
2014-01-03 12:24:10    1887232    ----a-w-    C:\windows\System32\d3d11.dll
2014-01-03 12:24:10    1505280    ----a-w-    C:\windows\SysWow64\d3d11.dll
2014-01-03 12:22:37    1474048    ----a-w-    C:\windows\System32\crypt32.dll
2014-01-03 12:21:54    70144    ----a-w-    C:\windows\System32\appinfo.dll
2014-01-03 12:21:54    111448    ----a-w-    C:\windows\System32\consent.exe
2014-01-03 12:21:34    362496    ----a-w-    C:\windows\System32\wow64win.dll
2014-01-03 12:21:34    16384    ----a-w-    C:\windows\System32\ntvdm64.dll
2014-01-03 12:21:34    13312    ----a-w-    C:\windows\System32\wow64cpu.dll
2014-01-03 12:21:04    3717632    ----a-w-    C:\windows\System32\mstscax.dll
2014-01-03 12:21:04    3217408    ----a-w-    C:\windows\SysWow64\mstscax.dll
2014-01-03 12:21:02    44032    ----a-w-    C:\windows\System32\tsgqec.dll
2014-01-03 12:21:02    36864    ----a-w-    C:\windows\SysWow64\tsgqec.dll
2014-01-03 12:21:02    158720    ----a-w-    C:\windows\System32\aaclient.dll
2014-01-03 12:21:02    131584    ----a-w-    C:\windows\SysWow64\aaclient.dll
2014-01-03 12:19:58    2048    ----a-w-    C:\windows\SysWow64\tzres.dll
2014-01-03 12:18:55    288088    ----a-w-    C:\windows\System32\drivers\FWPKCLNT.SYS
2014-01-03 12:07:05    461312    ----a-w-    C:\windows\System32\scavengeui.dll
2014-01-03 11:57:01    2622464    ----a-w-    C:\windows\System32\wucltux.dll
2014-01-03 11:56:53    99840    ----a-w-    C:\windows\System32\wudriver.dll
2014-01-03 11:56:44    36864    ----a-w-    C:\windows\System32\wuapp.exe
2014-01-03 11:56:44    186752    ----a-w-    C:\windows\System32\wuwebv.dll
2014-01-03 11:48:22    --------    d-----w-    C:\ProgramData\Licenses
2014-01-03 11:48:17    129872    ----a-w-    C:\windows\SysWow64\MSSTDFMT.DLL
2014-01-03 11:48:17    1070352    ----a-w-    C:\windows\SysWow64\MSCOMCTL.OCX
2014-01-03 11:48:16    --------    d-----w-    C:\Program Files (x86)\SpywareBlaster
2014-01-03 11:47:28    --------    d-----w-    C:\AdwCleaner
2014-01-03 11:46:51    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Roaming\Malwarebytes
2014-01-03 11:46:21    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-01-03 11:46:17    25928    ----a-w-    C:\windows\System32\drivers\mbam.sys
2014-01-03 11:46:17    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-03 11:46:07    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\Programs
2014-01-03 11:45:04    --------    d-----w-    C:\Program Files\CCleaner
2014-01-03 11:40:22    --------    d-----w-    C:\Program Files (x86)\McAfee.com
2014-01-03 11:40:17    --------    d-----w-    C:\Program Files (x86)\Common Files\McAfee
2014-01-03 11:40:06    --------    d-----w-    C:\Program Files\McAfee.com
2014-01-03 11:40:06    --------    d-----w-    C:\Program Files\McAfee
2014-01-03 11:40:04    --------    d-----w-    C:\Program Files (x86)\McAfee
2014-01-03 11:33:52    182752    ----a-w-    C:\windows\System32\mfevtps.exe
2014-01-03 11:33:51    --------    d-----w-    C:\Program Files\Common Files\McAfee
2014-01-03 11:19:32    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\Google
2014-01-03 11:13:35    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\SRS Labs
2014-01-03 11:13:15    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\TOSHIBA
2014-01-03 11:12:39    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\VirtualStore
2014-01-03 11:11:52    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Roaming\WinBatch
2014-01-03 11:11:50    --------    d-----w-    C:\Program Files (x86)\BBC iPlayer Desktop
2014-01-03 11:11:43    --------    d-----w-    C:\Users\allan.nancy.liam\AppData\Local\Adobe
.
==================== Find3M  ====================
.
2014-01-30 09:56:08    71048    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-30 09:56:08    692616    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
2014-01-03 13:20:32    9728    ---ha-w-    C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-26 22:07:44    10856    ----a-w-    C:\windows\System32\drivers\mfeclnrk.sys
2013-11-26 22:07:22    96112    ----a-w-    C:\windows\System32\drivers\mfencrk.sys
2013-11-26 22:07:02    411944    ----a-w-    C:\windows\System32\drivers\mfencbdc.sys
2013-11-26 10:19:07    2724864    ----a-w-    C:\windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\windows\SysWow64\wininet.dll
2013-11-12 02:23:09    2048    ----a-w-    C:\windows\System32\tzres.dll
2013-11-04 16:51:44    70112    ----a-w-    C:\windows\System32\drivers\cfwids.sys
2013-11-04 16:46:34    343696    ----a-w-    C:\windows\System32\drivers\mfewfpk.sys
2013-11-04 16:43:04    782360    ----a-w-    C:\windows\System32\drivers\mfehidk.sys
2013-11-04 16:41:22    519576    ----a-w-    C:\windows\System32\drivers\mfefirek.sys
2013-11-04 16:40:00    311120    ----a-w-    C:\windows\System32\drivers\mfeavfk.sys
2013-11-04 16:39:20    179792    ----a-w-    C:\windows\System32\drivers\mfeapfk.sys
.
============= FINISH: 11:29:17.59 ===============
 

Link to post
Share on other sites

  • Root Admin

The computer appears to be infected.   I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.


I also noticed that you're running iObit software on the computer.

 

The company behind this product was found to be stealing our database.
Personally I would not trust installing any software from a company that resorts to stealing someone's technology to sell their product.
Please see the following links and make up your own mind if you want to keep this on your system. If needed I can help you remove it.


 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.