Jump to content

Infected need help please


Recommended Posts

Hi, i've just come accross this forum on google because I keep getting a website lpcloudbox329 (although the number changes sometimes) telling me i need to update media player in a google chrome looking kinda page redirecting me from the icefilms website whenever i try to use that page. 

 

I ran the above Farbar and this is what came up

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Craig (administrator) on CRAIG-MSI on 20-05-2014 11:17:55
Running from C:\Users\Craig\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(SupportSoft, Inc.) C:\Program Files (x86)\O2 Assistant\bin\sprtsvc.exe
(SupportSoft, Inc.) C:\Program Files (x86)\O2 Assistant\bin\tgsrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(www.nerdoftheherd.com) C:\Program Files (x86)\Radio Downloader\Radio Downloader.exe
(Spotify Ltd) C:\Users\Craig\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-02] (Realtek Semiconductor)
HKLM\...\Run: [skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-02] (Realtek Semiconductor Corp.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1894696 2010-01-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2408448 2010-02-05] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [NortonOnlineBackup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1112920 2010-03-06] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-11-02] (Research In Motion Limited)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3885816777-3093962409-1163485944-1000\...\Run: [Google Update] => C:\Users\Craig\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-11] (Google Inc.)
HKU\S-1-5-21-3885816777-3093962409-1163485944-1000\...\Run: [Radio Downloader] => C:\Program Files (x86)\Radio Downloader\Radio Downloader.exe [517032 2011-11-19] (www.nerdoftheherd.com)
HKU\S-1-5-21-3885816777-3093962409-1163485944-1000\...\Run: [spotify Web Helper] => C:\Users\Craig\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-07] (Spotify Ltd)
HKU\S-1-5-21-3885816777-3093962409-1163485944-1000\...\Run: [GoogleChromeAutoLaunch_ABD7D68AD71EAEAFB2183BA7A6057595] => C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe [841032 2014-05-08] (Google Inc.)
HKU\S-1-5-21-3885816777-3093962409-1163485944-1000\...\MountPoints2: {9498d24f-c4f6-11e0-aeb8-6c626d28771c} - F:\AutoRun.exe
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {56C46D1A-B0AE-40D8-B8B1-D4E699785AFC} URL = 
SearchScopes: HKCU - {B8EE0596-944B-4E03-8E22-BD315F23E731} URL = 
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Craig\AppData\Roaming\Mozilla\Firefox\Profiles\5c0xrqs9.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Craig\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Craig\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml
FF Extension: Greasemonkey - C:\Users\Craig\AppData\Roaming\Mozilla\Firefox\Profiles\5c0xrqs9.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-08-15]
FF Extension: Adblock Plus - C:\Users\Craig\AppData\Roaming\Mozilla\Firefox\Profiles\5c0xrqs9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-18]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.co.uk/
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Craig\AppData\Local\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Craig\AppData\Local\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Free Studio) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\np_dvs_plugin.dll (DVDVideoSoft Ltd.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Craig\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Extension: (Angry Birds) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-11-02]
CHR Extension: (ICE Quick Stream) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpioikmjnfipgphjldakcaocbbpnfabl [2013-09-17]
CHR Extension: (ICE Quick Stream) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapljocpedaolbooelchgnkkaplpadgp [2013-01-07]
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-01-22]
CHR Extension: (Google Wallet) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-18]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-01-21]
