Jump to content

Deja Vu need help AGAIN with PUM issues

Timelord

By Timelord
in Resolved Malware Removal Logs

 Share

Recommended Posts

Timelord

Timelord

Posted
Posted

After I went through 4 pages of help with the wonderful Mr. Charlie it was finally decided that a fresh install would be best. I took a break and did the fresh install. Being more educated and cautious I changed the way I did things. GUESS WHAT! Didn't matter because now I am right back to the start. I used my old thread as a guideline for the order of things so I have logs ready to go. Any assistance as always greatly appreciated:

 

​Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-10-2014 01
Ran by Timelord (administrator) on TARDIS on 10-10-2014 03:38:43
Running from C:\Users\Timelord\Desktop\tools
Loaded Profile: Timelord (Available profiles: Timelord)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
() C:\Users\Timelord\Desktop\RogueKillerX64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5589704 2014-07-18] (ESET)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-01-26] (Alcor Micro Corp.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-08] (Synaptics Incorporated)
HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-23] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1383894978-2467561526-2943314973-1000\...\Run: [sandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1383894978-2467561526-2943314973-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-18\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default
FF DefaultSearchEngine: Startpage HTTPS
FF SelectedSearchEngine: Startpage HTTPS
FF Homepage: https://startpage.com/eng/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/RhapsodyPlayerEngine,version=1.0 -> C:\Program Files (x86)\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0-pre3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @real.com/RhapsodyPlayerEngine -> C:\Users\Timelord\AppData\Roaming\nprhapengine.dll No File
FF SearchPlugin: C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\searchplugins\startpage-https.xml
FF Extension: Click&Clean - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\clickclean@hotcleaner.com [2014-09-08]
FF Extension: HTTPS-Everywhere - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\https-everywhere@eff.org [2014-09-14]
FF Extension: BlackFox V2 - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\zigboom@hotmail.com [2014-09-25]
FF Extension: DownloadHelper - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-12]
FF Extension: Flash and Video Download - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-09-19]
FF Extension: Disconnect - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\2.0@disconnect.me.xpi [2014-09-07]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-09-07]
FF Extension: 1-Click Dailymotion Video Downloader - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi [2014-09-11]
FF Extension: Ghostery - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\firefox@ghostery.com.xpi [2014-09-07]
FF Extension: FlashDisable - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\jid0-bbA9VAawX3LMWDu668aUDrpQVXU@jetpack.xpi [2014-09-11]
FF Extension: Random Agent Spoofer - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\jid1-AVgCeF1zoVzMjA@jetpack.xpi [2014-09-11]
FF Extension: NO Google Analytics - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi [2014-09-07]
FF Extension: YouTube ALL HTML5 - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2014-09-11]
FF Extension: Youtube MP3 Downloader using youtube-mp3.org - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\jid1-xKH0EoS44u1a2w@jetpack.xpi [2014-09-11]
FF Extension: Redirect Cleaner - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\redirectcleaner@example.net.xpi [2014-09-07]
FF Extension: The Addon Bar (restored) - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2014-09-11]
FF Extension: VLC Youtube Shortcut - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\vlc_shortcut@kosan.kosan.xpi [2014-09-11]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-09-11]
FF Extension: Clean Links - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2}.xpi [2014-09-07]
