Jump to content

Unable to clean, MB reporting IP address blocked


Lui

Recommended Posts

Malwarebytes continues to report via pop-up "IP addresses successfully blocked"

Ran the Scan with Farbar Recovery Scan Tool.  Here is the result:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-10-2014 02
Ran by FS (administrator) on POS2 on 15-10-2014 15:42:57
Running from C:\Documents and Settings\FS\Desktop
Loaded Profile: FS (Available profiles: FS & Administrator)
Platform: Microsoft Windows XP Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(Acronis) C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
( ) C:\WINDOWS\system32\DKabcoms.exe
(Dell Inc.) C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
(Seagate Technology LLC) C:\Program Files\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe
(SafeNet Inc.) C:\WINDOWS\system32\hasplms.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Dell Inc.) C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Sonic Solutions) C:\WINDOWS\system32\DLA\DLACTRLW.EXE
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Dell Inc.) C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
(Acronis) C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Dell) C:\Program Files\Dell\Dell Laser MFP 1600n\NetworkScan\DNSCST.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
(Dell, Inc.) C:\Program Files\Dell\Printer Software\ErrorApp\DKab1err.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Farbar) C:\Documents and Settings\FS\Desktop\Farbar Recovery Scan Tool.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [soundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2004-10-14] (Analog Devices, Inc.)
HKLM\...\Run: [DLA] => C:\WINDOWS\System32\DLA\DLACTRLW.EXE [122940 2005-09-08] (Sonic Solutions)
HKLM\...\Run: [iSUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [iSUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [DLPSP] => c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE [126976 2004-07-13] (Dell Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe [149024 2007-04-20] (Acronis)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [413696 2008-12-23] (Apple Inc.)
HKLM\...\Run: [AdobeCS4ServiceManager] => C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2009-12-02] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [Adobe_ID0ENQBO] => C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [DellNSCST] => C:\Program Files\DELL\Dell Laser MFP 1600n\NetworkScan\DNSCST.exe [278528 2006-02-20] (Dell)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXRCV] => C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [15360 2008-04-13] (Microsoft Corporation)
HKLM\...\Run: [NetworkUpdater] => C:\WINDOWS\Installer\{342F8456-AD96-4FAF-9C97-74E4E9B95CB8}\msiexec.exe
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse]  <==== ATTENTION!
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\Run: [DKab1err] => C:\Program Files\Dell\Printer Software\ErrorApp\DKab1err.exe [573440 2008-09-08] (Dell, Inc.)
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\MountPoints2: {3b0aa962-d639-11e3-bfb3-00188b01ef55} - cmd /c start "" "CACHE-19204730\comd.sys"
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\MountPoints2: {3f9d3d89-cce0-11e0-bd41-00188b01ef55} - cmd /c start "" "CACHE-19204730\comd.sys"
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\MountPoints2: {641d6f9c-822c-11e0-bcf1-00188b01ef55} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\MountPoints2: {9b22c18e-d628-11db-98e0-00188b01ef55} - G:\setupSNK.exe
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\MountPoints2: {a62edc30-6371-11e3-bf59-00188b01ef55} - G:\Install.exe
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\MountPoints2: {a80ad0f1-87bb-11dc-999b-00188b01ef55} - G:\LaunchU3.exe -a
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\MountPoints2: {af0e27c5-36a9-11db-982d-00188b01ef55} - setupSNK.exe
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\MountPoints2: {e4f17746-d5ee-11de-bb25-00188b01ef55} - cmd /c start "" "CACHE-19204730\comd.sys"
HKU\S-1-5-21-656921764-300099879-723482828-1006\...\MountPoints2: {fcd9d4c9-cef7-11e3-bfaf-00188b01ef55} - cmd /c start "" "CACHE-19204730\comd.sys"
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://support.fastsigns.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
SearchScopes: HKCU - DefaultScope {4C44AFE1-83FF-40A6-9614-BF11F53C30E3} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {4C44AFE1-83FF-40A6-9614-BF11F53C30E3} URL = https://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\BAE\BAE.dll (Dell Inc.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -  No File
Toolbar: HKCU - &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {63F5866B-A7C5-40B4-9A89-0CCA99726C8D} https://secure.logmeinrescue.com/Customer/x86/RescueDownloader.cab
DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} http://www.photodex.com/pxplay.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Documents and Settings\FS\Application Data\Mozilla\Firefox\Profiles\zki0tkl6.default
FF Homepage: hxxp://support.fastsigns.com/
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-02-02]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe [411168 2007-04-20] (Acronis)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2006-08-28] (Adobe Systems) [File not signed]
S4 Adobe Version Cue CS2; c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-04] (Adobe Systems Incorporated) [File not signed]
S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [288112 2009-12-03] (Adobe Systems Incorporated)
S3 aspnet_state; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [32768 2004-07-15] (Microsoft Corporation) [File not signed]
R2 dkab_device; C:\WINDOWS\system32\DKabcoms.exe [586992 2008-07-01] ( )
R2 DLPWD; c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE [90112 2004-03-12] (Dell Inc.) [File not signed]
R2 DLSDB; c:\program files\dell printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE [135168 2004-03-12] (Dell Inc.) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2012-02-22] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [130944 2011-04-24] (SEIKO EPSON CORPORATION)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2011-10-03] (Sun Microsystems, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 aksfridge; C:\WINDOWS\System32\DRIVERS\aksfridge.sys [376200 2013-08-01] (SafeNet Inc.)
S3 akshasp; C:\WINDOWS\System32\DRIVERS\akshasp.sys [244040 2013-08-01] (SafeNet Inc.)