CHR StartMenuInternet: Google Chrome - C:\Users\Craig\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-06] (Symantec Corporation)
R2 sprtsvc_O2DA; C:\Program Files (x86)\O2 Assistant\bin\sprtsvc.exe [206120 2010-04-23] (SupportSoft, Inc.)
S2 SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [383408 2010-04-23] (SupportSoft, Inc.)
R2 tgsrvc_O2DA; C:\Program Files (x86)\O2 Assistant\bin\tgsrvc.exe [185640 2010-04-23] (SupportSoft, Inc.)
S2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-04-15] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
S3 EUCR; C:\Windows\system32\DRIVERS\EUCR6SK.SYS [87888 2009-12-05] (ENE Technology Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S3 smserial; C:\Windows\System32\DRIVERS\SmSerl64.sys [1227776 2009-06-10] (Motorola Inc.)
S3 MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-20 11:17 - 2014-05-20 11:18 - 00016551 _____ () C:\Users\Craig\Downloads\FRST.txt
2014-05-20 11:17 - 2014-05-20 11:17 - 02067456 _____ (Farbar) C:\Users\Craig\Downloads\FRST64.exe
2014-05-20 11:17 - 2014-05-20 11:17 - 00000000 ____D () C:\FRST
2014-05-20 11:10 - 2014-05-20 11:10 - 01056768 _____ (Farbar) C:\Users\Craig\Downloads\FRST.exe
2014-05-20 11:05 - 2014-05-20 11:18 - 327521067 _____ () C:\Users\Craig\Downloads\game.of.thrones.s04e07.hdtv.x264-killers.mp4
2014-05-19 19:25 - 2014-05-19 19:26 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 19:23 - 2014-05-19 19:23 - 00000844 _____ () C:\Users\Craig\Desktop\JRT.txt
2014-05-19 19:15 - 2014-05-19 19:15 - 01016261 _____ (Thisisu) C:\Users\Craig\Downloads\JRT (1).exe
2014-05-19 19:15 - 2014-05-19 19:15 - 00000000 ____D () C:\windows\ERUNT
2014-05-19 18:59 - 2014-05-19 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-19 18:59 - 2014-05-19 18:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 18:59 - 2014-05-19 18:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-19 18:59 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-19 18:59 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-19 18:59 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-19 18:57 - 2014-05-19 18:58 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Craig\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 18:57 - 2014-05-19 18:57 - 01016261 _____ (Thisisu) C:\Users\Craig\Downloads\JRT.exe
2014-05-19 18:54 - 2014-05-19 19:13 - 00000000 ____D () C:\AdwCleaner
2014-05-15 09:44 - 2014-05-15 09:44 - 17938608 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-13 22:24 - 2014-05-13 22:26 - 33075523 _____ () C:\Users\Craig\Downloads\House Master Boyz and The Rude Boy Of House - House Nation.zip
2014-05-13 18:06 - 2014-05-13 18:19 - 306964711 _____ () C:\Users\Craig\Downloads\game.of.thrones.s04e06.hdtv.x264-killers.mp4
2014-05-06 18:12 - 2014-05-06 18:26 - 268321140 _____ () C:\Users\Craig\Downloads\the.blacklist.121.hdtv-lol.mp4
2014-05-06 14:49 - 2014-05-06 15:04 - 357405429 _____ () C:\Users\Craig\Downloads\game.of.thrones.s04e05.hdtv.x264-killers.mp4
2014-05-01 13:25 - 2014-05-01 13:26 - 00000000 ____D () C:\Users\Craig\Desktop\New folder
2014-04-29 20:51 - 2014-04-29 20:51 - 00000000 ____D () C:\Users\Craig\Videos\Documents\CDs
2014-04-29 19:59 - 2014-04-29 21:03 - 1463774840 _____ () C:\Users\Craig\Downloads\Django.1966.BRRip.x264-KeN.mkv
2014-04-29 14:51 - 2014-04-29 15:24 - 733929472 _____ () C:\Users\Craig\Downloads\Hangover.avi
2014-04-29 13:46 - 2014-04-29 14:10 - 00000000 ____D () C:\Users\Craig\Downloads\Programmes
2014-04-29 12:37 - 2014-04-29 13:14 - 00000000 ____D () C:\Users\Craig\Downloads\Tickets
2014-04-27 14:10 - 2014-04-27 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-25 23:23 - 2014-04-29 20:52 - 00001233 _____ () C:\Users\Craig\Videos\Documents\1.axp
2014-04-25 23:02 - 2014-04-25 23:02 - 00001955 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-04-25 23:02 - 2014-04-25 23:02 - 00001913 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-04-25 23:02 - 2014-04-25 23:02 - 00000000 ____D () C:\Users\Craig\AppData\Roaming\Canneverbe Limited
2014-04-25 23:02 - 2014-04-25 23:02 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-04-25 23:02 - 2014-04-25 23:02 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
 