FF Extension: FlashGot - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-09-11]
FF Extension: Black Youtube Theme - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi [2014-09-07]
FF Extension: Bluhell Firewall - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-09-07]
FF Extension: Download Status Bar - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2014-09-11]
FF Extension: NoScript - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-09-07]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-09-11]
FF Extension: Adblock Plus - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-07]
FF Extension: BetterPrivacy - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-09-07]
FF Extension: Disable Anti-Adblock - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2014-09-07]
FF Extension: DownThemAll! - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-09-11]
FF Extension: Google Privacy - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2014-09-07]
FF Extension: WorldIP - C:\Users\Timelord\AppData\Roaming\Mozilla\Firefox\Profiles\yofu0qn5.default\Extensions\{f36c6cd1-da73-491d-b290-8fc9115bfa55}.xpi [2014-09-07]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-09-03] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1347016 2014-07-18] (ESET)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-10-10] (SurfRight B.V.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-07-18] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-07-18] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-07-18] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2014-07-18] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2014-07-18] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-07-18] (ESET)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2014-10-10] ()
S3 VBoxDrv; \??\C:\Program Files\Oracle\VirtualBox\VBoxDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 03:38 - 2014-10-10 03:38 - 00000000 ____D () C:\FRST
2014-10-10 03:37 - 2014-10-10 03:38 - 00000000 ____D () C:\Users\Timelord\Desktop\tools
2014-10-10 03:29 - 2014-10-10 03:29 - 00709564 _____ () C:\Users\Timelord\Desktop\delfix_10.8.exe
2014-10-10 02:28 - 2014-10-10 02:28 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-10 02:28 - 2014-10-10 02:28 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-10 02:16 - 2014-10-10 02:16 - 00000022 _____ () C:\Windows\S.dirmngr
2014-10-10 02:11 - 2014-10-10 02:11 - 00000314 _____ () C:\Windows\PFRO.log
2014-10-10 02:08 - 2014-10-10 02:08 - 00000255 _____ () C:\Users\Timelord\Desktop\revo lution.txt
2014-10-10 02:00 - 2014-10-10 02:21 - 00000000 ____D () C:\AdwCleaner
2014-10-10 01:31 - 2014-10-10 01:32 - 75904920 _____ (Adobe Systems Incorporated) C:\Users\Timelord\Desktop\AdbeRdr11009_en_US.exe
2014-10-10 01:04 - 2014-10-10 01:12 - 00001901 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-10-10 01:04 - 2014-10-10 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-10-10 01:03 - 2014-10-10 01:04 - 00000000 ____D () C:\Program Files\HitmanPro
2014-10-10 01:01 - 2014-10-10 02:10 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-09 23:51 - 2014-10-09 23:51 - 11194928 _____ (SurfRight B.V.) C:\Users\Timelord\Desktop\HitmanPro_x64.exe
2014-10-09 23:24 - 2014-10-09 23:24 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Timelord\Desktop\tdsskiller.exe
2014-10-09 23:23 - 2014-10-09 23:23 - 05582481 _____ (Swearware) C:\Users\Timelord\Desktop\ComboFix.exe
2014-10-09 23:22 - 2014-10-09 23:22 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Timelord\Desktop\rkill.exe
2014-10-09 23:19 - 2014-10-09 23:18 - 02737592 _____ (Malwarebytes ) C:\Users\Timelord\Desktop\mbae-setup-1.04.1.1012.exe
2014-10-09 23:15 - 2014-10-09 23:15 - 01375089 _____ () C:\Users\Timelord\Desktop\adwcleaner_3.311.exe
2014-10-09 23:14 - 2014-10-09 23:13 - 00401920 _____ (Farbar) C:\Users\Timelord\Desktop\MiniToolBox.exe
2014-10-09 22:57 - 2014-10-10 00:58 - 00000000 ____D () C:\Users\Timelord\Desktop\Guitar Pro songbook
2014-10-09 22:37 - 2014-10-09 22:38 - 18482776 _____ () C:\Users\Timelord\Desktop\RogueKillerX64.exe
2014-10-09 21:47 - 2014-10-09 21:47 - 00060824 _____ () C:\Users\Timelord\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-09 21:31 - 2014-10-10 02:11 - 00000280 _____ () C:\Windows\setupact.log