S3 akshhl; C:\WINDOWS\System32\DRIVERS\akshhl.sys [53192 2013-08-01] (SafeNet Inc.)
S3 aksusb; C:\WINDOWS\System32\DRIVERS\aksusb.sys [296200 2013-08-01] (SafeNet Inc.)
R2 DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [25628 2005-09-08] (Sonic Solutions) [File not signed]
R1 DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [5628 2005-08-25] (Sonic Solutions) [File not signed]
R2 DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2496 2005-09-08] (Sonic Solutions) [File not signed]
R2 DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [86524 2005-09-08] (Sonic Solutions) [File not signed]
R2 DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [14684 2005-09-08] (Sonic Solutions) [File not signed]
R2 DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [6364 2005-09-08] (Sonic Solutions) [File not signed]
R1 DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [22684 2005-08-25] (Sonic Solutions) [File not signed]
R2 DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [94332 2005-09-08] (Sonic Solutions) [File not signed]
R2 DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [87036 2005-09-08] (Sonic Solutions) [File not signed]
R0 DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [89264 2005-09-12] (Sonic Solutions) [File not signed]
R2 DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [40544 2005-08-12] (Sonic Solutions) [File not signed]
R2 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2006-08-28] (Aladdin Knowledge Systems) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 mkusb; C:\WINDOWS\System32\Drivers\mkusb.sys [93824 2003-06-12] (Mimaki Engineering Co., Ltd.) [File not signed]
S3 NPF; C:\WINDOWS\System32\drivers\NPF.sys [50704 2014-10-13] (CACE Technologies, Inc.)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20576 2005-01-26] (Sonic Solutions) [File not signed]
U4 avg8emc; No ImagePath
U4 avg8wd; No ImagePath
U4 NOD32krn; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 TMUSB; C:\WINDOWS\System32\DRIVERS\TMUSBXP.SYS [49408 2012-12-05] (Seiko Epson Corporation)
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-15 15:42 - 2014-10-15 15:44 - 00017696 _____ () C:\Documents and Settings\FS\Desktop\FRST.txt
2014-10-15 15:42 - 2014-10-15 15:43 - 00000000 ____D () C:\FRST
2014-10-15 15:38 - 2014-10-15 15:31 - 01102848 _____ (Farbar) C:\Documents and Settings\FS\Desktop\Farbar Recovery Scan Tool.exe
2014-10-15 11:33 - 2014-10-15 11:33 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-10-15 11:13 - 2014-10-15 11:13 - 00003420 _____ () C:\Documents and Settings\FS\My Documents\cc_20141015_111309.reg
2014-10-15 09:55 - 2014-10-15 09:55 - 00000000 __SHD () C:\found.000
2014-10-15 09:31 - 2014-10-15 09:31 - 00005000 _____ () C:\WINDOWS\KB2834904-v2.log
2014-10-15 09:31 - 2014-10-15 09:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-10-15 09:27 - 2014-10-15 09:27 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-10-15 09:26 - 2014-10-15 09:27 - 00307534 _____ () C:\WINDOWS\msxml4-KB954430-enu.LOG
2014-10-15 09:26 - 2014-10-15 09:26 - 00006168 _____ () C:\WINDOWS\KB954155.log
2014-10-15 09:26 - 2014-10-15 09:26 - 00006130 _____ () C:\WINDOWS\KB978695.log
2014-10-15 09:26 - 2014-10-15 09:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-10-15 09:26 - 2014-10-15 09:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954155_WM9$
2014-10-15 09:17 - 2014-10-15 09:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-10-15 09:16 - 2014-10-15 09:16 - 00031725 _____ () C:\WINDOWS\KB2914368.log
2014-10-15 09:16 - 2014-10-15 09:16 - 00031708 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-10-15 09:16 - 2014-10-15 09:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-10-15 09:16 - 2014-10-15 09:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-10-15 09:16 - 2014-10-15 09:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-10-15 09:16 - 2014-10-15 09:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-10-15 09:16 - 2014-10-15 09:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-10-15 09:16 - 2014-10-15 09:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-10-15 09:15 - 2014-10-15 09:15 - 00030871 _____ () C:\WINDOWS\KB2862335.log
2014-10-15 09:15 - 2014-10-15 09:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-10-15 09:15 - 2014-10-15 09:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-10-15 09:15 - 2014-10-15 09:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-10-15 09:15 - 2014-10-15 09:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-10-15 09:15 - 2014-10-15 09:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-10-15 09:15 - 2014-10-15 09:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-10-15 09:14 - 2014-10-15 09:14 - 00032164 _____ () C:\WINDOWS\KB2868038.log
2014-10-15 09:14 - 2014-10-15 09:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-10-15 09:14 - 2014-10-15 09:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-10-15 09:14 - 2014-10-15 09:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-10-15 09:14 - 2014-10-15 09:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-10-15 09:13 - 2014-10-15 09:13 - 00028385 _____ () C:\WINDOWS\KB2834886.log
2014-10-15 09:13 - 2014-10-15 09:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-10-15 09:13 - 2014-10-15 09:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-10-15 09:13 - 2014-10-15 09:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-10-15 09:13 - 2014-10-15 09:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-10-15 09:13 - 2014-10-15 09:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-10-15 09:12 - 2014-10-15 09:13 - 00031578 _____ () C:\WINDOWS\KB2807986.log
2014-10-15 09:12 - 2014-10-15 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-10-15 09:12 - 2014-10-15 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-10-15 09:12 - 2014-10-15 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-10-15 09:12 - 2014-10-15 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-10-15 09:12 - 2014-10-15 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-10-15 09:12 - 2014-10-15 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-10-15 09:11 - 2014-10-15 09:11 - 00031525 _____ () C:\WINDOWS\KB2698365.log
2014-10-15 09:11 - 2014-10-15 09:11 - 00030390 _____ () C:\WINDOWS\KB2723135-v2.log