==================== One Month Modified Files and Folders =======
 
2014-05-20 11:18 - 2014-05-20 11:17 - 00016551 _____ () C:\Users\Craig\Downloads\FRST.txt
2014-05-20 11:18 - 2014-05-20 11:05 - 327521067 _____ () C:\Users\Craig\Downloads\game.of.thrones.s04e07.hdtv.x264-killers.mp4
2014-05-20 11:17 - 2014-05-20 11:17 - 02067456 _____ (Farbar) C:\Users\Craig\Downloads\FRST64.exe
2014-05-20 11:17 - 2014-05-20 11:17 - 00000000 ____D () C:\FRST
2014-05-20 11:10 - 2014-05-20 11:10 - 01056768 _____ (Farbar) C:\Users\Craig\Downloads\FRST.exe
2014-05-20 11:09 - 2011-08-11 23:37 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3885816777-3093962409-1163485944-1000UA.job
2014-05-20 11:07 - 2009-07-14 05:45 - 00017600 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-20 11:07 - 2009-07-14 05:45 - 00017600 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-20 11:05 - 2011-10-13 22:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-20 11:03 - 2011-08-11 19:04 - 01531580 _____ () C:\windows\WindowsUpdate.log
2014-05-20 10:59 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-20 10:59 - 2009-07-14 05:51 - 00191568 _____ () C:\windows\setupact.log
2014-05-19 23:09 - 2011-08-11 23:37 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3885816777-3093962409-1163485944-1000Core.job
2014-05-19 20:04 - 2011-08-13 16:54 - 00269676 _____ () C:\windows\PFRO.log
2014-05-19 20:03 - 2010-02-03 14:52 - 00000000 ____D () C:\windows\Panther
2014-05-19 19:26 - 2014-05-19 19:25 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 19:23 - 2014-05-19 19:23 - 00000844 _____ () C:\Users\Craig\Desktop\JRT.txt
2014-05-19 19:15 - 2014-05-19 19:15 - 01016261 _____ (Thisisu) C:\Users\Craig\Downloads\JRT (1).exe
2014-05-19 19:15 - 2014-05-19 19:15 - 00000000 ____D () C:\windows\ERUNT
2014-05-19 19:13 - 2014-05-19 18:54 - 00000000 ____D () C:\AdwCleaner
2014-05-19 18:59 - 2014-05-19 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-19 18:59 - 2014-05-19 18:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 18:59 - 2014-05-19 18:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-19 18:58 - 2014-05-19 18:57 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Craig\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 18:57 - 2014-05-19 18:57 - 01016261 _____ (Thisisu) C:\Users\Craig\Downloads\JRT.exe
2014-05-15 09:44 - 2014-05-15 09:44 - 17938608 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-15 00:10 - 2010-07-13 22:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-13 22:26 - 2014-05-13 22:24 - 33075523 _____ () C:\Users\Craig\Downloads\House Master Boyz and The Rude Boy Of House - House Nation.zip
2014-05-13 18:19 - 2014-05-13 18:06 - 306964711 _____ () C:\Users\Craig\Downloads\game.of.thrones.s04e06.hdtv.x264-killers.mp4
2014-05-09 23:04 - 2011-08-11 23:37 - 00003878 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3885816777-3093962409-1163485944-1000UA
2014-05-09 23:04 - 2011-08-11 23:37 - 00003482 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3885816777-3093962409-1163485944-1000Core
2014-05-06 18:26 - 2014-05-06 18:12 - 268321140 _____ () C:\Users\Craig\Downloads\the.blacklist.121.hdtv-lol.mp4
2014-05-06 15:04 - 2014-05-06 14:49 - 357405429 _____ () C:\Users\Craig\Downloads\game.of.thrones.s04e05.hdtv.x264-killers.mp4
2014-05-02 06:05 - 2012-04-30 17:38 - 00000000 ____D () C:\Users\Craig\AppData\Roaming\uTorrent
2014-05-02 00:02 - 2014-01-22 14:59 - 00000000 ____D () C:\Users\Craig\Downloads\Family.Guy.Season.1-9.XviD.DVDRip.720p.HDTV.Extras-ArenaBG
2014-05-01 13:26 - 2014-05-01 13:25 - 00000000 ____D () C:\Users\Craig\Desktop\New folder
2014-05-01 13:26 - 2011-08-20 22:51 - 00000000 ____D () C:\Users\Craig\Desktop\Films
2014-04-29 21:22 - 2013-11-14 10:57 - 00000000 ____D () C:\Users\Craig\AppData\Roaming\vlc
2014-04-29 21:03 - 2014-04-29 19:59 - 1463774840 _____ () C:\Users\Craig\Downloads\Django.1966.BRRip.x264-KeN.mkv
2014-04-29 20:52 - 2014-04-25 23:23 - 00001233 _____ () C:\Users\Craig\Videos\Documents\1.axp
2014-04-29 20:51 - 2014-04-29 20:51 - 00000000 ____D () C:\Users\Craig\Videos\Documents\CDs
2014-04-29 15:24 - 2014-04-29 14:51 - 733929472 _____ () C:\Users\Craig\Downloads\Hangover.avi
2014-04-29 14:10 - 2014-04-29 13:46 - 00000000 ____D () C:\Users\Craig\Downloads\Programmes
2014-04-29 13:14 - 2014-04-29 12:37 - 00000000 ____D () C:\Users\Craig\Downloads\Tickets
2014-04-29 10:28 - 2009-07-14 06:13 - 00726316 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-27 14:10 - 2014-04-27 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-27 14:10 - 2012-09-27 16:15 - 00000975 _____ () C:\Users\Public\Desktop\AVG 2013.lnk
2014-04-27 14:03 - 2012-09-27 16:15 - 00050464 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx64.sys
2014-04-25 23:02 - 2014-04-25 23:02 - 00001955 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-04-25 23:02 - 2014-04-25 23:02 - 00001913 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-04-25 23:02 - 2014-04-25 23:02 - 00000000 ____D () C:\Users\Craig\AppData\Roaming\Canneverbe Limited
2014-04-25 23:02 - 2014-04-25 23:02 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-04-25 23:02 - 2014-04-25 23:02 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
 