2014-10-09 21:31 - 2014-10-09 21:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-09 21:30 - 2014-10-09 21:42 - 00272008 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-09 17:05 - 2014-10-09 17:05 - 00000030 _____ () C:\Users\Timelord\Desktop\lemonade.txt
2014-10-09 02:49 - 2014-10-09 02:49 - 00000000 ____D () C:\Users\Timelord\AppData\Local\{BBCA3606-899E-4F98-9BD1-2E4DDB5EBA65}
2014-10-09 02:49 - 2014-10-09 02:49 - 00000000 ____D () C:\Users\Timelord\AppData\Local\{2B3C3CB1-7C8A-4E1E-AC2B-B4F322C4CCD1}
2014-10-09 02:32 - 2014-10-10 02:47 - 00000000 ____D () C:\Users\Timelord\Desktop\American Nightmare
2014-10-08 22:29 - 2014-10-08 23:54 - 00000000 ____D () C:\Users\Timelord\Desktop\Home Movies
2014-10-08 18:39 - 2014-10-08 18:39 - 00007625 _____ () C:\Users\Timelord\AppData\Local\Resmon.ResmonCfg
2014-10-07 14:06 - 2014-10-07 14:06 - 00000958 _____ () C:\Users\Timelord\Desktop\gooey.txt
2014-10-07 13:36 - 2014-10-07 13:37 - 00000000 ____D () C:\Users\Timelord\AppData\Roaming\.kde
2014-10-07 13:32 - 2014-10-07 13:32 - 00000000 ____D () C:\Users\Timelord\AppData\Local\{CD6F7E45-4F81-4BE5-9CD5-DDE513902933}
2014-10-07 13:04 - 2014-10-07 13:27 - 00000000 ____D () C:\Users\Timelord\Desktop\tarman
2014-10-07 12:32 - 2014-10-07 12:32 - 00000000 ____D () C:\Users\Timelord\AppData\Local\{0123C65F-D006-4004-AB88-CE8A5643D7F1}
2014-10-07 12:31 - 2014-10-07 12:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-10-05 17:13 - 2014-10-05 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5
2014-10-05 17:12 - 2014-10-05 17:12 - 00000000 ____D () C:\Program Files (x86)\Guitar Pro 5
2014-10-05 16:44 - 2014-10-10 02:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-05 16:44 - 2014-10-05 16:44 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-05 16:44 - 2014-10-05 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-05 16:44 - 2014-10-05 16:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-05 16:44 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-05 16:44 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-05 16:44 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-03 21:31 - 2014-10-03 21:31 - 00001080 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2014-10-03 21:31 - 2014-10-03 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-10-03 21:31 - 2014-10-03 21:31 - 00000000 ____D () C:\Program Files\Oracle
2014-10-03 21:31 - 2014-09-09 17:29 - 00910920 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-10-03 21:31 - 2014-09-09 17:27 - 00129168 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-10-03 21:19 - 2014-10-03 21:22 - 110671648 _____ (Oracle Corporation) C:\Users\Timelord\Desktop\VirtualBox-4.3.16-95972-Win.exe
2014-10-03 20:19 - 2014-10-03 20:19 - 00000000 ____D () C:\Users\Timelord\VirtualBox VMs
2014-10-03 20:17 - 2014-10-03 21:34 - 00000000 ____D () C:\Users\Timelord\.VirtualBox
2014-10-02 19:50 - 2014-10-02 19:50 - 00001415 _____ () C:\Users\Timelord\Desktop\fenn.txt
2014-10-01 07:08 - 2014-09-24 21:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 07:08 - 2014-09-24 20:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 06:57 - 2014-10-09 02:49 - 00000000 ____D () C:\Users\Timelord\AppData\Local\Windows Live
2014-10-01 06:55 - 2014-10-01 06:57 - 00000000 ____D () C:\Users\Timelord\AppData\Local\{B45BF3A4-3DE7-4E47-B484-971894892E14}
2014-09-30 16:51 - 2014-09-30 16:51 - 00000045 _____ () C:\Users\Timelord\Desktop\bbaddy.txt
2014-09-30 01:31 - 2014-09-30 01:31 - 00000000 ____D () C:\Users\Timelord\AppData\Roaming\SanDisk
2014-09-27 18:41 - 2014-10-05 03:05 - 00000547 _____ () C:\Windows\cdplayer.ini
2014-09-27 18:29 - 2014-09-27 18:29 - 00000957 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Rhapsody.lnk
2014-09-27 18:29 - 2014-09-27 18:29 - 00000951 _____ () C:\Users\Public\Desktop\Rhapsody.lnk
2014-09-27 18:28 - 2014-09-27 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhapsody
2014-09-27 18:28 - 2014-09-27 18:29 - 00000000 ____D () C:\Program Files (x86)\Rhapsody
2014-09-27 16:00 - 2014-09-30 18:22 - 00000000 ____D () C:\Users\Timelord\Desktop\rhapsody-1.0.2.165
2014-09-25 04:40 - 2014-09-25 04:40 - 00002974 _____ () C:\Windows\System32\Tasks\{CA179B95-E120-472F-B237-2A8DEB060768}