2014-10-15 09:11 - 2014-10-15 09:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-10-15 09:11 - 2014-10-15 09:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-10-15 09:11 - 2014-10-15 09:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-10-15 09:11 - 2014-10-15 09:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-10-15 09:11 - 2014-10-15 09:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-10-15 09:11 - 2014-10-15 09:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-10-15 09:10 - 2014-10-15 09:10 - 00029572 _____ () C:\WINDOWS\KB2686509.log
2014-10-15 09:10 - 2014-10-15 09:10 - 00026623 _____ () C:\WINDOWS\KB2659262.log
2014-10-15 09:10 - 2014-10-15 09:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-10-15 09:10 - 2014-10-15 09:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-10-15 09:10 - 2014-10-15 09:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-10-15 09:09 - 2014-10-15 09:09 - 00027962 _____ () C:\WINDOWS\KB2661637.log
2014-10-15 09:09 - 2014-10-15 09:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-10-15 09:09 - 2014-10-15 09:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-10-15 09:09 - 2014-10-15 09:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-10-15 09:09 - 2014-10-15 09:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-10-15 09:08 - 2014-10-15 09:09 - 00027371 _____ () C:\WINDOWS\KB2603381.log
2014-10-15 09:08 - 2014-10-15 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-10-15 09:08 - 2014-10-15 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-10-15 09:08 - 2014-10-15 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619339$
2014-10-15 09:08 - 2014-10-15 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-10-15 09:08 - 2014-10-15 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-10-15 09:08 - 2014-10-15 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-10-15 09:08 - 2014-10-15 09:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-10-15 09:07 - 2014-10-15 09:07 - 00026389 _____ () C:\WINDOWS\KB2536276-v2.log
2014-10-15 09:07 - 2014-10-15 09:07 - 00026188 _____ () C:\WINDOWS\KB2566454.log
2014-10-15 09:07 - 2014-10-15 09:07 - 00026170 _____ () C:\WINDOWS\KB2592799.log
2014-10-15 09:07 - 2014-10-15 09:07 - 00025869 _____ () C:\WINDOWS\KB2570947.log
2014-10-15 09:07 - 2014-10-15 09:07 - 00025378 _____ () C:\WINDOWS\KB2535512.log
2014-10-15 09:07 - 2014-10-15 09:07 - 00022065 _____ () C:\WINDOWS\KB2564958.log
2014-10-15 09:07 - 2014-10-15 09:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-10-15 09:07 - 2014-10-15 09:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-10-15 09:07 - 2014-10-15 09:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-10-15 09:07 - 2014-10-15 09:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-10-15 09:07 - 2014-10-15 09:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-10-15 09:07 - 2014-10-15 09:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-10-15 09:07 - 2014-10-15 09:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-10-15 09:06 - 2014-10-15 09:06 - 00024089 _____ () C:\WINDOWS\KB2510531-IE8.log
2014-10-15 09:06 - 2014-10-15 09:06 - 00022893 _____ () C:\WINDOWS\KB2485663.log
2014-10-15 09:06 - 2014-10-15 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-10-15 09:06 - 2014-10-15 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-10-15 09:06 - 2014-10-15 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-10-15 09:06 - 2014-10-15 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2491683$
2014-10-15 09:06 - 2014-10-15 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-10-15 09:06 - 2014-10-15 09:06 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-10-15 09:05 - 2014-10-15 09:05 - 00025186 _____ () C:\WINDOWS\KB2393802.log
2014-10-15 09:05 - 2014-10-15 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-10-15 09:05 - 2014-10-15 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2479943$
2014-10-15 09:05 - 2014-10-15 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-10-15 09:05 - 2014-10-15 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-10-15 09:04 - 2014-10-15 09:04 - 00015220 _____ () C:\WINDOWS\KB2423089.log
2014-10-15 09:04 - 2014-10-15 09:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-10-15 09:04 - 2014-10-15 09:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-10-15 09:04 - 2014-10-15 09:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-10-15 09:04 - 2014-10-15 09:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-10-15 09:04 - 2014-10-15 09:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-10-15 09:04 - 2014-10-15 09:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-10-15 09:03 - 2014-10-15 09:03 - 00016299 _____ () C:\WINDOWS\KB2387149.log
2014-10-15 09:03 - 2014-10-15 09:03 - 00012667 _____ () C:\WINDOWS\KB2296011.log
2014-10-15 09:03 - 2014-10-15 09:03 - 00010973 _____ () C:\WINDOWS\KB2378111.log
2014-10-15 09:03 - 2014-10-15 09:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-10-15 09:03 - 2014-10-15 09:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-10-15 09:03 - 2014-10-15 09:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-10-15 09:02 - 2014-10-15 09:02 - 00012589 _____ () C:\WINDOWS\KB2229593.log
2014-10-15 09:02 - 2014-10-15 09:02 - 00012383 _____ () C:\WINDOWS\KB981997.log
2014-10-15 09:02 - 2014-10-15 09:02 - 00009540 _____ () C:\WINDOWS\KB975558.log
2014-10-15 09:02 - 2014-10-15 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-10-15 09:02 - 2014-10-15 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-10-15 09:02 - 2014-10-15 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-10-15 09:02 - 2014-10-15 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-10-15 09:02 - 2014-10-15 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-10-15 09:02 - 2014-10-15 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2014-10-15 09:02 - 2014-10-15 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2014-10-15 09:01 - 2014-10-15 09:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2014-10-15 09:01 - 2014-10-15 09:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2014-10-15 09:01 - 2014-10-15 09:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2014-10-15 09:01 - 2014-10-15 09:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2014-10-15 09:01 - 2014-10-15 09:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2014-10-15 09:01 - 2014-10-15 09:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2014-10-15 09:01 - 2014-10-15 09:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977816$
2014-10-15 09:00 - 2014-10-15 09:00 - 00013718 _____ () C:\WINDOWS\KB973904.log