Some content of TEMP:
====================
C:\Users\Craig\AppData\Local\Temp\avguidx.dll
C:\Users\Craig\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Craig\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Craig\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Craig\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Craig\AppData\Local\Temp\oi_{3A5C55A0-3495-4A37-82D8-1559F0A09F1F}.exe
C:\Users\Craig\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Craig\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Craig\AppData\Local\Temp\uttAFA9.tmp.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-05-19 22:24
 
==================== End Of Log ============================
Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014

Ran by Craig at 2014-05-20 11:18:57

Running from C:\Users\Craig\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

 

==================== Installed Programs ======================

 

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.0 - BitTorrent Inc.)

Ableton Live 9 Suite (HKLM\...\{F6238EAB-3AD7-4B0E-B0AD-E533A93A5C32}) (Version: 9.0.0.0 - Ableton)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)

Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden

Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)

ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0408-0000-0000000FF1CE}_HOMESTUDENTR_{08A4BDB3-7A63-4F59-B9FA-EE80ADE88DC2}) (Version:  - Microsoft)

ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0408-0000-0000000FF1CE}_HOMESTUDENTR_{C52A655D-F8AE-485D-908D-62CEC754B6A4}) (Version:  - Microsoft)

ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0408-0000-0000000FF1CE}_HOMESTUDENTR_{054186C0-F351-472E-84E8-D5E16FA08241}) (Version:  - Microsoft)

Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)

Amazon MP3 Downloader 1.0.9 (HKLM-x32\...\Amazon MP3 Downloader) (Version:  - )

Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{8E90189A-A5D4-4C0E-A908-06C4236F98EE}) (Version: 2.0.10.102 - ArcSoft)

ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version:  - ArcSoft)

ArcSoft Print Creations - Brochures & Flyers (HKLM-x32\...\{01A1A019-E1D8-482A-BE17-5E118D17C0A0}) (Version:  - ArcSoft)

ArcSoft Print Creations - Funhouse (HKLM-x32\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version:  - ArcSoft)

ArcSoft Print Creations - Funhouse II (HKLM-x32\...\{3CE47E6B-AE27-4E40-AC54-329EED96B933}) (Version:  - ArcSoft)

ArcSoft Print Creations - Greeting Card (HKLM-x32\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version:  - ArcSoft)

ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version:  - ArcSoft)

ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version:  - ArcSoft)

ArcSoft Print Creations - Photo Prints (HKLM-x32\...\{95F875CC-1B85-43E6-B3E0-13EA04F3D995}) (Version:  - ArcSoft)

ArcSoft Print Creations - Poster Creator (HKLM-x32\...\{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}) (Version:  - ArcSoft)

ArcSoft Print Creations - Scrapbook (HKLM-x32\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version:  - ArcSoft)

ArcSoft Print Creations - Slimline Card (HKLM-x32\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version:  - ArcSoft)

ArcSoft Print Creations (HKLM-x32\...\{C5D7039E-0803-4FE8-976D-156DE1147E4F}) (Version: 3.0.255.407 - ArcSoft)

ArcSoft WebCam Companion 3 (HKLM-x32\...\{25478065-4CB1-448C-80E4-8C4529017EE3}) (Version: 3.0.32.262 - ArcSoft)

AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3469 - AVG Technologies)

AVG 2013 (Version: 13.0.3469 - AVG Technologies) Hidden

AVG 2013 (Version: 13.0.3722 - AVG Technologies) Hidden

Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)

BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.6.1 - BitTorrent Inc.)