2014-09-25 02:40 - 2014-09-25 02:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 00:39 - 2014-09-25 00:39 - 00000000 ____D () C:\Users\Timelord\AppData\Roaming\Real
2014-09-23 17:16 - 2014-09-09 17:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 17:16 - 2014-09-09 16:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 17:12 - 2014-09-23 17:12 - 00001196 _____ () C:\Users\Timelord\AppData\Local\recently-used.xbel
2014-09-23 14:48 - 2014-09-23 15:32 - 00000000 ____D () C:\Users\Timelord\AppData\Local\gtk-2.0
2014-09-21 13:32 - 2014-07-23 18:22 - 109574432 _____ (Oracle Corporation) C:\Users\Timelord\Desktop\VirtualBox-4.3.12-93733-Win.exe
2014-09-21 13:28 - 2014-09-21 13:28 - 00000000 ____D () C:\Users\Timelord\Desktop\Peerblock Lists
2014-09-21 13:24 - 2014-09-21 13:25 - 00000000 ____D () C:\Users\Timelord\Desktop\Holohoax
2014-09-18 21:53 - 2014-09-18 21:54 - 00000000 ____D () C:\Users\Timelord\AppData\Roaming\DivX
2014-09-18 21:53 - 2014-09-18 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-09-18 21:53 - 2014-09-18 21:53 - 00000000 ____D () C:\Program Files\DivX
2014-09-18 21:50 - 2014-09-18 21:54 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-09-18 21:36 - 2014-09-18 21:54 - 00000000 ____D () C:\ProgramData\DivX
2014-09-18 21:28 - 2014-09-18 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-09-18 21:28 - 2014-09-18 21:28 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-09-18 15:34 - 2014-09-18 15:34 - 00003158 _____ () C:\Windows\System32\Tasks\{9C315969-0C8A-46E4-BFDF-5478E2F9893D}
2014-09-17 21:25 - 2014-09-17 21:25 - 02097120 _____ (Mister Group ) C:\Users\Timelord\Desktop\SystemExplorerSetup_594.exe
2014-09-17 15:37 - 2014-09-17 16:23 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-17 15:36 - 2014-09-17 16:24 - 00000000 ____D () C:\Users\Timelord\Desktop\mbar
2014-09-17 15:26 - 2014-09-19 20:39 - 00000000 ____D () C:\Windows\Minidump
2014-09-14 21:48 - 2014-09-27 16:27 - 00000000 ____D () C:\Program Files (x86)\Real
2014-09-13 17:56 - 2014-09-13 17:56 - 00000425 _____ () C:\Users\Timelord\Desktop\videoaudio.txt
2014-09-13 16:33 - 2014-09-13 16:33 - 00204496 _____ (Malwarebytes) C:\Users\Timelord\Desktop\startuplite-setup-1.07.exe
2014-09-13 04:22 - 2014-10-09 15:59 - 00000000 ____D () C:\Users\Timelord\Desktop\Devil's Note
2014-09-13 00:59 - 2014-09-13 00:59 - 00000000 ____H () C:\Users\Timelord\Documents\Default.rdp
2014-09-12 20:36 - 2014-09-12 20:36 - 00000059 _____ () C:\Users\Timelord\Desktop\blah.txt
2014-09-12 15:31 - 2014-10-03 06:11 - 00000000 ____D () C:\Users\Timelord\AppData\Roaming\dvdcss
2014-09-11 23:46 - 2014-09-11 23:46 - 00014932 _____ () C:\Users\Timelord\Desktop\startup3.txt
2014-09-11 23:45 - 2014-09-11 23:45 - 00014932 _____ () C:\Users\Timelord\Desktop\startup2.txt
2014-09-11 23:45 - 2014-09-11 23:45 - 00014932 _____ () C:\Users\Timelord\Desktop\startup.txt
2014-09-11 20:05 - 2014-10-09 19:50 - 00000000 ____D () C:\Program Files\PeerBlock
2014-09-11 20:05 - 2014-10-01 07:51 - 00001998 _____ () C:\Users\Timelord\Desktop\PeerBlock.lnk
2014-09-11 20:01 - 2014-10-09 19:14 - 00000000 ____D () C:\Users\Timelord\AppData\Roaming\vlc
2014-09-11 20:00 - 2014-09-12 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-11 19:59 - 2014-09-11 19:59 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-11 19:25 - 2014-09-12 00:53 - 00000000 ____D () C:\Windows\pss
2014-09-11 19:12 - 2014-09-27 16:51 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-11 19:12 - 2014-09-19 15:18 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-11 03:11 - 2014-09-11 03:11 - 00000000 ____D () C:\ProgramData\InstallShield
2014-09-10 23:37 - 2014-09-10 23:37 - 00000000 ____D () C:\Users\Timelord\Documents\Fax
2014-09-10 23:00 - 2014-09-10 23:00 - 00000000 __SHD () C:\Users\Timelord\AppData\Local\EmieUserList
2014-09-10 23:00 - 2014-09-10 23:00 - 00000000 __SHD () C:\Users\Timelord\AppData\Local\EmieSiteList
2014-09-10 20:36 - 2014-09-10 20:36 - 00000000 ____D () C:\Users\Timelord\AppData\Local\Macromedia
2014-09-10 20:35 - 2014-09-13 03:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 20:35 - 2014-09-12 00:53 - 00000000 ____D () C:\Windows\system32\Macromed