2014-10-15 09:00 - 2014-10-15 09:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2014-10-15 09:00 - 2014-10-15 09:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-10-15 09:00 - 2014-10-15 09:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-10-15 09:00 - 2014-10-15 09:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2014-10-15 09:00 - 2014-10-15 09:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973904$
2014-10-15 09:00 - 2014-10-15 09:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2014-10-15 08:59 - 2014-10-15 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975025$
2014-10-15 08:59 - 2014-10-15 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974571$
2014-10-15 08:59 - 2014-10-15 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-10-15 08:59 - 2014-10-15 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969059$
2014-10-15 08:58 - 2014-10-15 09:17 - 00041177 _____ () C:\WINDOWS\KB2922229.log
2014-10-15 08:58 - 2014-10-15 09:16 - 00041770 _____ () C:\WINDOWS\KB2930275.log
2014-10-15 08:58 - 2014-10-15 09:16 - 00041579 _____ () C:\WINDOWS\KB2916036.log
2014-10-15 08:58 - 2014-10-15 09:16 - 00040997 _____ () C:\WINDOWS\KB2893294.log
2014-10-15 08:58 - 2014-10-15 09:16 - 00040667 _____ () C:\WINDOWS\KB2892075.log
2014-10-15 08:58 - 2014-10-15 09:16 - 00040666 _____ () C:\WINDOWS\KB2929961.log
2014-10-15 08:58 - 2014-10-15 09:15 - 00041532 _____ () C:\WINDOWS\KB2898715.log
2014-10-15 08:58 - 2013-11-27 15:21 - 00040960 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndproxy.sys
2014-10-15 08:57 - 2014-10-15 09:15 - 00041046 _____ () C:\WINDOWS\KB2862152.log
2014-10-15 08:57 - 2014-10-15 09:15 - 00041006 _____ () C:\WINDOWS\KB2868626.log
2014-10-15 08:57 - 2014-10-15 09:15 - 00039913 _____ () C:\WINDOWS\KB2876331.log
2014-10-15 08:57 - 2014-10-15 09:14 - 00039418 _____ () C:\WINDOWS\KB2847311.log
2014-10-15 08:57 - 2014-10-15 09:14 - 00038998 _____ () C:\WINDOWS\KB2876217.log
2014-10-15 08:57 - 2014-10-15 09:14 - 00038925 _____ () C:\WINDOWS\KB2864063.log
2014-10-15 08:57 - 2013-08-08 19:55 - 00144128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-10-15 08:57 - 2013-08-08 19:55 - 00032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2014-10-15 08:57 - 2013-08-08 19:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-10-15 08:57 - 2013-07-16 19:58 - 00060160 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-10-15 08:57 - 2013-07-02 21:12 - 00025088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-10-15 08:57 - 2013-07-02 20:59 - 00014976 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2014-10-15 08:57 - 2009-03-18 06:02 - 00030336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-10-15 08:56 - 2014-10-15 09:14 - 00039940 _____ () C:\WINDOWS\KB2859537.log
2014-10-15 08:56 - 2014-10-15 09:13 - 00041508 _____ () C:\WINDOWS\KB2813345.log
2014-10-15 08:56 - 2014-10-15 09:13 - 00040860 _____ () C:\WINDOWS\KB2820917.log
2014-10-15 08:56 - 2014-10-15 09:13 - 00038391 _____ () C:\WINDOWS\KB2850869.log
2014-10-15 08:56 - 2014-10-15 09:12 - 00040166 _____ () C:\WINDOWS\KB2780091.log
2014-10-15 08:56 - 2014-10-15 09:12 - 00040111 _____ () C:\WINDOWS\KB2802968.log
2014-10-15 08:55 - 2014-10-15 09:12 - 00040512 _____ () C:\WINDOWS\KB2757638.log
2014-10-15 08:55 - 2014-10-15 09:12 - 00039605 _____ () C:\WINDOWS\KB2727528.log
2014-10-15 08:55 - 2014-10-15 09:12 - 00039431 _____ () C:\WINDOWS\KB2705219-v2.log
2014-10-15 08:55 - 2014-10-15 09:11 - 00038113 _____ () C:\WINDOWS\KB2719985.log
2014-10-15 08:55 - 2014-10-15 09:11 - 00037938 _____ () C:\WINDOWS\KB2712808.log
2014-10-15 08:55 - 2014-10-15 09:11 - 00037501 _____ () C:\WINDOWS\KB2655992.log
2014-10-15 08:54 - 2014-10-15 09:11 - 00038723 _____ () C:\WINDOWS\KB2691442.log
2014-10-15 08:54 - 2014-10-15 09:10 - 00041733 _____ () C:\WINDOWS\KB2676562.log
2014-10-15 08:54 - 2014-10-15 09:09 - 00037760 _____ () C:\WINDOWS\KB2653956.log
2014-10-15 08:53 - 2014-10-15 09:09 - 00036920 _____ () C:\WINDOWS\KB2598479.log
2014-10-15 08:53 - 2014-10-15 09:08 - 00036328 _____ () C:\WINDOWS\KB2585542.log
2014-10-15 08:53 - 2014-10-15 09:08 - 00035438 _____ () C:\WINDOWS\KB2544893-v2.log
2014-10-15 08:53 - 2014-10-15 09:08 - 00035132 _____ () C:\WINDOWS\KB2619339.log
2014-10-15 08:53 - 2014-10-15 09:08 - 00034969 _____ () C:\WINDOWS\KB2584146.log
2014-10-15 08:53 - 2014-10-15 09:08 - 00034431 _____ () C:\WINDOWS\KB2620712.log
2014-10-15 08:53 - 2014-10-15 09:08 - 00034133 _____ () C:\WINDOWS\KB2631813.log
2014-10-15 08:52 - 2014-10-15 09:07 - 00033601 _____ () C:\WINDOWS\KB2507938.log
2014-10-15 08:52 - 2014-10-15 09:07 - 00033440 _____ () C:\WINDOWS\KB2509553.log
2014-10-15 08:52 - 2014-10-15 09:06 - 00031380 _____ () C:\WINDOWS\KB2481109.log
2014-10-15 08:52 - 2014-10-15 09:06 - 00031247 _____ () C:\WINDOWS\KB2508429.log
2014-10-15 08:52 - 2014-10-15 09:06 - 00031111 _____ () C:\WINDOWS\KB2506212.log
2014-10-15 08:52 - 2014-10-15 09:06 - 00031056 _____ () C:\WINDOWS\KB2491683.log
2014-10-15 08:52 - 2014-10-15 09:05 - 00030448 _____ () C:\WINDOWS\KB2479943.log
2014-10-15 08:51 - 2014-10-15 09:05 - 00031272 _____ () C:\WINDOWS\KB2483185.log
2014-10-15 08:51 - 2014-10-15 09:04 - 00030115 _____ () C:\WINDOWS\KB2419632.log
2014-10-15 08:51 - 2014-10-15 09:04 - 00029508 _____ () C:\WINDOWS\KB2478971.log
2014-10-15 08:51 - 2014-10-15 09:04 - 00023234 _____ () C:\WINDOWS\KB2443105.log
2014-10-15 08:51 - 2014-10-15 09:04 - 00022193 _____ () C:\WINDOWS\KB982132.log
2014-10-15 08:50 - 2014-10-15 09:03 - 00021840 _____ () C:\WINDOWS\KB979687.log
2014-10-15 08:50 - 2014-10-15 09:02 - 00020444 _____ () C:\WINDOWS\KB2115168.log
2014-10-15 08:50 - 2014-10-15 09:02 - 00020241 _____ () C:\WINDOWS\KB982665.log
2014-10-15 08:50 - 2014-10-15 09:01 - 00020393 _____ () C:\WINDOWS\KB979482.log
2014-10-15 08:50 - 2014-10-15 09:01 - 00020143 _____ () C:\WINDOWS\KB978338.log
2014-10-15 08:50 - 2014-10-15 09:01 - 00019741 _____ () C:\WINDOWS\KB978542.log
2014-10-15 08:50 - 2014-10-15 09:01 - 00019706 _____ () C:\WINDOWS\KB979309.log
2014-10-15 08:50 - 2010-06-14 09:31 - 00744448 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helpsvc.exe
2014-10-15 08:49 - 2014-10-15 09:01 - 00021471 _____ () C:\WINDOWS\KB977914.log
2014-10-15 08:49 - 2014-10-15 09:01 - 00020809 _____ () C:\WINDOWS\KB978706.log
2014-10-15 08:49 - 2014-10-15 09:01 - 00019853 _____ () C:\WINDOWS\KB977816.log
2014-10-15 08:49 - 2014-10-15 09:00 - 00021280 _____ () C:\WINDOWS\KB975713.log
2014-10-15 08:49 - 2014-10-15 09:00 - 00019823 _____ () C:\WINDOWS\KB974392.log