BlackBerry Device Manager 7.0 (HKLM-x32\...\BlackBerry_HandheldManager) (Version: 7.0.0.43 - Research In Motion Ltd.)

BlackBerry Device Manager 7.0 (x32 Version: 7.0.0.43 - Research In Motion Ltd.) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 3.0.912.401 - Micro-Star International Co., Ltd.)

CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)

DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)

Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)

Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)

Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)

iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)

Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Excel MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Proof (Arabic) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Dutch) 2007 (x32 Version: 12.0.4518.1017 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Greek) 2007 (x32 Version: 12.0.4518.1029 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Shared 64-bit MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (Greek) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)

Microsoft Office Word MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)

Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)

Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)

Mozilla Firefox 12.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 en-GB)) (Version: 12.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla)

msi Software Install (HKLM-x32\...\{A840FFFB-3A80-4C24-AB34-BE9F56BEB4CE}) (Version: 3.1000.1005.1101 - Micro-Star International Co., Ltd.)

My O2 (HKLM-x32\...\{5B035501-3F57-4772-B0CA-3D5E613A5D86}) (Version: 2.0.11212 - Telefonica O2)

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)

QuickTime (HKLM-x32\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)

Radio Downloader (HKLM-x32\...\{D7FE649A-E0FA-40C6-974D-555CEA440FFB}) (Version: 0.22.0.0 - NerdoftheHerd.com)

Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5886 - Realtek Semiconductor Corp.)

SoundDownloader (HKLM-x32\...\SoundDownloader_is1) (Version:  - )

Spotify (HKCU\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.2.0 - Synaptics Incorporated)

System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.210.0205.006.06 - Micro-Star International Co., Ltd.)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)

Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)

Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)

Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_HOMESTUDENTR_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version:  - Microsoft)

Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_HOMESTUDENTR_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version:  - Microsoft)

Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_HOMESTUDENTR_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version:  - Microsoft)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

VirtualDJ Home FREE (HKLM-x32\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)

Windows Driver Package - ENE (EUCR) USB  (12/04/2009 5.89.0.64) (HKLM\...\7F973C87231D745EBF31E772CC38BB9B185D3819) (Version: 12/04/2009 5.89.0.64 - ENE)

WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

ZTE_1.2059.0.8 (HKLM-x32\...\ZTE_1.2059.0.8) (Version:  - )

 

==================== Restore Points  =========================

 

08-05-2014 16:21:32 Scheduled Checkpoint

14-05-2014 23:08:52 Windows Update

 

==================== Hosts content: ==========================

 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {33E83907-7FBA-44D0-9BF7-44EB371DD010} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3885816777-3093962409-1163485944-1000Core => C:\Users\Craig\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-11] (Google Inc.)

Task: {9432E7E4-6C0F-4AA4-8FDE-91CF616442E0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {A671B22D-19D0-41A4-ABE4-4D67EBCA1E72} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3885816777-3093962409-1163485944-1000UA => C:\Users\Craig\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-11] (Google Inc.)

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3885816777-3093962409-1163485944-1000Core.job => C:\Users\Craig\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3885816777-3093962409-1163485944-1000UA.job => C:\Users\Craig\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-11-15 01:48 - 2013-11-15 01:48 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2011-11-19 18:07 - 2011-11-19 18:07 - 00070568 _____ () C:\Program Files (x86)\Radio Downloader\BBCProvider.dll

2011-11-19 18:07 - 2011-11-19 18:07 - 00032680 _____ () C:\Program Files (x86)\Radio Downloader\PodcastProvider.dll

2013-11-15 01:49 - 2013-11-15 01:49 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

2014-05-17 00:12 - 2014-05-08 00:29 - 00065352 _____ () C:\Users\Craig\AppData\Local\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll

2014-05-17 00:12 - 2014-05-08 00:29 - 00674632 _____ () C:\Users\Craig\AppData\Local\Google\Chrome\Application\34.0.1847.137\libglesv2.dll