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 03:36 - 2014-09-08 18:18 - 00000000 ____D () C:\Users\Timelord\Desktop\Tools and Utilities
2014-10-10 02:38 - 2009-07-13 23:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-10 02:38 - 2009-07-13 23:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-10 02:25 - 2014-09-07 05:40 - 01819246 _____ () C:\Windows\WindowsUpdate.log
2014-10-10 02:14 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-10 01:43 - 2014-09-07 21:54 - 00003732 _____ () C:\Windows\Sandboxie.ini
2014-10-09 20:08 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-07 15:10 - 2014-09-08 00:12 - 00000000 ____D () C:\Users\Timelord\AppData\Roaming\gnupg
2014-10-03 20:19 - 2014-09-07 13:23 - 00000000 ____D () C:\Users\Timelord
2014-10-03 01:30 - 2014-09-09 01:17 - 00001081 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-10-03 01:30 - 2014-09-09 01:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-10-02 16:27 - 2009-07-14 00:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-02 15:57 - 2014-09-08 01:36 - 00000000 ____D () C:\Users\Timelord\Desktop\Tor Browser
2014-10-01 07:00 - 2014-09-07 05:52 - 00001024 ___RH () C:\Users\Public\Documents\NTILiveUpdateV9.dll
2014-10-01 06:59 - 2014-09-07 05:52 - 00000000 ____D () C:\ProgramData\NTI Launcher
2014-10-01 06:59 - 2014-09-07 05:50 - 00001024 ___RH () C:\Users\Public\Documents\NTIMMV9Acer.dll
2014-10-01 06:55 - 2014-09-07 05:50 - 00001024 ___RH () C:\Users\Public\Documents\NTIMMV9REGET.dll
2014-09-30 01:28 - 2011-07-14 10:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-27 20:45 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-09-27 16:28 - 2014-09-07 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-17 18:34 - 2010-11-20 21:50 - 00000000 ____D () C:\Users\Administrator
2014-09-15 09:06 - 2010-11-20 22:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-13 03:23 - 2014-09-07 13:23 - 00000000 ____D () C:\Users\Timelord\AppData\Local\Adobe
2014-09-13 03:23 - 2011-07-14 11:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-12 00:54 - 2011-07-14 10:56 - 00000000 ____D () C:\Program Files (x86)\AmIcoSingLun
2014-09-12 00:53 - 2014-09-07 05:55 - 00000000 ____D () C:\ProgramData\Temp
2014-09-12 00:53 - 2011-07-14 11:41 - 00000000 ____D () C:\ProgramData\BackupManager
2014-09-12 00:53 - 2011-07-14 11:39 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-12 00:53 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-12 00:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-09-12 00:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-11 22:09 - 2011-07-14 11:29 - 00000000 ____D () C:\Program Files\Acer
2014-09-11 22:09 - 2011-07-14 11:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-09-11 22:04 - 2014-09-07 13:24 - 00000000 ____D () C:\Users\Timelord\AppData\Local\Acer
2014-09-11 22:00 - 2011-07-14 11:28 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-09-11 19:45 - 2007-07-11 20:49 - 00000000 ____D () C:\Windows\Panther
2014-09-11 19:32 - 2011-07-14 11:39 - 00002734 _____ () C:\Windows\System32\Tasks\Adobe ARM
2014-09-11 19:31 - 2011-07-14 11:39 - 00002732 _____ () C:\Windows\System32\Tasks\Adobe Reader Speed Launcher
2014-09-10 21:45 - 2011-07-14 10:58 - 00000000 ____D () C:\ProgramData\WildTangent
2014-09-10 20:18 - 2014-09-07 13:23 - 00000000 ____D () C:\Users\Timelord\AppData\Local\VirtualStore