2014-10-15 08:48 - 2014-10-15 09:00 - 00020425 _____ () C:\WINDOWS\KB974318.log
2014-10-15 08:48 - 2014-10-15 09:00 - 00018068 _____ () C:\WINDOWS\KB969059.log
2014-10-15 08:48 - 2014-10-15 08:59 - 00019746 _____ () C:\WINDOWS\KB974571.log
2014-10-15 08:48 - 2014-10-15 08:59 - 00018668 _____ () C:\WINDOWS\KB975025.log
2014-10-15 08:48 - 2014-10-15 08:59 - 00018147 _____ () C:\WINDOWS\KB974112.log
2014-10-15 08:42 - 2014-10-15 08:42 - 00000187 _____ () C:\WINDOWS\spupdsvc.log.1.log
2014-10-15 08:38 - 2014-10-15 08:38 - 00019904 _____ () C:\WINDOWS\KB956844.log
2014-10-15 08:38 - 2014-10-15 08:38 - 00019403 _____ () C:\WINDOWS\KB973869.log
2014-10-15 08:38 - 2014-10-15 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-10-15 08:38 - 2014-10-15 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973815$
2014-10-15 08:38 - 2014-10-15 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973507$
2014-10-15 08:38 - 2014-10-15 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971657$
2014-10-15 08:38 - 2014-10-15 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960859$
2014-10-15 08:38 - 2014-10-15 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB959426$
2014-10-15 08:38 - 2014-10-15 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956844$
2014-10-15 08:37 - 2014-10-15 08:37 - 00020839 _____ () C:\WINDOWS\KB956572.log
2014-10-15 08:37 - 2014-10-15 08:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960803$
2014-10-15 08:37 - 2014-10-15 08:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956572$
2014-10-15 08:37 - 2014-10-15 08:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952004$
2014-10-15 08:36 - 2014-10-15 09:16 - 00024651 _____ () C:\WINDOWS\updspapi.log
2014-10-15 08:36 - 2014-10-15 08:37 - 00014991 _____ () C:\WINDOWS\KB923561.log
2014-10-15 08:36 - 2014-10-15 08:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923561$
2014-10-15 08:35 - 2014-10-15 09:15 - 00037588 _____ () C:\WINDOWS\setupapi.log
2014-10-15 08:35 - 2014-10-15 08:36 - 00011721 _____ () C:\WINDOWS\WgaNotify.log
2014-10-15 08:34 - 2014-10-15 08:38 - 00027918 _____ () C:\WINDOWS\KB960859.log
2014-10-15 08:34 - 2014-10-15 08:38 - 00027772 _____ () C:\WINDOWS\KB973815.log
2014-10-15 08:34 - 2014-10-15 08:38 - 00027127 _____ () C:\WINDOWS\KB971657.log
2014-10-15 08:34 - 2014-10-15 08:38 - 00027102 _____ () C:\WINDOWS\KB973507.log
2014-10-15 08:34 - 2014-10-15 08:38 - 00026845 _____ () C:\WINDOWS\KB960803.log
2014-10-15 08:34 - 2014-10-15 08:38 - 00026829 _____ () C:\WINDOWS\KB959426.log
2014-10-15 08:34 - 2014-10-15 08:37 - 00027480 _____ () C:\WINDOWS\KB952004.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00760279 _____ () C:\WINDOWS\iis6.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00702090 _____ () C:\WINDOWS\FaxSetup.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00336984 _____ () C:\WINDOWS\ocgen.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00321594 _____ () C:\WINDOWS\tsoc.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00232117 _____ () C:\WINDOWS\comsetup.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00214634 _____ () C:\WINDOWS\msmqinst.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00140907 _____ () C:\WINDOWS\ntdtcsetup.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00123462 _____ () C:\WINDOWS\netfxocm.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00048450 _____ () C:\WINDOWS\MedCtrOC.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00038988 _____ () C:\WINDOWS\ocmsn.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00035454 _____ () C:\WINDOWS\tabletoc.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00035226 _____ () C:\WINDOWS\msgsocm.log
2014-10-15 08:31 - 2014-10-15 09:31 - 00001393 _____ () C:\WINDOWS\imsins.log
2014-10-15 08:31 - 2014-10-15 09:26 - 00001393 _____ () C:\WINDOWS\imsins.BAK
2014-10-15 08:31 - 2014-10-15 09:19 - 00003602 _____ () C:\WINDOWS\spupdsvc.log
2014-10-15 08:31 - 2014-10-15 09:03 - 00001236 _____ () C:\WINDOWS\wmsetup.log
2014-10-15 08:31 - 2014-10-15 08:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-10-15 08:31 - 2014-10-15 08:31 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-10-15 08:31 - 2014-10-15 08:31 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-10-15 08:17 - 2014-10-15 09:21 - 03144208 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-14 17:44 - 2014-10-14 17:44 - 00004158 _____ () C:\Documents and Settings\FS\My Documents\cc_20141014_174442.reg
2014-10-14 17:39 - 2014-10-14 12:37 - 123802352 _____ (Microsoft Corporation) C:\Documents and Settings\FS\Desktop\msert.exe
2014-10-14 16:07 - 2014-10-14 17:19 - 05646387 _____ () C:\Documents and Settings\FS\Desktop\whisk me away.ai
2014-10-13 16:48 - 2014-10-13 17:10 - 00217715 _____ () C:\Documents and Settings\FS\Desktop\52082.ai
2014-10-13 15:50 - 2014-10-13 15:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2014-10-13 14:21 - 2014-10-13 14:22 - 00000000 ____D () C:\Documents and Settings\FS\Desktop\Courtyard
2014-10-13 12:59 - 2014-10-15 13:27 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-10-13 12:43 - 2014-10-13 12:43 - 00281104 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\wpcap.dll
2014-10-13 12:43 - 2014-10-13 12:43 - 00100880 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\Packet.dll
2014-10-13 12:43 - 2014-10-13 12:43 - 00050704 _____ (CACE Technologies, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2014-10-13 12:41 - 2014-10-13 17:17 - 00000000 ____D () C:\Documents and Settings\FS\Application Data\Koewsy
2014-10-13 12:41 - 2014-10-13 13:05 - 00000000 ____D () C:\Documents and Settings\FS\Application Data\Nozeeq
2014-10-10 15:28 - 2014-10-10 15:28 - 00041984 ___SH () C:\Documents and Settings\FS\My Documents\Thumbs.db
2014-10-10 10:54 - 2014-10-10 10:54 - 00000000 ____D () C:\Documents and Settings\FS\Desktop\Logo Sign
2014-09-26 09:59 - 2014-10-10 12:02 - 00080384 ___SH () C:\Documents and Settings\FS\Desktop\Thumbs.db
2014-09-24 10:58 - 2014-10-13 16:32 - 00000000 ____D () C:\Documents and Settings\FS\Desktop\Working Files
2014-09-23 19:55 - 2014-09-23 19:55 - 00026560 _____ () C:\Documents and Settings\FS\My Documents\TEBBEN LOGO
2014-09-18 12:20 - 2014-10-14 13:34 - 00000000 ____D () C:\Documents and Settings\FS\Desktop\Estimates
2014-09-17 20:31 - 2014-10-10 14:16 - 00001416 _____ () C:\WINDOWS\system32\LexFiles.usr
2014-09-17 19:51 - 2014-10-01 13:42 - 00000000 ____D () C:\Documents and Settings\FS\Desktop\Desktop POS 2 files