2014-05-17 00:12 - 2014-05-08 00:29 - 00093000 _____ () C:\Users\Craig\AppData\Local\Google\Chrome\Application\34.0.1847.137\libegl.dll

2014-05-17 00:12 - 2014-05-08 00:29 - 04081480 _____ () C:\Users\Craig\AppData\Local\Google\Chrome\Application\34.0.1847.137\pdf.dll

2014-05-17 00:12 - 2014-05-08 00:29 - 00390472 _____ () C:\Users\Craig\AppData\Local\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll

2014-05-17 00:12 - 2014-05-08 00:29 - 01647432 _____ () C:\Users\Craig\AppData\Local\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll

2013-01-09 16:16 - 2013-01-09 16:16 - 00170496 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d89f0252d910d617de1de783a812f840\IsdiInterop.ni.dll

2010-07-13 22:40 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2014-05-17 00:12 - 2014-05-08 00:29 - 13695816 _____ () C:\Users\Craig\AppData\Local\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"

 

==================== EXE Association (whitelisted) =============

 

 

==================== Disabled items from MSCONFIG ==============

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (05/19/2014 10:27:11 PM) (Source: SideBySide) (EventID: 63) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

 

Error: (05/19/2014 10:26:19 PM) (Source: SideBySide) (EventID: 63) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

 

Error: (05/19/2014 09:08:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 666155

 

Error: (05/19/2014 09:08:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 666155

 

Error: (05/19/2014 09:08:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (05/19/2014 09:08:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 665047

 

Error: (05/19/2014 09:08:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 665047

 

Error: (05/19/2014 09:08:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (05/19/2014 09:08:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 664049

 

Error: (05/19/2014 09:08:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 664049

 

 

System errors:

=============

Error: (05/20/2014 10:59:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The vToolbarUpdater18.1.0 service failed to start due to the following error: 

%%2

 

Error: (05/20/2014 03:06:10 AM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: The ScRegSetValueExW call failed for FailureActions with the following error: 

%%5

 

Error: (05/19/2014 08:04:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The vToolbarUpdater18.1.0 service failed to start due to the following error: 

%%2

 

Error: (05/19/2014 08:03:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Windows Time service terminated with the following error: 

%%1115

 

Error: (05/19/2014 08:02:41 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: The ScRegSetValueExW call failed for FailureActions with the following error: 

%%5

 

Error: (05/19/2014 07:25:11 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

 

 

Microsoft Office Sessions:

=========================

 

==================== Memory info =========================== 

 

Percentage of memory in use: 58%

Total physical RAM: 2926.03 MB

Available physical RAM: 1200.44 MB

Total Pagefile: 5850.2 MB

Available Pagefile: 3515.64 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB

 

==================== Drives ================================

 

Drive c: (OS_Install) (Fixed) (Total:172.79 GB) (Free:17.83 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive d: (Data) (Fixed) (Total:110.2 GB) (Free:48.71 GB) NTFS

Drive w: (BIOS_RVY) (Fixed) (Total:15 GB) (Free:5.84 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: BF6B5165)

Partition 1: (Not Active) - (Size=15 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=27)

Partition 3: (Not Active) - (Size=173 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=110 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

  • Staff

Hello SpacePirate

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo

Link to post
Share on other sites

Hi gringo. thanks for your time.

 

From Adwcleaner

 

# AdwCleaner v3.210 - Report created 22/05/2014 at 21:51:07
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Home Premium  (64 bits)
# Username : Craig - CRAIG-MSI
# Running from : C:\Users\Craig\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16476
 
 
-\\ Mozilla Firefox v12.0 (en-GB)
 
[ File : C:\Users\Craig\AppData\Roaming\Mozilla\Firefox\Profiles\5c0xrqs9.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [8590 octets] - [19/05/2014 18:54:57]
AdwCleaner[s0].txt - [861 octets] - [22/05/2014 21:51:07]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [920 octets] ##########
 
I ran this the other day aswell before i found this forum
Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x64

Ran by Craig on 22/05/2014 at 21:59:17.92

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 22/05/2014 at 22:05:26.34

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

Still get redirected on icefilms website but website i'm redirected to has now changed from lpcloudbox329.com to lpmxp2.com

Link to post
Share on other sites

  • Staff

Hello vaticraig

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

1. Close any open browsers or any other programs that are open.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.