Some content of TEMP:
====================
C:\Users\Timelord\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-27 17:24

==================== End Of Log ============================

​Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2014 01
Ran by Timelord at 2014-10-10 03:40:15
Running from C:\Users\Timelord\Desktop\tools
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3007 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19480 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.0.19480 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.42.68439 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.42.68439 - Alcor Micro Corp.) Hidden
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
ESET Smart Security (HKLM\...\{83A7ADD8-3F54-470E-9ABA-39F986990D94}) (Version: 8.0.103.0 - ESET, spol s r. o.)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gpg4win (2.2.2) (HKLM-x32\...\GPG4Win) (Version: 2.2.2 - The Gpg4win Project)
Guitar Pro 5.0 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
Oracle VM VirtualBox 4.3.16 (HKLM\...\{D7FAEA32-7CE3-4D9F-9139-F7B87BCC50AF}) (Version: 4.3.16 - Oracle Corporation)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6374 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
Rhapsody (HKLM-x32\...\Rhapsody) (Version:  - )
Rhapsody Player Engine (HKLM-x32\...\{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}) (Version: 1.0.604 - RealNetworks)
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
Skype™ 5.3 (HKLM-x32\...\{5335DADB-34BA-4AE8-A519-648D78498846}) (Version: 5.3.116 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0-pre3 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

04-10-2014 01:15:00 Installed Oracle VM VirtualBox 4.3.12
04-10-2014 02:24:53 Revo Uninstaller Pro's restore point - Oracle VM VirtualBox 4.3.12
04-10-2014 02:31:02 Installed Oracle VM VirtualBox 4.3.16
05-10-2014 20:40:23 Revo Uninstaller Pro's restore point - Malwarebytes Anti-Malware version 2.0.2.1012
05-10-2014 21:29:25 Revo Uninstaller Pro's restore point - Malwarebytes Anti-Malware version 2.0.2.1012
07-10-2014 19:37:19 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {4AEE1687-9AE2-4F0F-8C8E-D35459F93943} - \Acer Registration - Reminder Recall task No Task File <==== ATTENTION
Task: {7E34B673-3AD2-41E0-9320-C2F13DB8085D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {BE59CE40-0017-43DB-AA9B-4DCF2E94D295} - System32\Tasks\{CA179B95-E120-472F-B237-2A8DEB060768} => C:\Program Files (x86)\Best Buy Rhapsody\rhapsody.exe
Task: {C7AC5BD3-61C8-460E-9CC9-54B1D021D24E} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15] (Adobe Systems Incorporated)
Task: {FF24BFFC-3F13-4F08-A706-5C4A27331BF4} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15] (Adobe Systems Incorporated)