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-15 15:49 - 2006-08-28 09:47 - 00000000 ____D () C:\Documents and Settings\FS\Local Settings\Temp
2014-10-15 11:33 - 2014-09-11 18:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-15 11:19 - 2004-08-11 17:07 - 00445630 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-15 11:17 - 2006-12-15 19:13 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2014-10-15 11:17 - 2004-08-11 17:13 - 01725174 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-15 11:16 - 2004-08-11 17:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-10-15 11:15 - 2004-08-11 17:20 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-15 11:15 - 2004-08-11 17:09 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-10-15 11:15 - 2004-08-11 17:09 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-10-15 11:14 - 2004-08-11 17:20 - 00032610 _____ () C:\WINDOWS\SchedLgU.Txt
2014-10-15 11:13 - 2006-08-28 09:47 - 00000178 ___SH () C:\Documents and Settings\FS\ntuser.ini
2014-10-15 11:05 - 2004-08-11 17:13 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
2014-10-15 09:12 - 2006-08-23 07:06 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-10-15 09:04 - 2004-08-11 17:12 - 00000000 ____D () C:\Program Files\Outlook Express
2014-10-15 09:02 - 2004-08-11 17:12 - 00000000 ____D () C:\Program Files\Movie Maker
2014-10-15 08:44 - 2004-08-11 17:15 - 00001507 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-10-14 17:48 - 2013-04-01 16:27 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-10-14 17:48 - 2010-11-22 10:51 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt
2014-10-14 17:48 - 2006-08-28 09:47 - 00000000 ____D () C:\Documents and Settings\FS
2014-10-13 18:26 - 2006-08-28 16:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Mimaki FineCut6 for Illustrator
2014-10-13 18:21 - 2011-04-25 17:57 - 00000000 ____D () C:\Program Files\Epson America Inc
2014-10-13 18:21 - 2006-08-23 07:10 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-13 18:20 - 2006-08-28 16:47 - 00000000 ____D () C:\Onyx Graphics
2014-10-13 18:19 - 2007-10-19 13:42 - 00000000 ____D () C:\Program Files\ONYX Profile Download Client
2014-10-13 18:19 - 2006-08-28 16:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Onyx Graphics
2014-10-13 17:17 - 2007-01-02 16:50 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-10-13 16:41 - 2006-08-28 09:47 - 00001599 _____ () C:\Documents and Settings\FS\Start Menu\Programs\Remote Assistance.lnk
2014-10-10 15:28 - 2011-04-26 12:44 - 00000000 ____D () C:\Documents and Settings\FS\My Documents\PowerDriver IQ 4880
2014-10-10 15:28 - 2010-06-29 18:34 - 00000000 ____D () C:\Documents and Settings\FS\My Documents\SMS v8.60 Installation
2014-10-10 15:27 - 2004-08-11 17:00 - 00000788 _____ () C:\WINDOWS\win.ini
2014-10-07 09:22 - 2006-08-28 17:27 - 00000000 ____D () C:\Documents and Settings\FS\Local Settings\Application Data\Adobe
2014-10-06 17:32 - 2009-04-29 16:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\FLEXnet
2014-09-23 13:06 - 2010-11-22 10:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-09-22 10:57 - 2014-09-12 12:26 - 00000715 _____ () C:\Documents and Settings\FS\Desktop\Cyrious SMS.lnk
2014-09-17 20:20 - 2006-08-23 06:54 - 00000000 ____D () C:\dell
2014-09-17 20:11 - 2012-06-05 18:15 - 00017057 ____C () C:\WINDOWS\system32\LexFiles.ulf

Some content of TEMP:
====================
C:\Documents and Settings\FS\Local Settings\Temp\i4jdel0.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-10-2014 02
Ran by FS at 2014-10-15 15:49:33
Running from C:\Documents and Settings\FS\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 3.1.1 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.5.5 - Adobe Systems) Hidden
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS4 (Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (HKLM\...\{B74D4E10-6884-0000-0000-000000000103}) (Version: 001.000.004 - Adobe Systems)
Adobe Bridge CS4 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Common File Installer (Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Creative Suite 2 (HKLM\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version:  - )
Adobe Creative Suite 4 Design Premium (HKLM\...\Adobe_55230b0b70661df0f212e88f0b655f7) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Design Premium (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Fonts All (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe GoLive CS2 (Version: 8.0.1 - Adobe Systems) Hidden
Adobe Help Center 1.0 (Version: 001.000.000 - Adobe Systems) Hidden
Adobe Illustrator CS2 (Version: 12.000.000 - Adobe Systems Inc.) Hidden
Adobe Illustrator CS4 (Version: 14.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS2 (Version: 004.000.000 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Application Feature Set Files (Roman) (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Common Base Files (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Photoshop CS4 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Search for Help (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe SGM CS4 (Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe SING CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos 1.0 (Version: 1.0.8 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Adobe Type Support CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS2 (Version: 2.0.1 - Adobe Systems, Inc.) Hidden
Adobe Version Cue CS4 Server (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (Version: 2.0 - Adobe Systems Incorporated) Hidden
Bad Wrap (HKLM\...\Bad Wrap 102008) (Version: 102008 - Name of your company)
Bonjour (HKLM\...\{2A981294-F14C-4F0F-9627-D793270922F8}) (Version: 2.0.4.0 - Apple Inc.)
Broadcom Advanced Control Suite (HKLM\...\{058B32E2-6310-4359-B2D4-1988390C3B83}) (Version: 8.20.01 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Connect (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Cyrious SMS Version 8.6 (HKLM\...\{1C51B778-AB70-4C9E-A705-B1E0C2382E78}) (Version: 8.60 - )
Dell Laser MFP 1600n Software Uninstall (HKLM\...\Dell Laser MFP 1600n) (Version:  - )
Dell Printer Software (HKLM\...\{105F3CE5-FE55-408E-BF30-E78F85BA0B12}) (Version: 1.00.000 - )
Dell Printer Software Uninstall (HKLM\...\Dell_HostCD) (Version:  - Dell, Inc.)
Epson Connect (HKLM\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version:  - )
Epson Event Manager (HKLM\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)
EPSON LFP Remote Panel (HKLM\...\{4FD1C84E-F387-4609-A31F-4117F88B6600}) (Version:  - )
EPSON LFP Remote Panel 2 (HKLM\...\{0E4A0AE2-C0B8-43A3-8A66-73E5B50F576F}) (Version:  - )
Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SC-S50600 Series Comm Driver Printer Uninstall (HKLM\...\EPSON SC-S50600 Series Comm Driver) (Version:  - SEIKO EPSON Corporation)
EPSON WP-4540 Series Printer Uninstall (HKLM\...\EPSON WP-4540 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Config V2 (HKLM\...\{221DBED3-CAF7-4D16-B968-76B66430868A}) (Version: 2.2b - SEIKO EPSON CORPORATION)
EpsonNet Config V4 (HKLM\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet SDK for Windows (HKLM\...\{57E43A88-5936-11D7-AB30-0050DA8CDA09}) (Version: 1.00.020 - EPSON)
GoToAssist Corporate (HKLM\...\GoToAssist) (Version: 9.0.0.570 - Citrix Online, a division of Citrix Systems, Inc.)
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4396 - )
J2SE Runtime Environment 5.0 Update 11 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150110}) (Version: 1.5.0.110 - Sun Microsystems, Inc.)
J2SE Runtime Environment 5.0 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150060}) (Version: 1.5.0.60 - Sun Microsystems, Inc.)
J2SE Runtime Environment 5.0 Update 9 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150090}) (Version: 1.5.0.90 - Sun Microsystems, Inc.)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java 6 Update 2 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.)
Java 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216011FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
Java 6 Update 3 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160030}) (Version: 1.6.0.30 - Sun Microsystems, Inc.)
Java 6 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
Java 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Java SE Runtime Environment 6 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
kuler (Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MR-3D Designer DEMO v12 (HKLM\...\MR3DDV1225_is1) (Version: 12.2.5 - MR Möbes & Ratajczak OHG)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
PDF Settings CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden
PowerDVD 5.7 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
QuickTime (HKLM\...\{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) (Version: 7.60.92.0 - Apple Inc.)
Roxio DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 5.2.0 - Roxio)
Roxio Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Roxio)
Roxio RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.4 - Roxio)
Roxio RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.4 - Roxio)
Roxio RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.4 - Roxio)
Seagate Drive Settings Installer (HKLM\...\InstallShield_{91DDF870-EE18-44D8-9D93-F4C122B80908}) (Version: 1.00.0000 - Seagate Technologies LLC)
Seagate Drive Settings Installer (Version: 1.00.0000 - Seagate Technologies LLC) Hidden
Search Assist (HKLM\...\{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}) (Version: 1.00.0000 - Dell)
Software Updater (HKLM\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Suite Specific (Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
URL Assistant (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )
WD Diagnostics (HKLM\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.5.0530.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version:  - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinZip (HKLM\...\WinZip) (Version:  9.0  (6028) - WinZip Computing, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-11 17:00 - 2014-10-13 12:54 - 00012304 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 msnfix.changelog.fr
127.0.0.1 www.incodesolutions.com
127.0.0.1 virusinfo.prevx.com
127.0.0.1 download.bleepingcomputer.com
127.0.0.1 www.dazhizhu.cn
127.0.0.1 foro.noticias3d.com
127.0.0.1 www.nabble.com
127.0.0.1 lurker.clamav.net
127.0.0.1 lexikon.ikarus.at
127.0.0.1 research.sunbelt-software.com
127.0.0.1 www.virusdoctor.jp
127.0.0.1 www.elitepvpers.de
127.0.0.1 guru.avg.com
127.0.0.1 www.superuser.co.kr
127.0.0.1 ntfaq.co.kr
127.0.0.1 v.dreamwiz.com
127.0.0.1 cit.kookmin.ac.kr
127.0.0.1 forums.whatthetech.com
127.0.0.1 forum.hijackthis.de
127.0.0.1 avg.vo.llnwd.net
127.0.0.1 www.huaifai.go.th
127.0.0.1 www.mostz.com
127.0.0.1 www.krupunmai.com
127.0.0.1 www.cddchiangmai.net
127.0.0.1 forum.malekal.com
127.0.0.1 tech.pantip.com
127.0.0.1 sapcupgrades.com
127.0.0.1 www.247fixes.com
127.0.0.1 forum.sysinternals.com