==================== Loaded Modules (whitelisted) =============

2011-07-14 11:20 - 2011-03-25 04:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-09-03 06:07 - 2014-09-03 06:07 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2014-10-09 22:37 - 2014-10-09 22:38 - 18482776 _____ () C:\Users\Timelord\Desktop\RogueKillerX64.exe
2011-04-23 20:29 - 2011-04-23 20:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2014-09-03 05:53 - 2014-09-03 05:53 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2014-09-03 05:48 - 2014-09-03 05:48 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2014-09-03 05:41 - 2014-09-03 05:41 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2014-09-03 05:53 - 2014-09-03 05:53 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2014-09-03 05:56 - 2014-09-03 05:56 - 00742400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2011-04-23 20:29 - 2011-04-23 20:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-23 20:29 - 2011-04-23 20:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-09-09 18:52 - 2014-09-09 18:52 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\e39f250f44c042610b447ddce43d1aa2\IsdiInterop.ni.dll
2011-07-14 10:50 - 2010-09-13 20:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-09-25 02:40 - 2014-09-25 02:41 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-10 20:35 - 2014-09-13 03:23 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ WinCinema Manager.lnk => C:\Windows\pss\ WinCinema Manager.lnk.CommonStartup
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1383894978-2467561526-2943314973-500 - Administrator - Disabled)
Guest (S-1-5-21-1383894978-2467561526-2943314973-501 - Limited - Disabled)
Timelord (S-1-5-21-1383894978-2467561526-2943314973-1000 - Administrator - Enabled) => C:\Users\Timelord

==================== Faulty Device Manager Devices =============

Name: Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Description: Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8192Ce
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/10/2014 02:17:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 10:22:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 09:47:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 09:47:23 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/09/2014 09:47:23 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/09/2014 09:47:23 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/09/2014 09:47:23 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (10/09/2014 09:47:22 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/09/2014 09:47:22 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (10/09/2014 09:47:22 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (10/10/2014 02:22:07 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (10/10/2014 02:14:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The WLAN AutoConfig service hung on starting.

Error: (10/09/2014 10:31:21 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application User Notification Service service hung on starting.

Error: (10/09/2014 10:28:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Defender service hung on starting.

Error: (10/09/2014 10:25:03 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (10/09/2014 10:19:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The WLAN AutoConfig service hung on starting.

Error: (10/09/2014 09:51:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (10/09/2014 09:47:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (10/09/2014 09:47:23 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (10/09/2014 09:45:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ESET Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (10/10/2014 02:17:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 10:22:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 09:47:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 09:47:23 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/09/2014 09:47:23 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/09/2014 09:47:23 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/09/2014 09:47:23 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (10/09/2014 09:47:22 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (10/09/2014 09:47:22 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (10/09/2014 09:47:22 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt


==================== Memory info ===========================

Processor: Intel® Celeron® CPU B800 @ 1.50GHz
Percentage of memory in use: 68%
Total physical RAM: 1899.86 MB
Available physical RAM: 595.24 MB
Total Pagefile: 3799.72 MB
Available Pagefile: 1940.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:217.79 GB) (Free:136.71 GB) NTFS
Drive d: (Guitar Pro 5) (CDROM) (Total:0.24 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 619800CF)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=217.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites
Timelord

Timelord

Posted
  • Author
Posted

RK Log:

 

 

RogueKiller V10.0.0.0 (x64) [Oct  7 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Timelord [Administrator]
Mode : Scan -- Date : 10/10/2014  02:58:15

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1383894978-2467561526-2943314973-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1383894978-2467561526-2943314973-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] yofu0qn5.default : user_pref("browser.startup.homepage", "https://startpage.com/eng/"); -> Found

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS543225A7A384 +++++
--- User ---
[MBR] ee24c993f426bac9ab74c5a828d0acd3
[bSP] 881e3dd2699467a6214aca2bc05bae2c : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 31459328 | Size: 100 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 31664128 | Size: 223013 MB
User = LL1 ... OK
User = LL2 ... OK
 

 

Link to post
Share on other sites
  • 1 month later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you.

Thank you and sorry we missed your topic.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.