There are 368 more lines.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Loaded Modules (whitelisted) =============

2013-02-20 16:40 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
2013-02-20 16:40 - 2009-02-27 16:32 - 00020480 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal => "ctfmon.exe"="ctfmon.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network => "ctfmon.exe"="ctfmon.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ntrexeservice => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup
MSCONFIG\startupreg: Adobe Version Cue CS2 => "c:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
MSCONFIG\startupreg: cctray => "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
MSCONFIG\startupreg: DVDLauncher => "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: NBJ => "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\WINDOWS\system32\NeroCheck.exe

========================= Accounts: ==========================

ADMIN only (S-1-5-21-656921764-300099879-723482828-1005 - Administrator - Enabled)
Administrator (S-1-5-21-656921764-300099879-723482828-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
FS (S-1-5-21-656921764-300099879-723482828-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\FS
Guest (S-1-5-21-656921764-300099879-723482828-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-656921764-300099879-723482828-1004 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-656921764-300099879-723482828-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/15/2014 10:17:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 1.75.0.1, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00036822.
Processing media-specific event for [mbam.exe!ws!]

Error: (10/15/2014 08:20:11 AM) (Source: Application Error) (EventID: 1004) (User: )
Description: Faulting application spoolsv.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x0123856a.
Error in creating result PEAP-TLV in response to received PEAP-TLV (spoolsv.exe!ld!)

Error: (10/14/2014 07:48:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application spoolsv.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x0123856a.
Processing media-specific event for [spoolsv.exe!ws!]

System errors:
=============
Error: (10/15/2014 03:51:22 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort1

Error: (10/15/2014 03:48:08 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort1

Error: (10/15/2014 03:47:55 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort1

Error: (10/15/2014 03:45:30 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort1

Error: (10/15/2014 03:42:08 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort1

Error: (10/15/2014 03:38:52 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort1

Error: (10/15/2014 03:28:58 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort1

Error: (10/15/2014 03:26:58 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort1

Error: (10/15/2014 03:24:55 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort1

Error: (10/15/2014 03:22:58 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort1

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor:  Intel® Pentium® D CPU 3.60GHz
Percentage of memory in use: 66%
Total physical RAM: 3061.96 MB
Available physical RAM: 1021 MB
Total Pagefile: 4952.32 MB
Available Pagefile: 3006.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1952.74 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.96 GB) (Free:40.58 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:149.01 GB) (Free:129.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 41AB2316)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 00000081)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

FRST.txt

Addition.txt

Link to post
Share on other sites

Hello Lui, welcome to Malwarebytes' Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. xsmile.png.pagespeed.ic.CwSpBGGvqN.png
 
General P2P/Piracy Notice: 
 

If you are using Peer to Peer (P2P) filesharing software such as uTorrent, BitTorrent or similar you must either fully uninstall or completely disable the programme(s) from running whilst receiving assistance at this forum. 
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked/keygen or similar software on the computer, please remove/uninstall the software now and read the policy on Piracy. Failure to do so will also result in your topic being closed.

 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODEQUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
  • Please backup important documents before proceeding with my instructions.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
  • Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.
  • Ensure you are following this topic. Click xetYzdbu.png.pagespeed.ic.U7AjmRUewW.png at the top of the page. 
     

======================================================
 
Please consider the following warning, and let me know how you wish to proceed.
 

goGMWSt.gifBACKDOOR WARNING

------------------------------

One or more of the identified infections is known to use a backdoor, that allows attackers to remotely control your computer, download/execute files and steal critical system, financial and personal information.

Please disconnect your computer from the internet immediately. If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should immediately change all account information (including those used for banking, email, eBay, paypal, online forums, etc). Consider these accounts already compromised.

If you have used a router, you will need to reset it with a strong logon/password to ensure the malware cannot gain control before connecting again. Banking and credit card institutions should be notified of the possible security breach immediately. Please read the following for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Whilst the identified infection(s) can be removed, there is no way to guarantee that your computer will be trustworthy again. This is due to the nature of the infection, which allows the attacker complete control over the computer. Many experts in the security community believe that once infected with this type of malware, the best course of action is to reformat the hard drive and reinstall the Operating System. Please read the following articles for more information.

Please let me know how you wish to proceed, and if you have any questions.
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.